diff --git a/i18n/ar/basics/vpn-overview.md b/i18n/ar/basics/vpn-overview.md
index f927b4b7..9c8d00c6 100644
--- a/i18n/ar/basics/vpn-overview.md
+++ b/i18n/ar/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recently, some attempts have been made by various organizations to address some
Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
-MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Firstly, a server operated by Apple.
@@ -101,7 +103,7 @@ MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them
This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
-Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### Decentralized VPNs
diff --git a/i18n/ar/desktop-browsers.md b/i18n/ar/desktop-browsers.md
index e54d2e97..4846647c 100644
--- a/i18n/ar/desktop-browsers.md
+++ b/i18n/ar/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave allows you to select additional content filters within the internal `brave
1. Disabling the V8 optimizer reduces your attack surface by disabling [*some*](https://grapheneos.social/@GrapheneOS/112708049232710156) parts of JavaScript Just-In-Time (JIT) compilation.
-
-
Sanitizing on close
-
-- [x] Select **Delete data sites have saved to your device when you close all windows** under *Sites and Shields Settings* → *Content* → *Additional content settings* → *On-device site data*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/ar/email.md b/i18n/ar/email.md
index ea323a90..66eaedb5 100644
--- a/i18n/ar/email.md
+++ b/i18n/ar/email.md
@@ -317,7 +317,6 @@ We regard these features as important in order to provide a safe and optimal ser
- Encrypts email account data at rest with zero-access encryption.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Operates on owned infrastructure, i.e. not built upon third-party email service providers.
**Best Case:**
@@ -328,6 +327,7 @@ We regard these features as important in order to provide a safe and optimal ser
- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
- Availability of the email provider's services via an [onion service](https://en.wikipedia.org/wiki/.onion).
- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Catch-all or alias functionality for those who use their own domains.
- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
diff --git a/i18n/ar/photo-management.md b/i18n/ar/photo-management.md
index d7447180..c6486221 100644
--- a/i18n/ar/photo-management.md
+++ b/i18n/ar/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/ar/tools.md b/i18n/ar/tools.md
index 00e18564..b12a9a87 100644
--- a/i18n/ar/tools.md
+++ b/i18n/ar/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/bn-IN/basics/vpn-overview.md b/i18n/bn-IN/basics/vpn-overview.md
index f927b4b7..9c8d00c6 100644
--- a/i18n/bn-IN/basics/vpn-overview.md
+++ b/i18n/bn-IN/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recently, some attempts have been made by various organizations to address some
Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
-MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Firstly, a server operated by Apple.
@@ -101,7 +103,7 @@ MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them
This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
-Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### Decentralized VPNs
diff --git a/i18n/bn-IN/desktop-browsers.md b/i18n/bn-IN/desktop-browsers.md
index c0b9ec01..4c6d58aa 100644
--- a/i18n/bn-IN/desktop-browsers.md
+++ b/i18n/bn-IN/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave allows you to select additional content filters within the internal `brave
1. Disabling the V8 optimizer reduces your attack surface by disabling [*some*](https://grapheneos.social/@GrapheneOS/112708049232710156) parts of JavaScript Just-In-Time (JIT) compilation.
-
-
Sanitizing on close
-
-- [x] Select **Delete data sites have saved to your device when you close all windows** under *Sites and Shields Settings* → *Content* → *Additional content settings* → *On-device site data*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/bn-IN/email.md b/i18n/bn-IN/email.md
index 09d10245..bb6bba2c 100644
--- a/i18n/bn-IN/email.md
+++ b/i18n/bn-IN/email.md
@@ -317,7 +317,6 @@ We regard these features as important in order to provide a safe and optimal ser
- Encrypts email account data at rest with zero-access encryption.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Operates on owned infrastructure, i.e. not built upon third-party email service providers.
**Best Case:**
@@ -328,6 +327,7 @@ We regard these features as important in order to provide a safe and optimal ser
- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
- Availability of the email provider's services via an [onion service](https://en.wikipedia.org/wiki/.onion).
- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Catch-all or alias functionality for those who use their own domains.
- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
diff --git a/i18n/bn-IN/photo-management.md b/i18n/bn-IN/photo-management.md
index d7447180..c6486221 100644
--- a/i18n/bn-IN/photo-management.md
+++ b/i18n/bn-IN/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/bn-IN/tools.md b/i18n/bn-IN/tools.md
index 7c7e1fec..c3d7ba14 100644
--- a/i18n/bn-IN/tools.md
+++ b/i18n/bn-IN/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/bn/basics/vpn-overview.md b/i18n/bn/basics/vpn-overview.md
index f927b4b7..9c8d00c6 100644
--- a/i18n/bn/basics/vpn-overview.md
+++ b/i18n/bn/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recently, some attempts have been made by various organizations to address some
Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
-MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Firstly, a server operated by Apple.
@@ -101,7 +103,7 @@ MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them
This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
-Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### Decentralized VPNs
diff --git a/i18n/bn/desktop-browsers.md b/i18n/bn/desktop-browsers.md
index c0b9ec01..4c6d58aa 100644
--- a/i18n/bn/desktop-browsers.md
+++ b/i18n/bn/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave allows you to select additional content filters within the internal `brave
1. Disabling the V8 optimizer reduces your attack surface by disabling [*some*](https://grapheneos.social/@GrapheneOS/112708049232710156) parts of JavaScript Just-In-Time (JIT) compilation.
-
-
Sanitizing on close
-
-- [x] Select **Delete data sites have saved to your device when you close all windows** under *Sites and Shields Settings* → *Content* → *Additional content settings* → *On-device site data*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/bn/email.md b/i18n/bn/email.md
index 09d10245..bb6bba2c 100644
--- a/i18n/bn/email.md
+++ b/i18n/bn/email.md
@@ -317,7 +317,6 @@ We regard these features as important in order to provide a safe and optimal ser
- Encrypts email account data at rest with zero-access encryption.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Operates on owned infrastructure, i.e. not built upon third-party email service providers.
**Best Case:**
@@ -328,6 +327,7 @@ We regard these features as important in order to provide a safe and optimal ser
- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
- Availability of the email provider's services via an [onion service](https://en.wikipedia.org/wiki/.onion).
- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Catch-all or alias functionality for those who use their own domains.
- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
diff --git a/i18n/bn/photo-management.md b/i18n/bn/photo-management.md
index d7447180..c6486221 100644
--- a/i18n/bn/photo-management.md
+++ b/i18n/bn/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/bn/tools.md b/i18n/bn/tools.md
index 7c7e1fec..c3d7ba14 100644
--- a/i18n/bn/tools.md
+++ b/i18n/bn/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/cs/basics/vpn-overview.md b/i18n/cs/basics/vpn-overview.md
index f927b4b7..9c8d00c6 100644
--- a/i18n/cs/basics/vpn-overview.md
+++ b/i18n/cs/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recently, some attempts have been made by various organizations to address some
Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
-MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Firstly, a server operated by Apple.
@@ -101,7 +103,7 @@ MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them
This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
-Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### Decentralized VPNs
diff --git a/i18n/cs/desktop-browsers.md b/i18n/cs/desktop-browsers.md
index 6e05e949..b8572d53 100644
--- a/i18n/cs/desktop-browsers.md
+++ b/i18n/cs/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave allows you to select additional content filters within the internal `brave
1. Disabling the V8 optimizer reduces your attack surface by disabling [*some*](https://grapheneos.social/@GrapheneOS/112708049232710156) parts of JavaScript Just-In-Time (JIT) compilation.
-
-
Sanitizing on close
-
-- [x] Select **Delete data sites have saved to your device when you close all windows** under *Sites and Shields Settings* → *Content* → *Additional content settings* → *On-device site data*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/cs/email.md b/i18n/cs/email.md
index 09d10245..bb6bba2c 100644
--- a/i18n/cs/email.md
+++ b/i18n/cs/email.md
@@ -317,7 +317,6 @@ We regard these features as important in order to provide a safe and optimal ser
- Encrypts email account data at rest with zero-access encryption.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Operates on owned infrastructure, i.e. not built upon third-party email service providers.
**Best Case:**
@@ -328,6 +327,7 @@ We regard these features as important in order to provide a safe and optimal ser
- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
- Availability of the email provider's services via an [onion service](https://en.wikipedia.org/wiki/.onion).
- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Catch-all or alias functionality for those who use their own domains.
- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
diff --git a/i18n/cs/photo-management.md b/i18n/cs/photo-management.md
index d7447180..c6486221 100644
--- a/i18n/cs/photo-management.md
+++ b/i18n/cs/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/cs/tools.md b/i18n/cs/tools.md
index 7c7e1fec..c3d7ba14 100644
--- a/i18n/cs/tools.md
+++ b/i18n/cs/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/de/basics/vpn-overview.md b/i18n/de/basics/vpn-overview.md
index 4c2dc944..8b0e5c40 100644
--- a/i18n/de/basics/vpn-overview.md
+++ b/i18n/de/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recently, some attempts have been made by various organizations to address some
Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
-MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Firstly, a server operated by Apple.
@@ -101,7 +103,7 @@ MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them
This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
-Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### Decentralized VPNs
diff --git a/i18n/de/desktop-browsers.md b/i18n/de/desktop-browsers.md
index f2ca7c5a..11b2418f 100644
--- a/i18n/de/desktop-browsers.md
+++ b/i18n/de/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave ermöglicht die Auswahl zusätzlicher Inhaltsfilter auf der internen Seite
1. Die Deaktivierung des V8-Optimierungstool verringert deine Angriffsfläche, indem [*einige*](https://grapheneos.social/@GrapheneOS/112708049232710156) Teile der JavaScript-Just-In-Time-Kompilierung (JIT) deaktiviert werden.
-
-
Browserdaten beim Schließen löschen
-
-- [x] Wähle **Websitedaten löschen, die auf deinem Gerät gespeichert wurden, wenn du alle Fenster schließt** unter *Website- und Schutzeinstellungen* → *Inhalte* → *Zusätzliche Inhaltseinstellungen* → *Websitedaten auf dem Gerät*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/de/email.md b/i18n/de/email.md
index cb304df1..5cc06c3f 100644
--- a/i18n/de/email.md
+++ b/i18n/de/email.md
@@ -317,7 +317,6 @@ Wir halten diese Merkmale für wichtig, um einen sicheren und optimalen Service
- Verschlüsselt die Daten von E-Mail-Konten im Ruhezustand mit Zero-Access-Verschlüsselung.
- Exportmöglichkeit als [Mbox](https://de.wikipedia.org/wiki/Mbox) oder individuelle .EML mit [RFC5322](https://datatracker.ietf.org/doc/rfc5322)-Standard.
-- Erlaubt es dem Nutzer, seinen eigenen [Domainnamen](https://de.wikipedia.org/wiki/Domain_(Internet)) zu verwenden. Benutzerdefinierte Domänennamen sind für die Nutzer wichtig, da du so deine Identität von dem Dienst fernhalten kannst, falls dieser sich als schlecht erweist oder von einem anderen Unternehmen übernommen wird, bei dem der Datenschutz keine Rolle spielt.
- Arbeitet auf einer eigenen Infrastruktur, d.h. nicht auf der eines Drittanbieters von E-Mail-Diensten.
**Im besten Fall:**
@@ -328,8 +327,9 @@ Wir halten diese Merkmale für wichtig, um einen sicheren und optimalen Service
- Unterstützung für eine temporäre Mailbox für externe Benutzer. Dies ist nützlich, wenn du eine verschlüsselte E-Mail versenden möchtest, ohne eine Kopie an den Empfänger zu senden. Diese E-Mails haben in der Regel eine begrenzte Lebensdauer und werden dann automatisch gelöscht. Sie erfordern auch nicht, dass der Empfänger eine Kryptographie wie OpenPGP konfiguriert.
- Verfügbarkeit der Dienste des E-Mail-Anbieters über einen [onion service](https://de.wikipedia.org/wiki/.onion).
- Unterstützung [von Unteradressen](https://en.wikipedia.org/wiki/Email_address#Sub-addressing).
-- Catch-All- oder Alias-Funktionalität für diejenigen, die ihre eigenen Domains verwenden.
-- Verwendung von Standard-E-Mail-Zugriffsprotokollen wie IMAP, SMTP oder [JMAP](https://de.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standardzugriffsprotokolle stellen sicher, dass die Kunden alle ihre E-Mails problemlos herunterladen können, sollten sie zu einem anderen Anbieter wechseln wollen.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Benutzerdefinierte Domänennamen sind für die Nutzer wichtig, da du so deine Identität von dem Dienst fernhalten kannst, falls dieser sich als schlecht erweist oder von einem anderen Unternehmen übernommen wird, bei dem der Datenschutz keine Rolle spielt.
+- Catch-all or alias functionality for those who use their own domains.
+- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
### Datenschutz
diff --git a/i18n/de/photo-management.md b/i18n/de/photo-management.md
index 79dc04ca..496dfd66 100644
--- a/i18n/de/photo-management.md
+++ b/i18n/de/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/de/tools.md b/i18n/de/tools.md
index 7c8d2141..abdc397a 100644
--- a/i18n/de/tools.md
+++ b/i18n/de/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/el/basics/vpn-overview.md b/i18n/el/basics/vpn-overview.md
index 9386f66d..2a9c7909 100644
--- a/i18n/el/basics/vpn-overview.md
+++ b/i18n/el/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recently, some attempts have been made by various organizations to address some
Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
-MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Firstly, a server operated by Apple.
