privacyguides/i18n
1
0
Fork 0
mirror of https://github.com/privacyguides/i18n.git synced 2025-08-27 16:39:16 +00:00
Code Activity

New Crowdin translations by GitHub Action

Browse Source
This commit is contained in:
Crowdin Bot
2024-03-30 10:31:18 +00:00
parent a39473ad5b
commit 2815fc952b
58 changed files with 4523 additions and 2069 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
i18n/id/advanced/dns-overview.md
View File

@@ -82,6 +82,24 @@ DNS terenkripsi dapat merujuk pada salah satu dari sejumlah protokol, yang palin
Native implementation of DoH showed up in iOS 14, macOS 11, Microsoft Windows, and Android 13 (however, it won't be enabled [by default](https://android-review.googlesource.com/c/platform/packages/modules/DnsResolver/+/1833144)). General Linux desktop support is waiting on the systemd [implementation](https://github.com/systemd/systemd/issues/8639) so [installing third-party software is still required](../dns.md#encrypted-dns-proxies).
### Dukungan Sistem Operasi
#### Android
Android 9 ke atas mendukung DNS melalui TLS. Pengaturan dapat ditemukan di: **Pengaturan** → **Jaringan & Internet** → **DNS Pribadi**.
#### Perangkat Apple
Versi terbaru iOS, iPadOS, tvOS, dan macOS, mendukung DoT dan DoH. Kedua protokol didukung secara default melalui [profil konfigurasi](https://support.apple.com/guide/security/configuration-profile-enforcement-secf6fb9f053/web) atau melalui [API Pengaturan DNS](https://developer.apple.com/documentation/networkextension/dns_settings).
Setelah pemasangan profil konfigurasi atau aplikasi yang menggunakan API Pengaturan DNS, konfigurasi DNS dapat dipilih. Jika VPN aktif, pengaturan DNS dalam VPN akan digunakan untuk menentukan resolusi, bukan pengaturan DNS sistem Anda secara keseluruhan.
Apple tidak menyediakan antarmuka asli untuk membuat profil DNS terenkripsi. [Pembuat profil DNS aman](https://dns.notjakob.com/tool.html) adalah alat tidak resmi untuk membuat profil DNS terenkripsi Anda sendiri, namun profil tersebut tidak akan ditandatangani. Profil yang ditandatangani lebih disukai; penandatanganan memvalidasi asal profil dan membantu memastikan integritas profil. Label "Terverifikasi" berwarna hijau diberikan pada profil konfigurasi yang telah ditandatangani. Untuk informasi lebih lanjut tentang penandatanganan kode, lihat [Tentang Penandatanganan Kode](https://developer.apple.com/library/archive/documentation/Security/Conceptual/CodeSigningGuide/Introduction/Introduction.html).
#### Linux
`systemd-resolved`, which many Linux distributions use to do their DNS lookups, doesn't yet [support DoH](https://github.com/systemd/systemd/issues/8639). If you want to use DoH, you'll need to install a proxy like [dnscrypt-proxy](https://github.com/DNSCrypt/dnscrypt-proxy) and [configure it](https://wiki.archlinux.org/title/Dnscrypt-proxy) to take all the DNS queries from your system resolver and forward them over HTTPS.
## What can an outside party see?
In this example we will record what happens when we make a DoH request:
@@ -318,4 +336,27 @@ The [EDNS Client Subnet](https://en.wikipedia.org/wiki/EDNS_Client_Subnet) is a
It's intended to "speed up" delivery of data by giving the client an answer that belongs to a server that is close to them such as a [content delivery network](https://en.wikipedia.org/wiki/Content_delivery_network), which are often used in video streaming and serving JavaScript web apps.
This feature does come at a privacy cost, as it tells the DNS server some information about the client's location.
This feature does come at a privacy cost, as it tells the DNS server some information about the client's location, generally your IP network. For example, if your IP address is