@@ -101,7 +103,7 @@ MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them
This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
-Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### Decentralized VPNs
diff --git a/i18n/el/desktop-browsers.md b/i18n/el/desktop-browsers.md
index d8011cc7..f9678267 100644
--- a/i18n/el/desktop-browsers.md
+++ b/i18n/el/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave allows you to select additional content filters within the internal `brave
1. Disabling the V8 optimizer reduces your attack surface by disabling [*some*](https://grapheneos.social/@GrapheneOS/112708049232710156) parts of JavaScript Just-In-Time (JIT) compilation.
-
-
Sanitizing on close
-
-- [x] Select **Delete data sites have saved to your device when you close all windows** under *Sites and Shields Settings* → *Content* → *Additional content settings* → *On-device site data*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/el/email.md b/i18n/el/email.md
index 4539429b..aa25db95 100644
--- a/i18n/el/email.md
+++ b/i18n/el/email.md
@@ -317,7 +317,6 @@ We regard these features as important in order to provide a safe and optimal ser
- Encrypts email account data at rest with zero-access encryption.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Operates on owned infrastructure, i.e. not built upon third-party email service providers.
**Best Case:**
@@ -328,6 +327,7 @@ We regard these features as important in order to provide a safe and optimal ser
- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
- Availability of the email provider's services via an [onion service](https://en.wikipedia.org/wiki/.onion).
- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Catch-all or alias functionality for those who use their own domains.
- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
diff --git a/i18n/el/photo-management.md b/i18n/el/photo-management.md
index 5662abad..fd0a8097 100644
--- a/i18n/el/photo-management.md
+++ b/i18n/el/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/el/tools.md b/i18n/el/tools.md
index 2ed4c4d7..6c027ae4 100644
--- a/i18n/el/tools.md
+++ b/i18n/el/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/eo/basics/vpn-overview.md b/i18n/eo/basics/vpn-overview.md
index f927b4b7..9c8d00c6 100644
--- a/i18n/eo/basics/vpn-overview.md
+++ b/i18n/eo/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recently, some attempts have been made by various organizations to address some
Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
-MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Firstly, a server operated by Apple.
@@ -101,7 +103,7 @@ MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them
This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
-Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### Decentralized VPNs
diff --git a/i18n/eo/desktop-browsers.md b/i18n/eo/desktop-browsers.md
index c0b9ec01..4c6d58aa 100644
--- a/i18n/eo/desktop-browsers.md
+++ b/i18n/eo/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave allows you to select additional content filters within the internal `brave
1. Disabling the V8 optimizer reduces your attack surface by disabling [*some*](https://grapheneos.social/@GrapheneOS/112708049232710156) parts of JavaScript Just-In-Time (JIT) compilation.
-
-
Sanitizing on close
-
-- [x] Select **Delete data sites have saved to your device when you close all windows** under *Sites and Shields Settings* → *Content* → *Additional content settings* → *On-device site data*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/eo/email.md b/i18n/eo/email.md
index 3d02667e..431e1b46 100644
--- a/i18n/eo/email.md
+++ b/i18n/eo/email.md
@@ -317,7 +317,6 @@ We regard these features as important in order to provide a safe and optimal ser
- Encrypts email account data at rest with zero-access encryption.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Operates on owned infrastructure, i.e. not built upon third-party email service providers.
**Best Case:**
@@ -328,6 +327,7 @@ We regard these features as important in order to provide a safe and optimal ser
- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
- Availability of the email provider's services via an [onion service](https://en.wikipedia.org/wiki/.onion).
- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Catch-all or alias functionality for those who use their own domains.
- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
diff --git a/i18n/eo/photo-management.md b/i18n/eo/photo-management.md
index d7447180..c6486221 100644
--- a/i18n/eo/photo-management.md
+++ b/i18n/eo/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/eo/tools.md b/i18n/eo/tools.md
index 7c7e1fec..c3d7ba14 100644
--- a/i18n/eo/tools.md
+++ b/i18n/eo/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/es/basics/vpn-overview.md b/i18n/es/basics/vpn-overview.md
index 8e350cdf..4f2aa3bd 100644
--- a/i18n/es/basics/vpn-overview.md
+++ b/i18n/es/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recientemente, varias organizaciones han intentado resolver algunos de los probl
Los repetidores multiparte (MPR) utilizan varios nodos propiedad de distintas partes, de modo que ninguna sabe quién eres y a qué te conectas. Esta es la idea básica detrás de Tor, pero ahora hay algunos servicios de pago que intentan emular este modelo.
-Los MPR tratan de resolver un problema inherente a las VPN: el hecho de que hay que confiar plenamente en ellas. Logran este objetivo segmentando las responsabilidades entre dos o más empresas diferentes. Por ejemplo, Relay Privado de iCloud+ de Apple dirige tu tráfico a través de dos servidores:
+Los MPR tratan de resolver un problema inherente a las VPN: el hecho de que hay que confiar plenamente en ellas. Logran este objetivo segmentando las responsabilidades entre dos o más empresas diferentes.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. En primer lugar, un servidor operado por Apple.
@@ -101,15 +103,15 @@ Los MPR tratan de resolver un problema inherente a las VPN: el hecho de que hay
Este servidor realiza la conexión con el sitio web de destino, pero no tiene conocimiento de tu dispositivo. La única dirección IP que conoce es la del servidor de Apple.
-Otros MPR gestionados por empresas diferentes, como Google o INVISV, funcionan de manera muy similar. Esta protección por segmentación solo existe si confías en que las dos empresas no confabularán entre sí para desanonimizarte.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### VPN Descentralizadas
-Otro intento de resolver los problemas de los servicios VPN centralizados son las dVPN. Se basan en la tecnología blockchain y pretenden eliminar la confianza en una sola parte distribuyendo los nodos entre muchas personas diferentes. Sin embargo, en muchas ocasiones una dVPN utilizará por defecto un único nodo, lo que significa que tendrás que confiar plenamente en ese nodo, al igual que en una VPN tradicional. A diferencia de una VPN tradicional, este único nodo que puede ver todo tu tráfico es una persona cualquiera en lugar de tu proveedor de VPN, que puede ser auditado y tiene responsabilidades legales para mantener su política de privacidad. Para solucionarlo se necesitan multisaltos, pero eso conlleva un coste de estabilidad y rendimiento.
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
-Otra consideración es la responsabilidad legal. El nodo de salida tendrá que lidiar con problemas legales derivados del mal uso de la red, un problema con el que la red Tor ha lidiado durante toda su existencia. Esto disuade a la gente normal de ejecutar nodos y hace que sea más atractivo para un actor malicioso con muchos recursos alojar uno. Esto es un gran problema si el servicio es de un solo nodo, ya que el nodo de salida potencialmente malicioso puede ver quién eres y a qué te estás conectando.
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
-Muchas dVPN se utilizan para impulsar una criptomoneda en lugar de hacer el mejor servicio. También suelen ser redes más pequeñas con menos nodos, lo que las hace más vulnerables a los [ataques de Sybil](https://en.wikipedia.org/wiki/Sybil_attack).
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Información Relacionada con las VPNs
diff --git a/i18n/es/desktop-browsers.md b/i18n/es/desktop-browsers.md
index 2faa572a..998a213a 100644
--- a/i18n/es/desktop-browsers.md
+++ b/i18n/es/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave te permite seleccionar filtros de contenido adicionales en la página inte
1. Desactivar el optimizador V8 reduce tu superficie de ataque al desactivar [*algunas*](https://grapheneos.social/@GrapheneOS/112708049232710156) partes de la compilación Just-In-Time (JIT) de JavaScript.
-
-
Desinfectar al cerrar
-
-- [x] Selecciona **Eliminar los datos que los sitios guardan en tu dispositivo cuando cierras todas las ventanas** en *Configuración del sitio y de los Escudos* → *Contenido* → *Configuración de contenido adicional* → *Datos de sitios en el dispositivo*.
-
-Si deseas permanecer conectado a un sitio concreto que visitas a menudo, puedes establecer excepciones por sitio en la sección *Comportamientos personalizados*.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
Aunque en la mayoría de los casos [desaconsejamos](os/linux-overview.md#release-cycle) las distribuciones "perpetuamente obsoletas" como Debian para uso de escritorio, Kicksecure es un sistema operativo basado en Debian que ha sido reforzado para ser mucho más que una instalación típica de Linux.
diff --git a/i18n/es/email.md b/i18n/es/email.md
index 932b4145..2456ee5d 100644
--- a/i18n/es/email.md
+++ b/i18n/es/email.md
@@ -317,7 +317,6 @@ Consideramos que estas características son importantes para ofrecer un servicio
- Cifra los datos de las cuentas de correo electrónico en reposo con cifrado de acceso cero.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Permitir a los usuarios utilizar su propio [nombre de dominio](https://en.wikipedia.org/wiki/Domain_name). Los nombres de dominio personalizados son importantes para los usuarios porque les permiten mantener su agencia del servicio, en caso de que éste se estropee o sea adquirido por otra empresa que no dé prioridad a la privacidad.
- Operaciones en infraestructura propia, es decir, no construidas sobre proveedores de servicios de correo electrónico de terceros.
**Mejor caso:**
@@ -328,8 +327,9 @@ Consideramos que estas características son importantes para ofrecer un servicio
- Soporte para un buzón temporal para usuarios externos. Esto es útil cuando quieres enviar un correo electrónico encriptado, sin enviar una copia real a tu destinatario. Estos correos electrónicos suelen tener una vida útil limitada y luego se eliminan automáticamente. Tampoco requieren que el destinatario configure ninguna criptografía como OpenPGP.
- Disponibilidad de los servicios del proveedor de correo electrónico a través de un [ servicio onion](https://en.wikipedia.org/wiki/.onion).
- Soporte de [subdireccionamiento](https://en.wikipedia.org/wiki/Email_address#Sub-addressing).
-- Funcionalidad Catch-all o alias para quienes utilizan sus propios dominios.
-- Uso de protocolos estándar de acceso al correo electrónico como IMAP, SMTP o [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Los protocolos de acceso estándar garantizan que los clientes puedan descargar fácilmente todo su correo electrónico en caso de que quieran cambiar de proveedor.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Los nombres de dominio personalizados son importantes para los usuarios porque les permiten mantener su agencia del servicio, en caso de que éste se estropee o sea adquirido por otra empresa que no dé prioridad a la privacidad.
+- Catch-all or alias functionality for those who use their own domains.
+- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
### Privacidad
diff --git a/i18n/es/photo-management.md b/i18n/es/photo-management.md
index cfe27bf4..008c8b5a 100644
--- a/i18n/es/photo-management.md
+++ b/i18n/es/photo-management.md
@@ -19,7 +19,7 @@ La mayoría de las soluciones de **gestión de fotografías en la nube**, como G
{ align=right }
{ align=right }
-**Ente Photos** es un servicio de copia de seguridad cifrada de fotos de extremo a extremo que admite copias de seguridad automáticas en iOS y Android. Su código es totalmente abierto, tanto en el lado del cliente como en el del servidor. También es [autoalojable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** es un servicio de copia de seguridad cifrada de fotos de extremo a extremo que admite copias de seguridad automáticas en iOS y Android. Su código es totalmente abierto, tanto en el lado del cliente como en el del servidor. También es [autoalojable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Página Principal](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Política de Privacidad" }
diff --git a/i18n/es/tools.md b/i18n/es/tools.md
index 6264d6ce..4c8a8522 100644
--- a/i18n/es/tools.md
+++ b/i18n/es/tools.md
@@ -680,6 +680,7 @@ Para cifrar su unidad de SO, normalmente recomendamos utilizar la herramienta de
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/fa/basics/vpn-overview.md b/i18n/fa/basics/vpn-overview.md
index f927b4b7..9c8d00c6 100644
--- a/i18n/fa/basics/vpn-overview.md
+++ b/i18n/fa/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recently, some attempts have been made by various organizations to address some
Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
-MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Firstly, a server operated by Apple.
@@ -101,7 +103,7 @@ MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them
This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
-Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### Decentralized VPNs
diff --git a/i18n/fa/desktop-browsers.md b/i18n/fa/desktop-browsers.md
index 5e2a0f4d..ba64f878 100644
--- a/i18n/fa/desktop-browsers.md
+++ b/i18n/fa/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave allows you to select additional content filters within the internal `brave
1. Disabling the V8 optimizer reduces your attack surface by disabling [*some*](https://grapheneos.social/@GrapheneOS/112708049232710156) parts of JavaScript Just-In-Time (JIT) compilation.
-
-
Sanitizing on close
-
-- [x] Select **Delete data sites have saved to your device when you close all windows** under *Sites and Shields Settings* → *Content* → *Additional content settings* → *On-device site data*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/fa/email.md b/i18n/fa/email.md
index dace6a81..5475ca5b 100644
--- a/i18n/fa/email.md
+++ b/i18n/fa/email.md
@@ -317,7 +317,6 @@ We regard these features as important in order to provide a safe and optimal ser
- Encrypts email account data at rest with zero-access encryption.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Operates on owned infrastructure, i.e. not built upon third-party email service providers.
**بهترین شرایط:**
@@ -328,6 +327,7 @@ We regard these features as important in order to provide a safe and optimal ser
- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
- Availability of the email provider's services via an [onion service](https://en.wikipedia.org/wiki/.onion).
- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Catch-all or alias functionality for those who use their own domains.
- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
diff --git a/i18n/fa/photo-management.md b/i18n/fa/photo-management.md
index d7447180..c6486221 100644
--- a/i18n/fa/photo-management.md
+++ b/i18n/fa/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/fa/tools.md b/i18n/fa/tools.md
index 79ae97ae..044c0d4a 100644
--- a/i18n/fa/tools.md
+++ b/i18n/fa/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/fr/basics/vpn-overview.md b/i18n/fr/basics/vpn-overview.md
index bc0f2999..d1fa123a 100644
--- a/i18n/fr/basics/vpn-overview.md
+++ b/i18n/fr/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Récemment, plusieurs organisations ont tenté de résoudre certains problèmes
Les relais multipartites (MPR) utilisent plusieurs nœuds appartenant à différentes parties, de sorte qu'aucune partie ne sait à la fois qui vous êtes et à quoi vous vous connectez. C'est l'idée de base de Tor, mais il existe aujourd'hui des services payants qui tentent d'imiter ce modèle.
-Les MPRs cherchent à résoudre un problème inhérent aux VPN: le fait que vous devez leur faire entièrement confiance. Elles atteignent cet objectif en segmentant les responsabilités entre deux ou plusieurs entreprises différentes. Par exemple, le relais privé iCloud+ d'Apple achemine votre trafic à travers deux serveurs :
+Les MPRs cherchent à résoudre un problème inhérent aux VPN: le fait que vous devez leur faire entièrement confiance. Elles atteignent cet objectif en segmentant les responsabilités entre deux ou plusieurs entreprises différentes.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Premièrement, un serveur géré par Apple.
@@ -101,15 +103,15 @@ Les MPRs cherchent à résoudre un problème inhérent aux VPN: le fait que vous
Ce serveur établit la connexion avec votre site web de destination, mais n'a aucune connaissance de votre appareil. La seule adresse IP qu'il connaît est celle du serveur d'Apple.
-D'autres MPRs gérés par différentes entreprises comme Google ou INVISV fonctionnent de manière très similaire. Cette protection par segmentation n'existe que si vous avez confiance dans le fait que les deux entreprises ne s'entendent pas pour vous désanonymiser.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### VPNs décentralisés
-Les dVPNs constituent une autre tentative de résoudre les problèmes posés par les services VPN centralisés. Ils sont basés sur la technologie blockchain et prétendent éliminer la confiance en une seule partie en répartissant les nœuds entre un grand nombre de personnes différentes. Cependant, il arrive souvent qu'un dVPN soit attribué par défaut à un seul nœud, ce qui signifie que vous devez faire entièrement confiance à ce nœud, tout comme dans le cas d'un VPN traditionnel. Contrairement à un VPN traditionnel, ce nœud unique qui peut voir tout votre trafic est une personne aléatoire au lieu de votre fournisseur VPN qui peut être audité et a des responsabilités légales de respecter sa politique de confidentialité. Le multi-saut est nécessaire pour résoudre ce problème, mais cela est accompagné d'un coût de stabilité et de performance.
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
-Une autre considération est la responsabilité juridique. Le noeud de sortie devra résoudre les problèmes légaux liés à l'utilisation abusive du réseau, un problème auquel le réseau Tor a été confronté tout au long de son existence. Cela décourage les personnes ordinaires de gérer des nœuds et rend plus attrayant l'hébergement d'un nœud par un acteur malveillant disposant de beaucoup de ressources. C'est un gros problème si le service est à nœud unique, car le nœud de sortie potentiellement malveillant peut voir qui vous êtes et à quoi vous vous connectez.
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
-De nombreux dVPNs sont utilisés pour pousser une crypto-monnaie plutôt que pour offrir le meilleur service. Ils ont également tendance à être des réseaux plus petits avec moins de nœuds, ce qui les rend plus vulnérables aux [attaques Sybil](https://en.wikipedia.org/wiki/Sybil_attack).
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Informations VPN liées
diff --git a/i18n/fr/desktop-browsers.md b/i18n/fr/desktop-browsers.md
index 70bec3d8..0a72faa4 100644
--- a/i18n/fr/desktop-browsers.md
+++ b/i18n/fr/desktop-browsers.md
@@ -312,15 +312,6 @@ Brave vous permet de sélectionner des filtres de contenu supplémentaires dans
1. Disabling the V8 optimizer reduces your attack surface by disabling [*some*](https://grapheneos.social/@GrapheneOS/112708049232710156) parts of JavaScript Just-In-Time (JIT) compilation.
-
-
Suppression à la fermeture
-
-- [x] Select **Delete data sites have saved to your device when you close all windows** under *Sites and Shields Settings* → *Content* → *Additional content settings* → *On-device site data*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/fr/email.md b/i18n/fr/email.md
index 4c16285c..39bd4743 100644
--- a/i18n/fr/email.md
+++ b/i18n/fr/email.md
@@ -317,7 +317,6 @@ Nous considérons ces caractéristiques comme importantes afin de fournir un ser
- Chiffre les données du compte e-mail au repos avec un chiffrement à accès zéro.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Permet aux utilisateurs d'utiliser leur propre [nom de domaine](https://en.wikipedia.org/wiki/Domain_name). Les noms de domaine personnalisés sont importants pour les utilisateurs car ils leur permettent de conserver leur indépendance du service, au cas où celui-ci tournerait mal ou serait racheté par une autre société qui ne donne pas priorité à la vie privée.
- Fonctionne sur sa propre infrastructure, c'est-à-dire qu'elle ne repose pas sur des fournisseurs de services d'e-mail tiers.
**Dans le meilleur des cas :**
@@ -328,8 +327,9 @@ Nous considérons ces caractéristiques comme importantes afin de fournir un ser
- Prise en charge d'une boîte mail temporaire pour les utilisateurs externes. Cette fonction est utile lorsque vous souhaitez envoyer un e-mail chiffré, sans envoyer une copie réelle à votre destinataire. Ces e-mails ont généralement une durée de vie limitée et sont ensuite automatiquement supprimés. Ils n'obligent pas non plus le destinataire à configurer un système de chiffrement comme OpenPGP.
- Disponibilité des services du fournisseur d'e-mail via un [service onion](https://en.wikipedia.org/wiki/.onion).
- Support du [sous-adressage](https://en.wikipedia.org/wiki/Email_address#Sub-addressing).
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Les noms de domaine personnalisés sont importants pour les utilisateurs car ils leur permettent de conserver leur indépendance du service, au cas où celui-ci tournerait mal ou serait racheté par une autre société qui ne donne pas priorité à la vie privée.
- Catch-all or alias functionality for those who use their own domains.
-- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Les protocoles d'accès standard garantissent que les clients peuvent facilement télécharger l'ensemble de leurs e-mails, s'ils souhaitent changer de fournisseur.
+- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
### Confidentialité
diff --git a/i18n/fr/photo-management.md b/i18n/fr/photo-management.md
index 9c5a8ddc..cba4cc62 100644
--- a/i18n/fr/photo-management.md
+++ b/i18n/fr/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/fr/tools.md b/i18n/fr/tools.md
index 21106331..aed74e1e 100644
--- a/i18n/fr/tools.md
+++ b/i18n/fr/tools.md
@@ -673,6 +673,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/he/basics/vpn-overview.md b/i18n/he/basics/vpn-overview.md
index 91ec32fa..f024280e 100644
--- a/i18n/he/basics/vpn-overview.md
+++ b/i18n/he/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recently, some attempts have been made by various organizations to address some
Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
-MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Firstly, a server operated by Apple.
@@ -101,7 +103,7 @@ MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them
This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
-Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### Decentralized VPNs
diff --git a/i18n/he/desktop-browsers.md b/i18n/he/desktop-browsers.md
index 0c0a5a52..86977528 100644
--- a/i18n/he/desktop-browsers.md
+++ b/i18n/he/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave allows you to select additional content filters within the internal `brave
1. Disabling the V8 optimizer reduces your attack surface by disabling [*some*](https://grapheneos.social/@GrapheneOS/112708049232710156) parts of JavaScript Just-In-Time (JIT) compilation.
-
-
Sanitizing on close
-
-- [x] Select **Delete data sites have saved to your device when you close all windows** under *Sites and Shields Settings* → *Content* → *Additional content settings* → *On-device site data*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/he/email.md b/i18n/he/email.md
index 26e7f58a..77284b10 100644
--- a/i18n/he/email.md
+++ b/i18n/he/email.md
@@ -317,7 +317,6 @@ Stalwart does **not** have an integrated webmail, so you will need to use it wit
- מצפין נתוני חשבון אימייל במצב מנוחה עם הצפנה ללא גישה.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- מאפשר למשתמשים להשתמש ב[שם דומיין](https://en.wikipedia.org/wiki/Domain_name) משלהם. שמות דומיין מותאמים אישית חשובים למשתמשים מכיוון שהם מאפשרים להם לתחזק את הסוכנות שלהם מהשירות, אם היא תהפוך לגרועה או תירכש על ידי חברה אחרת שאינה מתעדפת פרטיות.
- פועל על תשתית בבעלות, כלומר לא בנוי על ספקי שירותי דואר אלקטרוני של צד שלישי.
**המקרה הטוב ביותר:**
@@ -328,8 +327,9 @@ Stalwart does **not** have an integrated webmail, so you will need to use it wit
- תמיכה בתיבת דואר זמנית למשתמשים חיצוניים. פעולה זו שימושית כאשר ברצונך לשלוח דוא"ל מוצפן, מבלי לשלוח עותק בפועל לנמען שלך. למיילים אלה יש בדרך כלל תוחלת חיים מוגבלת ולאחר מכן נמחקות אוטומטית. הם גם לא דורשים מהנמען להגדיר שום קריפטוגרפיה כמו OpenPGP.
- זמינות שירותי ספק הדואר האלקטרוני באמצעות [שירות onion](https://en.wikipedia.org/wiki/.onion).
- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). שמות דומיין מותאמים אישית חשובים למשתמשים מכיוון שהם מאפשרים להם לתחזק את הסוכנות שלהם מהשירות, אם היא תהפוך לגרועה או תירכש על ידי חברה אחרת שאינה מתעדפת פרטיות.
- Catch-all or alias functionality for those who use their own domains.
-- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). פרוטוקולי גישה סטנדרטיים מבטיחים שלקוחות יכולים להוריד בקלות את כל האימייל שלהם, אם הם רוצים לעבור לספק אחר.
+- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
### פרטיות
diff --git a/i18n/he/photo-management.md b/i18n/he/photo-management.md
index 40bdef29..912a9758 100644
--- a/i18n/he/photo-management.md
+++ b/i18n/he/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/he/tools.md b/i18n/he/tools.md
index 8b51eaab..09cf96a2 100644
--- a/i18n/he/tools.md
+++ b/i18n/he/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/hi/basics/vpn-overview.md b/i18n/hi/basics/vpn-overview.md
index f927b4b7..9c8d00c6 100644
--- a/i18n/hi/basics/vpn-overview.md
+++ b/i18n/hi/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recently, some attempts have been made by various organizations to address some
Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
-MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Firstly, a server operated by Apple.
@@ -101,7 +103,7 @@ MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them
This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
-Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### Decentralized VPNs
diff --git a/i18n/hi/desktop-browsers.md b/i18n/hi/desktop-browsers.md
index c0b9ec01..4c6d58aa 100644
--- a/i18n/hi/desktop-browsers.md
+++ b/i18n/hi/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave allows you to select additional content filters within the internal `brave
1. Disabling the V8 optimizer reduces your attack surface by disabling [*some*](https://grapheneos.social/@GrapheneOS/112708049232710156) parts of JavaScript Just-In-Time (JIT) compilation.
-
-
Sanitizing on close
-
-- [x] Select **Delete data sites have saved to your device when you close all windows** under *Sites and Shields Settings* → *Content* → *Additional content settings* → *On-device site data*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/hi/email.md b/i18n/hi/email.md
index 09d10245..bb6bba2c 100644
--- a/i18n/hi/email.md
+++ b/i18n/hi/email.md
@@ -317,7 +317,6 @@ We regard these features as important in order to provide a safe and optimal ser
- Encrypts email account data at rest with zero-access encryption.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Operates on owned infrastructure, i.e. not built upon third-party email service providers.
**Best Case:**
@@ -328,6 +327,7 @@ We regard these features as important in order to provide a safe and optimal ser
- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
- Availability of the email provider's services via an [onion service](https://en.wikipedia.org/wiki/.onion).
- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Catch-all or alias functionality for those who use their own domains.
- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
diff --git a/i18n/hi/photo-management.md b/i18n/hi/photo-management.md
index d7447180..c6486221 100644
--- a/i18n/hi/photo-management.md
+++ b/i18n/hi/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/hi/tools.md b/i18n/hi/tools.md
index 7c7e1fec..c3d7ba14 100644
--- a/i18n/hi/tools.md
+++ b/i18n/hi/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/hu/basics/vpn-overview.md b/i18n/hu/basics/vpn-overview.md
index f927b4b7..9c8d00c6 100644
--- a/i18n/hu/basics/vpn-overview.md
+++ b/i18n/hu/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recently, some attempts have been made by various organizations to address some
Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
-MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Firstly, a server operated by Apple.
@@ -101,7 +103,7 @@ MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them
This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
-Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### Decentralized VPNs
diff --git a/i18n/hu/desktop-browsers.md b/i18n/hu/desktop-browsers.md
index ed7ba08b..10a6b5dd 100644
--- a/i18n/hu/desktop-browsers.md
+++ b/i18n/hu/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave allows you to select additional content filters within the internal `brave
1. Disabling the V8 optimizer reduces your attack surface by disabling [*some*](https://grapheneos.social/@GrapheneOS/112708049232710156) parts of JavaScript Just-In-Time (JIT) compilation.
-
-
Sanitizing on close
-
-- [x] Select **Delete data sites have saved to your device when you close all windows** under *Sites and Shields Settings* → *Content* → *Additional content settings* → *On-device site data*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/hu/email.md b/i18n/hu/email.md
index f5c8ae99..c0b0e905 100644
--- a/i18n/hu/email.md
+++ b/i18n/hu/email.md
@@ -317,7 +317,6 @@ Ezeket a funkciókat fontosnak tartjuk a biztonságos és optimális szolgáltat
- Az email fiókok adatai alapértelmezetten zéró hozzáféréssel legyenek titkosítva.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Lehetővé teszi a felhasználók számára, hogy saját [domainnevüket](https://en.wikipedia.org/wiki/Domain_name) használják. Az egyéni domain nevek azért fontosak a felhasználók számára, mert lehetővé teszik számukra, hogy megőrizzék a függetlenedési képességüket a szolgáltatástól, ha az rosszra fordulna, vagy ha egy másik vállalat felvásárolná, amely nem helyezi előtérbe az adatvédelmet.
- Saját infrastruktúrán működik, azaz nem harmadik féltől származó e-mail szolgáltatóra épül.
**Legjobb esetben:**
@@ -328,8 +327,9 @@ Ezeket a funkciókat fontosnak tartjuk a biztonságos és optimális szolgáltat
- Ideiglenes postafiók támogatása külső felhasználók számára. Ez akkor hasznos, ha titkosított e-mailt szeretne küldeni anélkül, hogy a címzettnek tényleges másolatot küldene. Ezek az e-mailek általában korlátozott élettartamúak, majd automatikusan törlődnek. A címzettnek nem kell semmilyen titkosítást konfigurálnia, mint az OpenPGP esetében.
- Az emailszolgáltató weboldalának elérhetősége egy [.onion szolgáltatáson](https://en.wikipedia.org/wiki/.onion) keresztül.
- Az [alcímzés](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) támogatása.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Az egyéni domain nevek azért fontosak a felhasználók számára, mert lehetővé teszik számukra, hogy megőrizzék a függetlenedési képességüket a szolgáltatástól, ha az rosszra fordulna, vagy ha egy másik vállalat felvásárolná, amely nem helyezi előtérbe az adatvédelmet.
- Catch-all or alias functionality for those who use their own domains.
-- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). A szabványos hozzáférési protokollok biztosítják, hogy az ügyfelek könnyen letölthessék az összes e-mailjüket, ha másik szolgáltatóhoz szeretnének váltani.
+- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
### Adatvédelem
diff --git a/i18n/hu/photo-management.md b/i18n/hu/photo-management.md
index 8e18e5cc..8daa3827 100644
--- a/i18n/hu/photo-management.md
+++ b/i18n/hu/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/hu/tools.md b/i18n/hu/tools.md
index 67750c30..3c16b412 100644
--- a/i18n/hu/tools.md
+++ b/i18n/hu/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/id/basics/vpn-overview.md b/i18n/id/basics/vpn-overview.md
index 42b46126..6486f16d 100644
--- a/i18n/id/basics/vpn-overview.md
+++ b/i18n/id/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recently, some attempts have been made by various organizations to address some
Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
-MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Firstly, a server operated by Apple.
@@ -101,7 +103,7 @@ MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them
This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
-Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### Decentralized VPNs
diff --git a/i18n/id/desktop-browsers.md b/i18n/id/desktop-browsers.md
index 4d3aaac0..7473951f 100644
--- a/i18n/id/desktop-browsers.md
+++ b/i18n/id/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave allows you to select additional content filters within the internal `brave
1. Disabling the V8 optimizer reduces your attack surface by disabling [*some*](https://grapheneos.social/@GrapheneOS/112708049232710156) parts of JavaScript Just-In-Time (JIT) compilation.
-
-
Sanitizing on close
-
-- [x] Select **Delete data sites have saved to your device when you close all windows** under *Sites and Shields Settings* → *Content* → *Additional content settings* → *On-device site data*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/id/email.md b/i18n/id/email.md
index 5e3c0852..e4342441 100644
--- a/i18n/id/email.md
+++ b/i18n/id/email.md
@@ -317,7 +317,6 @@ We regard these features as important in order to provide a safe and optimal ser
- Encrypts email account data at rest with zero-access encryption.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Operates on owned infrastructure, i.e. not built upon third-party email service providers.
**Kasus Terbaik:**
@@ -328,6 +327,7 @@ We regard these features as important in order to provide a safe and optimal ser
- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
- Availability of the email provider's services via an [onion service](https://en.wikipedia.org/wiki/.onion).
- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Catch-all or alias functionality for those who use their own domains.
- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
diff --git a/i18n/id/photo-management.md b/i18n/id/photo-management.md
index c9e017a6..2e356d5b 100644
--- a/i18n/id/photo-management.md
+++ b/i18n/id/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/id/tools.md b/i18n/id/tools.md
index 9855b79c..0ebe8deb 100644
--- a/i18n/id/tools.md
+++ b/i18n/id/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/it/basics/vpn-overview.md b/i18n/it/basics/vpn-overview.md
index 42ff1e4a..5fe84159 100644
--- a/i18n/it/basics/vpn-overview.md
+++ b/i18n/it/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Di recente, sono stati compiuti alcuni tentativi da varie organizzazioni, per ri
I Ripetitori Multiparte (MPR) sono più nodi di proprietà di parti differenti, tali che nessuna parte individuale conosca chi sei e a chi ti stai collegando. Questa è l'idea fondamentale dietro Tor, tuttavia, ora esistono servizi a pagamento che provano a emulare tale modello.
-I MPR cercano di risolvere un problema inerente alle VPN: il fatto che devi affidarti completamente a esse. Compiono tale obiettivo segmentando le responsabilità tra due o più aziende differenti. Ad esempio, il Ripetitore Privato di Apple iCloud+, indirizza il tuo traffico attraverso due server:
+I MPR cercano di risolvere un problema inerente alle VPN: il fatto che devi affidarti completamente a esse. Compiono tale obiettivo segmentando le responsabilità tra due o più aziende differenti.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Prima di tutto, un server gestito da Apple.
@@ -101,15 +103,15 @@ I MPR cercano di risolvere un problema inerente alle VPN: il fatto che devi affi
In realtà, questo server effettua la connessione al tuo sito web di destinazione, ma non ha alcuna conoscenza del tuo dispositivo. Il solo indirizzo IP che conosce è quello del server di Apple.
-Altri MPR operati da aziende differenti, come Google o INVISV, operano in un modo molto simile. Questa protezione tramite la segmentazione esiste soltanto se ti fidi del fatto che le due aziende non colludano tra loro per deanonimizzarti.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### VPN Decentralizzate
-Un altro tentativo di risoluzione dei poblemi con i servizi VPN centralizzati, sono le dVPN. Questi, si basano sulla tecnologia della blockchain e pretendono di eliminare la fiducia in una singola parte, distribuendo i nodi tra molte persone differenti. Tuttavia, molte volte una dVPN si affiderà predefinitamente a un singolo nodo, a significare che dovrai affidarti completamente a esso, proprio come in una VPN tradizionale. A differenza della VPN tradizionale, quel nodo che può visualizzare tutto il tuo traffico è una persona casuale, invece del fornitore della tua VPN, che può essere controllata e ha responsabilità legali per quanto concerne la tutela della privacy. Per risolvere questo problema, è necessario il salto multiplo, che però ha un costo in termini di stabilità e prestazioni.
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
-Un'altra considerazione riguarda la responsabilità legale. Il nodo d'uscita dovrà affrontare dei problemi legali dall'utilizzo improprio della rete, un problema con cui la rete di Tor ha dovuto confrontarsi per la propria intera esistenza. Ciò scoraggia le persone regolari dall'operare nodi e rende più interessante, per un malintenzionato fornito di molte risorse, ospitarne uno. Questo è un grande problema se il servizio è a nodo singolo, poiché il nodo d'uscita potenzialmente malintenzionato, può vedere chi sei e a cosa ti stai connettendo.
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
-Molte dVPN sono utilizzate per spingere una criptovaluta, piuttosto che per offrire il servizio migliore. Inoltre, tendono a essere reti più piccole con meno nodi, rendendole più vulnerabili agli [attacchi Sybil](https://en.wikipedia.org/wiki/Sybil_attack).
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Informazioni correlate alle VPN
diff --git a/i18n/it/desktop-browsers.md b/i18n/it/desktop-browsers.md
index a421ed6c..f1828567 100644
--- a/i18n/it/desktop-browsers.md
+++ b/i18n/it/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave consente di selezionare filtri aggiuntivi per i contenuti nella pagina int
1. Disabling the V8 optimizer reduces your attack surface by disabling [*some*](https://grapheneos.social/@GrapheneOS/112708049232710156) parts of JavaScript Just-In-Time (JIT) compilation.
-
-
Sanitizzazione alla chiusura
-
-- [x] Select **Delete data sites have saved to your device when you close all windows** under *Sites and Shields Settings* → *Content* → *Additional content settings* → *On-device site data*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/it/email.md b/i18n/it/email.md
index 0fcff375..4dd9ca2b 100644
--- a/i18n/it/email.md
+++ b/i18n/it/email.md
@@ -317,7 +317,6 @@ Consideriamo queste funzionalità come importanti per poter fornire un servizio
- Crittografia dei dati degli account email a riposo con crittografia ad "accesso zero".
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Consente agli utenti di utilizzare il proprio [nome di dominio](https://en.wikipedia.org/wiki/Domain_name). I nomi di dominio personalizzati sono importanti per gli utenti, poiché consentono loro di mantenere la propria autonomia dal servizio, dovesse diventare negativo o essere acquisito da un'altra azienda che non dà priorità alla privacy.
- Opera su un'infrastruttura proprietaria, cioè, non basata su fornitori del servizio email di terze parti.
**Miglior Caso:**
@@ -328,8 +327,9 @@ Consideriamo queste funzionalità come importanti per poter fornire un servizio
- Supporto per una casella temporanea per gli utenti esterni. Questo è utile quando desideri inviare un'email crittografata, senza inviare una copia effettiva al tuo destinatario. Queste email, solitamente, hanno una durata limitata, prima di essere eliminate automaticamente. Inoltre, non richiedono al destinatario di configurare alcuna crittografia, come OpenPGP.
- Disponibilità dei servizi del fornitore email tramite un [servizio onion](https://en.wikipedia.org/wiki/.onion).
- Supporto per il [sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing).
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). I nomi di dominio personalizzati sono importanti per gli utenti, poiché consentono loro di mantenere la propria autonomia dal servizio, dovesse diventare negativo o essere acquisito da un'altra azienda che non dà priorità alla privacy.
- Catch-all or alias functionality for those who use their own domains.
-- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). I protocolli d'accesso standard assicurano ai clienti di scaricare facilmente tutte le proprie email, qualora dovessero passare a un altro fornitore.
+- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
### Privacy
diff --git a/i18n/it/photo-management.md b/i18n/it/photo-management.md
index e018cd66..b3d97e5f 100644
--- a/i18n/it/photo-management.md
+++ b/i18n/it/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** è un servizio di backup delle foto crittografato end-to-end che supporta i backup automatici su iOS e Android. Il loro codice è completamente open source, sia dal lato del client che del server. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** è un servizio di backup delle foto crittografato end-to-end che supporta i backup automatici su iOS e Android. Il loro codice è completamente open source, sia dal lato del client che del server. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/it/tools.md b/i18n/it/tools.md
index bf91d55f..865c4598 100644
--- a/i18n/it/tools.md
+++ b/i18n/it/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/ja/basics/vpn-overview.md b/i18n/ja/basics/vpn-overview.md
index e7224e34..5ceacb37 100644
--- a/i18n/ja/basics/vpn-overview.md
+++ b/i18n/ja/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recently, some attempts have been made by various organizations to address some
Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
-MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Firstly, a server operated by Apple.
@@ -101,13 +103,13 @@ MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them
This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
-Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### 分散型VPN
Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
-もう一つ考慮すべきは、法的責任です。 The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
diff --git a/i18n/ja/desktop-browsers.md b/i18n/ja/desktop-browsers.md
index 92674541..b80cba49 100644
--- a/i18n/ja/desktop-browsers.md
+++ b/i18n/ja/desktop-browsers.md
@@ -318,15 +318,6 @@ Braveの[シールド](https://support.brave.com/hc/articles/360022973471-What-i
1. V8オプティマイザーを無効にすることでJavaScriptの実行時(JIT)コンパイルの[*一部*](https://grapheneos.social/@GrapheneOS/112708049232710156)を無効化し、アタックサーフェスを減らすことができます。
-
-
終了時のクリーンアップ
-
-- [x] *サイトとシールドの設定* → *コンテンツ* → *その他のコンテンツの設定* → *デバイス上のサイトデータ*から**すべてのウィンドウを閉じるときに、サイトによりデバイスに保存されたデータを削除する**を選択。
-
-よく見る特定のサイトのログインを維持したい場合、*動作のカスタマイズ*からサイトごとに例外を設定することができます。
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/ja/email.md b/i18n/ja/email.md
index 7a8a1f3f..33a432c9 100644
--- a/i18n/ja/email.md
+++ b/i18n/ja/email.md
@@ -317,7 +317,6 @@ Stalwartにはウェブメールが**ない**ため、[専用のEメールクラ
- ゼロアクセス暗号化によりEメールアカウントのデータを暗号化していること。
- [Mbox](https://en.wikipedia.org/wiki/Mbox)もしくは[RFC5322](https://datatracker.ietf.org/doc/rfc5322)に基づいた個別の.EMLファイルとしてエクスポートできること。
-- ユーザーの独自[ドメイン名](https://en.wikipedia.org/wiki/Domain_name)が利用できること。 プロバイダーが悪化したり、プライバシーを重視しない他の会社に買収されたりした場合に備えることができるため、カスタムドメイン名はユーザーにとって非常に重要である。
- 自社所有のインフラで運用されていること。第三者のEメールサービスプロバイダーによるサービス提供ではないこと。
**満たされることが望ましい基準:**
@@ -328,8 +327,9 @@ Stalwartにはウェブメールが**ない**ため、[専用のEメールクラ
- 外部ユーザー用の一時的なメールボックスがあること。 受信者に実際のメールのコピーを送るのではなく、暗号化されたメールを送る際に役立ちます。 通常の場合、一時的なメールボックスのメールには期限があり、自動的に削除されます。 また、受信者はOpenPGPのような暗号化を設定する必要がありません。
- [.onionサービス](https://en.wikipedia.org/wiki/.onion)経由でEメールプロバイダーのサービスが利用できること。
- [サブアドレス](https://en.wikipedia.org/wiki/Email_address#Sub-addressing)に対応していること。
-- 独自ドメインを利用した際、キャッチオール機能もしくはエイリアス機能があること。
-- IMAP、SMTPや[JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol)などの標準的なEメールプロトコルを使用していること。 標準的なプロトコルを採用していることで、他のプロバイダーへ変更する際にすべてのメールを簡単にダウンロードすることができます。
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). プロバイダーが悪化したり、プライバシーを重視しない他の会社に買収されたりした場合に備えることができるため、カスタムドメイン名はユーザーにとって非常に重要である。
+- Catch-all or alias functionality for those who use their own domains.
+- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
### プライバシー
diff --git a/i18n/ja/photo-management.md b/i18n/ja/photo-management.md
index 36892137..3833b2b9 100644
--- a/i18n/ja/photo-management.md
+++ b/i18n/ja/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/ja/tools.md b/i18n/ja/tools.md
index 9207e3e3..a966acbe 100644
--- a/i18n/ja/tools.md
+++ b/i18n/ja/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/ko/basics/vpn-overview.md b/i18n/ko/basics/vpn-overview.md
index 6f851849..e7cd09b9 100644
--- a/i18n/ko/basics/vpn-overview.md
+++ b/i18n/ko/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recently, some attempts have been made by various organizations to address some
Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
-MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Firstly, a server operated by Apple.
@@ -101,15 +103,15 @@ MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them
This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
-Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### Decentralized VPNs
Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
-Another consideration is legal liability. 출구 노드는 네트워크 오용으로 인한 법적 문제를 해결해야 하며, 이는 Tor 네트워크가 존재해온 내내 논란이 되어온 문제입니다. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
-많은 dVPN이 최고의 서비스를 제공하기보다는 암호화폐를 홍보하는 데 사용됩니다. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## VPN 관련 추가 정보
diff --git a/i18n/ko/desktop-browsers.md b/i18n/ko/desktop-browsers.md
index 7d8c6bd2..426b3edc 100644
--- a/i18n/ko/desktop-browsers.md
+++ b/i18n/ko/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave allows you to select additional content filters within the internal `brave
1. Disabling the V8 optimizer reduces your attack surface by disabling [*some*](https://grapheneos.social/@GrapheneOS/112708049232710156) parts of JavaScript Just-In-Time (JIT) compilation.
-
-
Sanitizing on close
-
-- [x] Select **Delete data sites have saved to your device when you close all windows** under *Sites and Shields Settings* → *Content* → *Additional content settings* → *On-device site data*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/ko/email.md b/i18n/ko/email.md
index ec9c3cf6..ac897d2d 100644
--- a/i18n/ko/email.md
+++ b/i18n/ko/email.md
@@ -317,7 +317,6 @@ Stalwart does **not** have an integrated webmail, so you will need to use it wit
- Zero Access Encryption을 통해 이메일 계정 데이터를 암호화해야 합니다.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- 사용자가 자신의 [도메인 이름](https://en.wikipedia.org/wiki/Domain_name)을 사용할 수 있어야 합니다. 사용자 지정 도메인 이름은 서비스가 부실해지거나 프라이버시 보호를 우선시하지 않는 다른 회사에 인수되는 경우에도 에이전시를 유지할 수 있도록 해주기 때문에 사용자에게 중요합니다.
- 자체 인프라에서 운영되어야 합니다. 다른 이메일 서비스 제공 업체의 인프라를 기반으로 만들어진 서비스여선 안 됩니다.
**우대 사항:**
@@ -328,8 +327,9 @@ Stalwart does **not** have an integrated webmail, so you will need to use it wit
- 외부 사용자를 위해 임시 메일함을 지원해야 합니다. 수신자에게 실제 사본을 보내지 않고 암호화된 이메일을 보내고자 할 때 유용합니다. 이러한 이메일은 보통 수명이 제한돼 있으며 이후 자동으로 삭제됩니다. 수신자가 OpenPGP 등의 암호화를 설정할 필요가 없습니다.
- [Onion 서비스](https://en.wikipedia.org/wiki/.onion)를 통해 이메일 서비스를 이용할 수 있어야 합니다.
- [하위 주소](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) 지원.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). 사용자 지정 도메인 이름은 서비스가 부실해지거나 프라이버시 보호를 우선시하지 않는 다른 회사에 인수되는 경우에도 에이전시를 유지할 수 있도록 해주기 때문에 사용자에게 중요합니다.
- Catch-all or alias functionality for those who use their own domains.
-- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). 표준 액세스 프로토콜을 사용함으로써, 사용자는 다른 서비스 제공 업체로 전환하고자 할 경우 모든 이메일을 쉽게 다운로드할 수 있습니다.
+- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
### 프라이버시
diff --git a/i18n/ko/photo-management.md b/i18n/ko/photo-management.md
index 1e39df3d..e764e60d 100644
--- a/i18n/ko/photo-management.md
+++ b/i18n/ko/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/ko/tools.md b/i18n/ko/tools.md
index 629de2d2..d4e617f7 100644
--- a/i18n/ko/tools.md
+++ b/i18n/ko/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/ku-IQ/basics/vpn-overview.md b/i18n/ku-IQ/basics/vpn-overview.md
index f927b4b7..9c8d00c6 100644
--- a/i18n/ku-IQ/basics/vpn-overview.md
+++ b/i18n/ku-IQ/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recently, some attempts have been made by various organizations to address some
Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
-MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Firstly, a server operated by Apple.
@@ -101,7 +103,7 @@ MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them
This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
-Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### Decentralized VPNs
diff --git a/i18n/ku-IQ/desktop-browsers.md b/i18n/ku-IQ/desktop-browsers.md
index c0b9ec01..4c6d58aa 100644
--- a/i18n/ku-IQ/desktop-browsers.md
+++ b/i18n/ku-IQ/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave allows you to select additional content filters within the internal `brave
1. Disabling the V8 optimizer reduces your attack surface by disabling [*some*](https://grapheneos.social/@GrapheneOS/112708049232710156) parts of JavaScript Just-In-Time (JIT) compilation.
-
-
Sanitizing on close
-
-- [x] Select **Delete data sites have saved to your device when you close all windows** under *Sites and Shields Settings* → *Content* → *Additional content settings* → *On-device site data*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/ku-IQ/email.md b/i18n/ku-IQ/email.md
index 074257d6..b4716b33 100644
--- a/i18n/ku-IQ/email.md
+++ b/i18n/ku-IQ/email.md
@@ -317,7 +317,6 @@ We regard these features as important in order to provide a safe and optimal ser
- Encrypts email account data at rest with zero-access encryption.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Operates on owned infrastructure, i.e. not built upon third-party email service providers.
**Best Case:**
@@ -328,6 +327,7 @@ We regard these features as important in order to provide a safe and optimal ser
- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
- Availability of the email provider's services via an [onion service](https://en.wikipedia.org/wiki/.onion).
- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Catch-all or alias functionality for those who use their own domains.
- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
diff --git a/i18n/ku-IQ/photo-management.md b/i18n/ku-IQ/photo-management.md
index d7447180..c6486221 100644
--- a/i18n/ku-IQ/photo-management.md
+++ b/i18n/ku-IQ/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/ku-IQ/tools.md b/i18n/ku-IQ/tools.md
index c0b81098..c2f37359 100644
--- a/i18n/ku-IQ/tools.md
+++ b/i18n/ku-IQ/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/nl/basics/vpn-overview.md b/i18n/nl/basics/vpn-overview.md
index 0d62aaf6..e80c2882 100644
--- a/i18n/nl/basics/vpn-overview.md
+++ b/i18n/nl/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recently, some attempts have been made by various organizations to address some
Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
-MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Firstly, a server operated by Apple.
@@ -101,7 +103,7 @@ MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them
This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
-Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### Decentralized VPNs
diff --git a/i18n/nl/desktop-browsers.md b/i18n/nl/desktop-browsers.md
index da8cd2d1..f178d043 100644
--- a/i18n/nl/desktop-browsers.md
+++ b/i18n/nl/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave allows you to select additional content filters within the internal `brave
1. Disabling the V8 optimizer reduces your attack surface by disabling [*some*](https://grapheneos.social/@GrapheneOS/112708049232710156) parts of JavaScript Just-In-Time (JIT) compilation.
-
-
Sanitizing on close
-
-- [x] Select **Delete data sites have saved to your device when you close all windows** under *Sites and Shields Settings* → *Content* → *Additional content settings* → *On-device site data*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/nl/email.md b/i18n/nl/email.md
index 967e69b9..2b114f39 100644
--- a/i18n/nl/email.md
+++ b/i18n/nl/email.md
@@ -317,7 +317,6 @@ Wij beschouwen deze kenmerken als belangrijk om een veilige en optimale dienst t
- Versleutelt e-mail accountgegevens in rust met zero-access encryptie.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Sta gebruikers toe hun eigen [domeinnaam te gebruiken](https://en.wikipedia.org/wiki/Domain_name). Aangepaste domeinnamen zijn belangrijk voor gebruikers omdat ze zo hun agentschap van de dienst kunnen behouden, mocht het slecht aflopen of overgenomen worden door een ander bedrijf dat privacy niet hoog in het vaandel heeft staan.
- Werkt op eigen infrastructuur, d.w.z. niet gebaseerd op e-mail service providers van derden.
**Beste geval:**
@@ -328,8 +327,9 @@ Wij beschouwen deze kenmerken als belangrijk om een veilige en optimale dienst t
- Ondersteuning voor een tijdelijke mailbox voor externe gebruikers. Dit is handig wanneer je een versleutelde e-mail wilt verzenden, zonder een echte kopie naar jouw ontvanger te sturen. Deze e-mails hebben meestal een beperkte levensduur en worden daarna automatisch verwijderd. Zij vereisen ook niet dat de ontvanger cryptografie configureert zoals OpenPGP.
- Beschikbaarheid van de diensten van de e-mailprovider via een [onion service](https://en.wikipedia.org/wiki/.onion).
- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Aangepaste domeinnamen zijn belangrijk voor gebruikers omdat ze zo hun agentschap van de dienst kunnen behouden, mocht het slecht aflopen of overgenomen worden door een ander bedrijf dat privacy niet hoog in het vaandel heeft staan.
- Catch-all or alias functionality for those who use their own domains.
-- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standaard toegangsprotocollen zorgen ervoor dat klanten al hun e-mail gemakkelijk kunnen downloaden, mochten zij naar een andere provider willen overstappen.
+- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
### Privacy
diff --git a/i18n/nl/photo-management.md b/i18n/nl/photo-management.md
index 3d08cefd..b8f170c4 100644
--- a/i18n/nl/photo-management.md
+++ b/i18n/nl/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/nl/tools.md b/i18n/nl/tools.md
index 07682b59..e1b02180 100644
--- a/i18n/nl/tools.md
+++ b/i18n/nl/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/pl/basics/vpn-overview.md b/i18n/pl/basics/vpn-overview.md
index b96cc2de..6361c59d 100644
--- a/i18n/pl/basics/vpn-overview.md
+++ b/i18n/pl/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recently, some attempts have been made by various organizations to address some
Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
-MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Firstly, a server operated by Apple.
@@ -101,7 +103,7 @@ MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them
This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
-Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### Decentralized VPNs
diff --git a/i18n/pl/desktop-browsers.md b/i18n/pl/desktop-browsers.md
index 4cc003f2..4dc348ce 100644
--- a/i18n/pl/desktop-browsers.md
+++ b/i18n/pl/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave allows you to select additional content filters within the internal `brave
1. Disabling the V8 optimizer reduces your attack surface by disabling [*some*](https://grapheneos.social/@GrapheneOS/112708049232710156) parts of JavaScript Just-In-Time (JIT) compilation.
-
-
Sanitizing on close
-
-- [x] Select **Delete data sites have saved to your device when you close all windows** under *Sites and Shields Settings* → *Content* → *Additional content settings* → *On-device site data*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/pl/email.md b/i18n/pl/email.md
index cd01a244..c4ccef3c 100644
--- a/i18n/pl/email.md
+++ b/i18n/pl/email.md
@@ -317,7 +317,6 @@ We regard these features as important in order to provide a safe and optimal ser
- Encrypts email account data at rest with zero-access encryption.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Operates on owned infrastructure, i.e. not built upon third-party email service providers.
**Best Case:**
@@ -328,6 +327,7 @@ We regard these features as important in order to provide a safe and optimal ser
- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
- Availability of the email provider's services via an [onion service](https://en.wikipedia.org/wiki/.onion).
- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Catch-all or alias functionality for those who use their own domains.
- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
diff --git a/i18n/pl/photo-management.md b/i18n/pl/photo-management.md
index 1078632e..ecf63b46 100644
--- a/i18n/pl/photo-management.md
+++ b/i18n/pl/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/pl/tools.md b/i18n/pl/tools.md
index 707fb6d0..b1527c03 100644
--- a/i18n/pl/tools.md
+++ b/i18n/pl/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/pt-BR/basics/vpn-overview.md b/i18n/pt-BR/basics/vpn-overview.md
index 7b228355..6e6924f3 100644
--- a/i18n/pt-BR/basics/vpn-overview.md
+++ b/i18n/pt-BR/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recentemente, várias organizações fizeram algumas tentativas para resolver al
Os MPRs (Multi-Party Relays) usam vários nós pertencentes a diferentes partes, de modo que nenhuma parte individual saiba quem você é e a que está se conectando. Essa é a ideia básica por trás do Tor, mas agora existem alguns serviços pagos que tentam emular esse modelo.
-As MPRs buscam resolver um problema inerente às VPNs: o fato de que você precisa confiar totalmente nelas. Eles atingem esse objetivo segmentando as responsabilidades entre duas ou mais empresas diferentes. Por exemplo, o iCloud+ Private Relay da Apple roteia seu tráfego por dois servidores:
+As MPRs buscam resolver um problema inerente às VPNs: o fato de que você precisa confiar totalmente nelas. Eles atingem esse objetivo segmentando as responsabilidades entre duas ou mais empresas diferentes.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Em primeiro lugar, um servidor operado pela Apple.
@@ -101,15 +103,15 @@ As MPRs buscam resolver um problema inerente às VPNs: o fato de que você preci
Esse servidor realmente faz a conexão com o site de destino, mas não tem conhecimento do seu dispositivo. O único endereço IP que ele conhece é o do servidor da Apple.
-Outros MPRs administrados por empresas diferentes, como o Google ou o INVISV, operam de maneira muito semelhante. Essa proteção por segmentação só existe se você confiar que às duas empresas não farão conluio entre si para anonimizar você.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### VPNs descentralizadas
-Outra tentativa de resolver os problemas com serviços de VPN centralizados são as dVPNs. Eles se baseiam na tecnologia “blockchain” e afirmam eliminar a confiança em uma única parte, distribuindo os nós entre várias pessoas diferentes. No entanto, muitas vezes uma dVPN terá como padrão um único nó, o que significa que você precisa confiar totalmente nesse nó, assim como em uma VPN tradicional. Diferentemente de uma VPN tradicional, esse único nó que pode ver todo o seu tráfego é uma pessoa aleatória, em vez de seu provedor de VPN, que pode ser auditado e tem responsabilidades legais para manter sua política de privacidade. Para solucionar esse problema, é necessário um salto múltiplo, mas isso tem um custo de estabilidade e desempenho.
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
-Outra consideração é a responsabilidade jurídica. O nó de saída precisará lidar com problemas legais decorrentes do uso indevido da rede, uma questão com a qual a rede Tor tem lutado durante toda a sua existência. Isso desencoraja as pessoas comuns de rodar nós e o torna mais atraente para um ator malicioso com muitos recursos para hospedar um. Esse é um grande problema se o serviço for de nó único, pois o nó de saída potencialmente mal-intencionado pode ver quem você é e a que está se conectando.
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
-Muitas dVPNs são usadas para promover uma criptomoeda em vez de oferecer o melhor serviço. Elas também tendem a ser redes menores, com menos nós, o que as torna mais vulneráveis a [ataques Sybil](https://en.wikipedia.org/wiki/Sybil_attack).
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Informações Relacionadas a VPN
diff --git a/i18n/pt-BR/desktop-browsers.md b/i18n/pt-BR/desktop-browsers.md
index f1ab917d..9fb9f173 100644
--- a/i18n/pt-BR/desktop-browsers.md
+++ b/i18n/pt-BR/desktop-browsers.md
@@ -322,15 +322,6 @@ O Brave permite que você selecione filtros de conteúdo adicionais na página i
1. A desativação do otimizador V8 reduz sua superfície de ataque ao desativar [*algumas*](https://grapheneos.social/@GrapheneOS/112708049232710156) partes da compilação Just-In-Time (JIT) do JavaScript.
-
-
Sanitarizando ao fechar
-
-— x] Selecione **Delete os dados que os sites salvaram no seu dispositivo ao fechar todas as janelas** em *Configurações de sites e Shields* → *Conteúdo* → *Configurações adicionais de conteúdo* → *dados de sites no dispositivo*.
-
-Se desejar permanecer conectado a um site específico que visita com frequência, é possível definir exceções por site na seção *Comportamentos personalizados*.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/pt-BR/email.md b/i18n/pt-BR/email.md
index 79ac72e5..2fd849a8 100644
--- a/i18n/pt-BR/email.md
+++ b/i18n/pt-BR/email.md
@@ -317,7 +317,6 @@ Consideramos esses recursos importantes para fornecer um serviço seguro e otimi
- Criptografa os dados da conta de e-mail em repouso com criptografia de acesso zero.
- Função "Exportar como" para os formatos [Mbox](https://en.wikipedia.org/wiki/Mbox) ou arquivos .eml individuais no padrão [RFC5322](https://datatracker.ietf.org/doc/rfc5322).
-- Permite que os usuários usem seu próprio [nome de domínio](https://en.wikipedia.org/wiki/Domain_name). Nomes de domínio personalizados são importantes para os usuários, porque lhes permite manter sua agência a partir do serviço. Deve piorar ou ser adquirido por outra empresa que não priorize a privacidade.
- Opera em uma infraestrutura própria, ou seja, não é baseada em provedores de serviços de e-mail de terceiros.
**Melhor Caso:**
@@ -328,8 +327,9 @@ Consideramos esses recursos importantes para fornecer um serviço seguro e otimi
- Suporte para uma caixa de correio temporária para usuários externos. Isso é útil quando você deseja enviar um e-mail criptografado sem enviar uma cópia real para o seu destinatário. Estes e-mails geralmente têm um tempo de vida limitado e depois são automaticamente excluídos. Eles também não exigem que o destinatário configure nenhuma criptografia, como o OpenPGP.
- Disponibilidade do site do provedor de serviços de e-mail em um [serviço onion](https://en.wikipedia.org/wiki/.onion).
- Suporte a [subendereçamento](https://en.wikipedia.org/wiki/Email_address#Sub-addressing).
-- Funcionalidade de alias ou catch-all para aqueles que usam seus próprios domínios.
-- Uso de protocolos padrão de acesso a e-mail, como IMAP, SMTP ou [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Os protocolos de acesso padrão garantem que os clientes possam baixar facilmente todos os seus e-mails, caso queiram mudar para outro provedor.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Nomes de domínio personalizados são importantes para os usuários, porque lhes permite manter sua agência a partir do serviço. Deve piorar ou ser adquirido por outra empresa que não priorize a privacidade.
+- Catch-all or alias functionality for those who use their own domains.
+- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
### Privacidade
diff --git a/i18n/pt-BR/photo-management.md b/i18n/pt-BR/photo-management.md
index 690f6677..e637060e 100644
--- a/i18n/pt-BR/photo-management.md
+++ b/i18n/pt-BR/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/pt-BR/tools.md b/i18n/pt-BR/tools.md
index 069dc6db..b64000f7 100644
--- a/i18n/pt-BR/tools.md
+++ b/i18n/pt-BR/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/pt/basics/vpn-overview.md b/i18n/pt/basics/vpn-overview.md
index f927b4b7..9c8d00c6 100644
--- a/i18n/pt/basics/vpn-overview.md
+++ b/i18n/pt/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recently, some attempts have been made by various organizations to address some
Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
-MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Firstly, a server operated by Apple.
@@ -101,7 +103,7 @@ MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them
This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
-Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### Decentralized VPNs
diff --git a/i18n/pt/desktop-browsers.md b/i18n/pt/desktop-browsers.md
index dcc5fefb..149cfd11 100644
--- a/i18n/pt/desktop-browsers.md
+++ b/i18n/pt/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave allows you to select additional content filters within the internal `brave
1. Disabling the V8 optimizer reduces your attack surface by disabling [*some*](https://grapheneos.social/@GrapheneOS/112708049232710156) parts of JavaScript Just-In-Time (JIT) compilation.
-
-
Sanitizing on close
-
-- [x] Select **Delete data sites have saved to your device when you close all windows** under *Sites and Shields Settings* → *Content* → *Additional content settings* → *On-device site data*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/pt/email.md b/i18n/pt/email.md
index 119b6868..224b567a 100644
--- a/i18n/pt/email.md
+++ b/i18n/pt/email.md
@@ -317,7 +317,6 @@ Consideramos que estas características são importantes para podermos prestar u
- Encriptação de todos os dados da conta de e-mail em estado de repouso, com encriptação de acesso zero.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Permitir que aos utilizadores configurar o seu próprio nome de domínio [](https://en.wikipedia.org/wiki/Domain_name). Os nomes de domínio personalizados são importantes para os utilizadores, porque lhes permitem manter a sua agência do serviço, caso este se torne mau ou seja adquirido por outra empresa que não dê prioridade à privacidade.
- Funciona com uma infraestrutura própria, isto é, não se baseia em fornecedores de serviços de e-mail de terceiros.
**Melhor caso:**
@@ -328,8 +327,9 @@ Consideramos que estas características são importantes para podermos prestar u
- Suporte para uma caixa de correio temporária para utilizadores externos. Isto é útil quando se pretende enviar uma mensagem de e-mail encriptada, sem enviar uma cópia real ao destinatário. Estas mensagens de e-mail têm normalmente um tempo de vida limitado e depois são automaticamente eliminadas. Também não requerem que o destinatário configure qualquer criptografia como o OpenPGP.
- Disponibilidade dos serviços do fornecedor de e-mail através de um serviço onion [](https://en.wikipedia.org/wiki/.onion).
- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Os nomes de domínio personalizados são importantes para os utilizadores, porque lhes permitem manter a sua agência do serviço, caso este se torne mau ou seja adquirido por outra empresa que não dê prioridade à privacidade.
- Catch-all or alias functionality for those who use their own domains.
-- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Os protocolos de acesso normalizados garantem que os clientes podem transferir facilmente todo o seu e-mail, caso pretendam mudar para outro fornecedor.
+- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
### Privacidade
diff --git a/i18n/pt/photo-management.md b/i18n/pt/photo-management.md
index 7d83c4e8..1af4bd4e 100644
--- a/i18n/pt/photo-management.md
+++ b/i18n/pt/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/pt/tools.md b/i18n/pt/tools.md
index 6993a6fd..3ace3f24 100644
--- a/i18n/pt/tools.md
+++ b/i18n/pt/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/ru/basics/vpn-overview.md b/i18n/ru/basics/vpn-overview.md
index a3615ada..8c043fcb 100644
--- a/i18n/ru/basics/vpn-overview.md
+++ b/i18n/ru/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recently, some attempts have been made by various organizations to address some
Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
-MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Firstly, a server operated by Apple.
@@ -101,7 +103,7 @@ MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them
This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
-Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### Decentralized VPNs
diff --git a/i18n/ru/desktop-browsers.md b/i18n/ru/desktop-browsers.md
index c33dec8a..04a0a536 100644
--- a/i18n/ru/desktop-browsers.md
+++ b/i18n/ru/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave allows you to select additional content filters within the internal `brave
1. Отключение оптимизатора V8 уменьшает площадь атаки за счет отключения [*некоторых*](https://grapheneos.social/@GrapheneOS/112708049232710156) частей компиляции JavaScript Just-In-Time (JIT).
-
-
Отчистка при закрытии
-
-- [x] Выберите **Удалять данные сайтов, сохранённые на устройстве, при закрытии всех окон** в *Настройки сайта и Shields* → *Контент* → *Дополнительные настройки контента* → *Данные сайтов, сохранённые на устройстве*.
-
-Если вы хотите оставаться залогиненным на сайте, который часто посещаете, вы можете настроить исключения для каждого ресурса, кликнув на значок щита в адресной строке.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/ru/email.md b/i18n/ru/email.md
index 2f948967..2920853d 100644
--- a/i18n/ru/email.md
+++ b/i18n/ru/email.md
@@ -317,7 +317,6 @@ Stalwart does **not** have an integrated webmail, so you will need to use it wit
- Шифрует данные аккаунта электронной почты в состоянии покоя с помощью шифрования с нулевым доступом.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Разрешает пользователям использовать собственное [доменное имя](https://en.wikipedia.org/wiki/Domain_name). Пользовательские доменные имена важны для пользователей, поскольку позволяют им сохранить свое агентство от сервиса, если он окажется плохим или будет приобретен другой компанией, которая не уделяет приоритетного внимания конфиденциальности.
- Работает на собственной инфраструктуре, т.е. не опирается на сторонних провайдеров электронной почты.
**В лучшем случае:**
@@ -328,8 +327,9 @@ Stalwart does **not** have an integrated webmail, so you will need to use it wit
- Поддержка временного почтового ящика для внешних пользователей. Это полезно, когда вы хотите отправить зашифрованное сообщение электронной почты, не отправляя фактическую копию получателю. Такие письма обычно имеют ограниченный срок действия, а затем автоматически удаляются. Они также не требуют от получателя настройки какой-либо криптографии, как OpenPGP.
- Доступность услуг провайдера электронной почты через [службу .onion](https://en.wikipedia.org/wiki/.onion).
- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Пользовательские доменные имена важны для пользователей, поскольку позволяют им сохранить свое агентство от сервиса, если он окажется плохим или будет приобретен другой компанией, которая не уделяет приоритетного внимания конфиденциальности.
- Catch-all or alias functionality for those who use their own domains.
-- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Стандартные протоколы доступа обеспечивают клиентам возможность легко скачать всю свою электронную почту, если они захотят перейти к другому провайдеру.
+- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
### Конфиденциальность
diff --git a/i18n/ru/photo-management.md b/i18n/ru/photo-management.md
index 8ef4c45e..9c9de4e5 100644
--- a/i18n/ru/photo-management.md
+++ b/i18n/ru/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/ru/tools.md b/i18n/ru/tools.md
index b3215dd5..69ebb17d 100644
--- a/i18n/ru/tools.md
+++ b/i18n/ru/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/sv/basics/vpn-overview.md b/i18n/sv/basics/vpn-overview.md
index 594ce67b..1ed75974 100644
--- a/i18n/sv/basics/vpn-overview.md
+++ b/i18n/sv/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recently, some attempts have been made by various organizations to address some
Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
-MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Firstly, a server operated by Apple.
@@ -101,7 +103,7 @@ MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them
This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
-Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### Decentralized VPNs
diff --git a/i18n/sv/desktop-browsers.md b/i18n/sv/desktop-browsers.md
index 86ef3d41..5a60fcfa 100644
--- a/i18n/sv/desktop-browsers.md
+++ b/i18n/sv/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave allows you to select additional content filters within the internal `brave
1. Disabling the V8 optimizer reduces your attack surface by disabling [*some*](https://grapheneos.social/@GrapheneOS/112708049232710156) parts of JavaScript Just-In-Time (JIT) compilation.
-
-
Sanitizing on close
-
-- [x] Select **Delete data sites have saved to your device when you close all windows** under *Sites and Shields Settings* → *Content* → *Additional content settings* → *On-device site data*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/sv/email.md b/i18n/sv/email.md
index 4c38816d..f1c7c33e 100644
--- a/i18n/sv/email.md
+++ b/i18n/sv/email.md
@@ -317,7 +317,6 @@ We regard these features as important in order to provide a safe and optimal ser
- Encrypts email account data at rest with zero-access encryption.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Operates on owned infrastructure, i.e. not built upon third-party email service providers.
**Best Case:**
@@ -328,6 +327,7 @@ We regard these features as important in order to provide a safe and optimal ser
- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
- Availability of the email provider's services via an [onion service](https://en.wikipedia.org/wiki/.onion).
- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Catch-all or alias functionality for those who use their own domains.
- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
diff --git a/i18n/sv/photo-management.md b/i18n/sv/photo-management.md
index bef92a47..45136e92 100644
--- a/i18n/sv/photo-management.md
+++ b/i18n/sv/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/sv/tools.md b/i18n/sv/tools.md
index 5f3fbac6..bf4835df 100644
--- a/i18n/sv/tools.md
+++ b/i18n/sv/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/tr/basics/vpn-overview.md b/i18n/tr/basics/vpn-overview.md
index 8174c515..892d12ba 100644
--- a/i18n/tr/basics/vpn-overview.md
+++ b/i18n/tr/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Son zamanlarda, merkezi VPN'lerin sahip olduğu bazı sorunları ele almak için
Çok Taraflı Aktarıcılar (MPR'ler) farklı taraflara ait birden fazla düğüm kullanır, böylece hiçbir taraf hem kim olduğunuzu hem de neye bağlandığınızı bilmez. Tor'un arkasındaki temel fikir budur, ancak şimdi bu modeli taklit etmeye çalışan bazı ücretli hizmetler var.
-MPR'ler VPN'lerin doğasında olan bir sorunu çözmeye çalışır: onlara tamamen güvenmeniz gerektiği gerçeği. Bu hedefe, sorumlulukları iki veya daha fazla farklı şirket arasında bölümlere ayırarak ulaşırlar. Örneğin, Apple'ın iCloud+ Özel Aktarımı trafiğinizi iki sunucu üzerinden yönlendirir:
+MPR'ler VPN'lerin doğasında olan bir sorunu çözmeye çalışır: onlara tamamen güvenmeniz gerektiği gerçeği. Bu hedefe, sorumlulukları iki veya daha fazla farklı şirket arasında bölümlere ayırarak ulaşırlar.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. İlk olarak, Apple tarafından işletilen bir sunucu.
@@ -101,15 +103,15 @@ MPR'ler VPN'lerin doğasında olan bir sorunu çözmeye çalışır: onlara tama
Bu sunucu aslında hedef web sitenize bağlantıyı yapar, ancak cihazınız hakkında hiçbir bilgisi yoktur. Bildiği tek IP adresi Apple'ın sunucusudur.
-Google veya INVISV gibi farklı şirketler tarafından işletilen diğer MPR'ler de benzer şekilde çalışmaktadır. Segmentasyon yoluyla sağlanan bu koruma, yalnızca iki şirketin sizi anonimleştirmek için birbirleriyle işbirliği yapmayacaklarına güveniyorsanız mevcuttur.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### Merkezi Olmayan VPN'ler
-Merkezi VPN hizmetleriyle ilgili sorunları çözmeye yönelik bir başka girişim de dVPN'lerdir. Bunlar blok zinciri teknolojisine dayanır ve düğümleri birçok farklı kişiye dağıtarak tek bir tarafa olan güveni ortadan kaldırdığını iddia eder. Ancak, çoğu zaman bir dVPN varsayılan olarak tek bir düğüm kullanır, bu da tıpkı geleneksel VPN'lerde olduğu gibi bu düğüme tamamen güvenmeniz gerektiği anlamına gelir. Geleneksel bir VPN'den farklı olarak, tüm trafiğinizi görebilen bu tek düğüm, denetlenebilen ve gizlilik politikalarını sürdürmek için yasal sorumlulukları olan VPN sağlayıcınız yerine rastgele bir kişidir. Bunu çözmek için çoklu atlama gereklidir, ancak bu bir kararlılık ve performans maliyeti ile birlikte gelir.
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
-Bir diğer husus ise yasal sorumluluktur. Çıkış düğümünün, Tor ağının tüm varlığı boyunca mücadele ettiği bir konu olan, ağın kötüye kullanımından kaynaklanan yasal sorunlarla başa çıkması gerekecektir. Bu, sıradan insanları düğüm çalıştırmaktan caydırır ve çok fazla kaynağa sahip kötü niyetli bir aktör için düğüm barındırmayı daha cazip hale getirir. Hizmet tek düğümlü ise bu büyük bir sorundur, çünkü potansiyel olarak kötü niyetli çıkış düğümü kim olduğunuzu ve neye bağlandığınızı görebilir.
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
-Birçok dVPN, en iyi hizmeti vermekten ziyade bir kripto para birimini zorlamak için kullanılır. Ayrıca daha az düğüme sahip daha küçük ağlar olma eğilimindedirler, bu da onları [Sybil saldırılarına](https://en.wikipedia.org/wiki/Sybil_attack) karşı daha savunmasız hale getirir.
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## İlgili VPN Bilgileri
diff --git a/i18n/tr/desktop-browsers.md b/i18n/tr/desktop-browsers.md
index 3d1cc6b0..b9444bb6 100644
--- a/i18n/tr/desktop-browsers.md
+++ b/i18n/tr/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave allows you to select additional content filters within the internal `brave
1. Disabling the V8 optimizer reduces your attack surface by disabling [*some*](https://grapheneos.social/@GrapheneOS/112708049232710156) parts of JavaScript Just-In-Time (JIT) compilation.
-
-
Sanitizing on close
-
-- [x] Select **Delete data sites have saved to your device when you close all windows** under *Sites and Shields Settings* → *Content* → *Additional content settings* → *On-device site data*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/tr/email.md b/i18n/tr/email.md
index 07bece3c..98f8b82a 100644
--- a/i18n/tr/email.md
+++ b/i18n/tr/email.md
@@ -317,7 +317,6 @@ We regard these features as important in order to provide a safe and optimal ser
- Encrypts email account data at rest with zero-access encryption.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Operates on owned infrastructure, i.e. not built upon third-party email service providers.
**Best Case:**
@@ -328,6 +327,7 @@ We regard these features as important in order to provide a safe and optimal ser
- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
- Availability of the email provider's services via an [onion service](https://en.wikipedia.org/wiki/.onion).
- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Catch-all or alias functionality for those who use their own domains.
- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
diff --git a/i18n/tr/photo-management.md b/i18n/tr/photo-management.md
index a170739b..853db6ef 100644
--- a/i18n/tr/photo-management.md
+++ b/i18n/tr/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/tr/tools.md b/i18n/tr/tools.md
index a08ba3f5..c8fa112f 100644
--- a/i18n/tr/tools.md
+++ b/i18n/tr/tools.md
@@ -667,14 +667,15 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
-- { .twemoji loading=lazy } [Qubes OS (Xen VM Dağıtımı)](desktop.md#qubes-os)
-- { .twemoji loading=lazy } [Fedora Workstation](desktop.md#fedora-workstation)
-- { .twemoji loading=lazy } [openSUSE Tumbleweed](desktop.md#opensuse-tumbleweed)
-- { .twemoji loading=lazy } [Arch Linux](desktop.md#arch-linux)
-- { .twemoji loading=lazy } [Fedora Atomic Desktops](desktop.md#fedora-atomic-desktops)
+- { .twemoji loading=lazy } [Qubes OS (Xen VM Distribution)](desktop.md#qubes-os)
+- { .twemoji loading=lazy } [Fedora Workstation](desktop.md#fedora-workstation)
+- { .twemoji loading=lazy } [openSUSE Tumbleweed](desktop.md#opensuse-tumbleweed)
+- { .twemoji loading=lazy } [Arch Linux](desktop.md#arch-linux)
+- { .twemoji loading=lazy } [Fedora Atomic Desktops](desktop.md#fedora-atomic-desktops)
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
-- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/uk/basics/vpn-overview.md b/i18n/uk/basics/vpn-overview.md
index f927b4b7..9c8d00c6 100644
--- a/i18n/uk/basics/vpn-overview.md
+++ b/i18n/uk/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recently, some attempts have been made by various organizations to address some
Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
-MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Firstly, a server operated by Apple.
@@ -101,7 +103,7 @@ MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them
This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
-Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### Decentralized VPNs
diff --git a/i18n/uk/desktop-browsers.md b/i18n/uk/desktop-browsers.md
index 23bfff4f..26538f43 100644
--- a/i18n/uk/desktop-browsers.md
+++ b/i18n/uk/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave allows you to select additional content filters within the internal `brave
1. Disabling the V8 optimizer reduces your attack surface by disabling [*some*](https://grapheneos.social/@GrapheneOS/112708049232710156) parts of JavaScript Just-In-Time (JIT) compilation.
-
-
Sanitizing on close
-
-- [x] Select **Delete data sites have saved to your device when you close all windows** under *Sites and Shields Settings* → *Content* → *Additional content settings* → *On-device site data*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/uk/email.md b/i18n/uk/email.md
index ed671a6d..b8ebfd35 100644
--- a/i18n/uk/email.md
+++ b/i18n/uk/email.md
@@ -317,7 +317,6 @@ We regard these features as important in order to provide a safe and optimal ser
- Encrypts email account data at rest with zero-access encryption.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Operates on owned infrastructure, i.e. not built upon third-party email service providers.
**Best Case:**
@@ -328,6 +327,7 @@ We regard these features as important in order to provide a safe and optimal ser
- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
- Availability of the email provider's services via an [onion service](https://en.wikipedia.org/wiki/.onion).
- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Catch-all or alias functionality for those who use their own domains.
- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
diff --git a/i18n/uk/photo-management.md b/i18n/uk/photo-management.md
index d7447180..c6486221 100644
--- a/i18n/uk/photo-management.md
+++ b/i18n/uk/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/uk/tools.md b/i18n/uk/tools.md
index 5105a787..962cd8bc 100644
--- a/i18n/uk/tools.md
+++ b/i18n/uk/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/vi/basics/vpn-overview.md b/i18n/vi/basics/vpn-overview.md
index f927b4b7..9c8d00c6 100644
--- a/i18n/vi/basics/vpn-overview.md
+++ b/i18n/vi/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recently, some attempts have been made by various organizations to address some
Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
-MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Firstly, a server operated by Apple.
@@ -101,7 +103,7 @@ MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them
This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
-Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### Decentralized VPNs
diff --git a/i18n/vi/desktop-browsers.md b/i18n/vi/desktop-browsers.md
index e5df9ad6..880a5cca 100644
--- a/i18n/vi/desktop-browsers.md
+++ b/i18n/vi/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave allows you to select additional content filters within the internal `brave
1. Disabling the V8 optimizer reduces your attack surface by disabling [*some*](https://grapheneos.social/@GrapheneOS/112708049232710156) parts of JavaScript Just-In-Time (JIT) compilation.
-
-
Sanitizing on close
-
-- [x] Select **Delete data sites have saved to your device when you close all windows** under *Sites and Shields Settings* → *Content* → *Additional content settings* → *On-device site data*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/vi/email.md b/i18n/vi/email.md
index 26436513..604c8546 100644
--- a/i18n/vi/email.md
+++ b/i18n/vi/email.md
@@ -317,7 +317,6 @@ We regard these features as important in order to provide a safe and optimal ser
- Encrypts email account data at rest with zero-access encryption.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Operates on owned infrastructure, i.e. not built upon third-party email service providers.
**Best Case:**
@@ -328,6 +327,7 @@ We regard these features as important in order to provide a safe and optimal ser
- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
- Availability of the email provider's services via an [onion service](https://en.wikipedia.org/wiki/.onion).
- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Catch-all or alias functionality for those who use their own domains.
- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
diff --git a/i18n/vi/photo-management.md b/i18n/vi/photo-management.md
index 85083e35..d8234450 100644
--- a/i18n/vi/photo-management.md
+++ b/i18n/vi/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/vi/tools.md b/i18n/vi/tools.md
index 92c20720..8432dacd 100644
--- a/i18n/vi/tools.md
+++ b/i18n/vi/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/zh-Hant/basics/vpn-overview.md b/i18n/zh-Hant/basics/vpn-overview.md
index 4c9fea01..5bc74ff8 100644
--- a/i18n/zh-Hant/basics/vpn-overview.md
+++ b/i18n/zh-Hant/basics/vpn-overview.md
@@ -91,7 +91,9 @@ It's important to remember that a VPN will not provide you with absolute anonymi
多方中繼 (MPR) 使用不同方的多個節點,這樣任何一方都不知道您是誰以及連接到什麼。 這是 Tor 背後的基本思想,現在有一些付費服務試圖模仿這種模式。
-MPR 試圖解決 VPN 固有的問題:用戶必須完全信任它們。 他們透過劃分兩個或多個不同公司間的責任來實現此目標。 例如,Apple 的 iCloud+ Private Relay 透過兩個伺服器路由流量:
+MPR 試圖解決 VPN 固有的問題:用戶必須完全信任它們。 他們透過劃分兩個或多個不同公司間的責任來實現此目標。
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. 首先是 Apple 營運的伺服器。
@@ -101,15 +103,15 @@ MPR 試圖解決 VPN 固有的問題:用戶必須完全信任它們。 他們
該伺服器實際上會連接到您的目標網站,但不知道您的裝置。 它知道的唯一 IP 位址是 Apple 伺服器 IP 位址。
-其他由 Google 或 INVISV 等公司經營的 MPR 運作也非常相似。 只有當相信這兩家公司不會串通對用戶進行去匿名化時,這種分段保護才存在。
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### 去中心化 VPN
-解決集中式 VPN 問題的另一個嘗試是 dVPN。 它們基於區塊鏈技術,聲稱透過將節點分佈在許多不同的人身上來消除對單一方的信任。 然而,很多時候 dVPN 預設為單一節點,這意味著需要完全信任該節點,就像傳統 VPN 一樣。 與傳統的 VPN 不同,這個可看到您所有流量的節點是隨機的而不是 VPN 提供者,後者可以被審核且承擔維護其隱私權政策的法律責任。 需要多跳來解決這個問題,但會帶來穩定性和效能成本問題。
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
-另一個考慮因素是法律責任。 出口節點需要處理網路濫用帶來的法律問題,這是 Tor 網路自誕生以來一直在處理的問題。 這會阻止一般人運行節點,並使擁有大量資源來託管節點的惡意行為者更具吸引力。 如果服務是單節點的,將是個大問題,因為潛在的惡意出口節點可以看到您是誰以及正在連接到什麼。
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
-許多 dVPN 被用在推送加密貨幣,而不是提供最好的服務。 它們往往是節點少的小型網路,更容易受到[女巫攻擊](https://en.wikipedia.org/wiki/Sybil_attack)。
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## VPN 相關資訊
diff --git a/i18n/zh-Hant/desktop-browsers.md b/i18n/zh-Hant/desktop-browsers.md
index 8aeeb805..e82bb317 100644
--- a/i18n/zh-Hant/desktop-browsers.md
+++ b/i18n/zh-Hant/desktop-browsers.md
@@ -318,15 +318,6 @@ Brave 允許您在內部網頁 brave://settings/shields/filters 內選擇額外
1. 停用 V8 最佳化工具可減少您的攻擊面。 停用[*部分*](https://grapheneos.social/@GrapheneOS/112708049232710156) JavaScript 即時 (JIT) 編譯的某些部分,從而降低您的攻擊面。
-
-
離開時清除資料
-
-- [x] 在*網站與 Shields 設定* → *內容* → *其他內容設定* → *網站在裝置端的資料* 底下選擇**在所有視窗關閉後刪除網站儲存到裝置的資料**。
-
-如果希望在經常造訪的特定網站上保持登入,可在 *自訂設定* 部分下針對各個網站設定例外。
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
雖然我們 [建議](os/linux-overview.md#release-cycle) 在大多數情況下不要將 Debian 等「永遠過時」的發行版用於桌上型電腦,但 Kicksecure 是一個以 Debian 為基礎的作業系統,它已添加遠超過一般 Linux 安裝的安全加固。
diff --git a/i18n/zh-Hant/email.md b/i18n/zh-Hant/email.md
index 2f2f443a..ca87b2cb 100644
--- a/i18n/zh-Hant/email.md
+++ b/i18n/zh-Hant/email.md
@@ -317,7 +317,6 @@ Stalwart does **not** have an integrated webmail, so you will need to use it wit
- 使用零存取加密技術全程加密電子郵件帳戶資料。
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- 允許使用者使用自己的[網域名稱](https://en.wikipedia.org/wiki/Domain_name)。 自定網域名稱對用戶來說很重要,因為它允許用戶在使用服務時仍維持持自我代理,以防服務變差或被另一家不優先考慮隱私的公司收購。
- 在自有基礎設施上運作,即不建立在第三方電子郵件服務提供商之上。
**最佳案例:**
@@ -328,8 +327,9 @@ Stalwart does **not** have an integrated webmail, so you will need to use it wit
- 支援外部使用者的臨時信箱。 當您想要發送加密的電子郵件時,這非常有用,而無需將實際副本發送給您的收件人。 這些電子郵件通常具有限定時效,之後會被自動刪除。 它們也不需要收件人配置任何像OpenPGP這樣的加密技術。
- 可提供 [onion 服務](https://en.wikipedia.org/wiki/.onion)的電子郵件服務供應商。
- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
-- 為擁有自己網域的用戶提供通用位址或別名功能。
-- 使用標準的電子郵件存取通訊協定,例如 IMAP、SMTP 或 [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol)。 標準存取通訊協定可確保客戶在轉換其他供應商時,能輕鬆下載所有電子郵件。
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). 自定網域名稱對用戶來說很重要,因為它允許用戶在使用服務時仍維持持自我代理,以防服務變差或被另一家不優先考慮隱私的公司收購。
+- Catch-all or alias functionality for those who use their own domains.
+- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
### 隱私
diff --git a/i18n/zh-Hant/photo-management.md b/i18n/zh-Hant/photo-management.md
index 21582512..6f473e29 100644
--- a/i18n/zh-Hant/photo-management.md
+++ b/i18n/zh-Hant/photo-management.md
@@ -19,7 +19,7 @@ cover: photo-management.webp
{ align=right }
{ align=right }
-**Ente Photos**提供端對端加密照片備份服務,支援 iOS 和 Android 的自動備份。 其客戶端和伺服器端的程式碼都完全開源。 它也可 [自行託管](https://github.com/ente-io/ente/tree/main/server#self-hosting)。 The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos**提供端對端加密照片備份服務,支援 iOS 和 Android 的自動備份。 其客戶端和伺服器端的程式碼都完全開源。 它也可 [自行託管](https://github.com/ente-io/ente/tree/main/server#self-hosting)。 The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: 首頁](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="隱私權政策" }
diff --git a/i18n/zh-Hant/tools.md b/i18n/zh-Hant/tools.md
index 5909ae74..6dd64b00 100644
--- a/i18n/zh-Hant/tools.md
+++ b/i18n/zh-Hant/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)
diff --git a/i18n/zh/basics/vpn-overview.md b/i18n/zh/basics/vpn-overview.md
index 1dae47f4..d7371b0d 100644
--- a/i18n/zh/basics/vpn-overview.md
+++ b/i18n/zh/basics/vpn-overview.md
@@ -91,7 +91,9 @@ Recently, some attempts have been made by various organizations to address some
Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
-MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies.
+
+One example of a commercially available MPR is Apple's iCloud+ Private Relay, which routes your traffic through two servers:
1. Firstly, a server operated by Apple.
@@ -101,7 +103,7 @@ MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them
This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
-Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+Other MPRs run by different companies operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
### Decentralized VPNs
diff --git a/i18n/zh/desktop-browsers.md b/i18n/zh/desktop-browsers.md
index aa1a19c5..8ae5a757 100644
--- a/i18n/zh/desktop-browsers.md
+++ b/i18n/zh/desktop-browsers.md
@@ -337,14 +337,7 @@ Brave allows you to select additional content filters within the internal `brave
1. Disabling the V8 optimizer reduces your attack surface by disabling [*some*](https://grapheneos.social/@GrapheneOS/112708049232710156) parts of JavaScript Just-In-Time (JIT) compilation.
-
-
Sanitizing on close
-- [x] Select **Delete data sites have saved to your device when you close all windows** under *Sites and Shields Settings* → *Content* → *Additional content settings* → *On-device site data*.
-
-If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
-
-
+
+{ align=right }
+
+**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
+
+[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
+[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
+
+
+
+**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
+
+Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
+
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
diff --git a/i18n/zh/email.md b/i18n/zh/email.md
index 5d64919c..8f241ff0 100644
--- a/i18n/zh/email.md
+++ b/i18n/zh/email.md
@@ -317,7 +317,6 @@ We regard these features as important in order to provide a safe and optimal ser
- Encrypts email account data at rest with zero-access encryption.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Operates on owned infrastructure, i.e. not built upon third-party email service providers.
**Best Case:**
@@ -328,6 +327,7 @@ We regard these features as important in order to provide a safe and optimal ser
- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
- Availability of the email provider's services via an [onion service](https://en.wikipedia.org/wiki/.onion).
- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
+- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Catch-all or alias functionality for those who use their own domains.
- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
diff --git a/i18n/zh/photo-management.md b/i18n/zh/photo-management.md
index 417eb5c9..434df8dc 100644
--- a/i18n/zh/photo-management.md
+++ b/i18n/zh/photo-management.md
@@ -19,7 +19,7 @@ Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon
{ align=right }
{ align=right }
-**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 5 GB of storage as long as you use the service at least once a year.
+**Ente Photos** is an end-to-end encrypted photo backup service which supports automatic backups on iOS and Android. Their code is fully open-source, both on the client side and on the server side. It is also [self-hostable](https://github.com/ente-io/ente/tree/main/server#self-hosting). The free plan offers 10 GB of storage as long as you use the service at least once a year.
[:octicons-home-16: Homepage](https://ente.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
diff --git a/i18n/zh/tools.md b/i18n/zh/tools.md
index 65f6194c..a85d97a0 100644
--- a/i18n/zh/tools.md
+++ b/i18n/zh/tools.md
@@ -679,6 +679,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
- { .twemoji loading=lazy } [NixOS](desktop.md#nixos)
- { .twemoji loading=lazy } [Whonix (Tor)](desktop.md#whonix)
- { .twemoji loading=lazy } [Tails (Live Boot)](desktop.md#tails)
+- { .twemoji loading=lazy } [Secureblue](desktop.md#secureblue)
- { .twemoji loading=lazy } [Kicksecure](desktop.md#kicksecure)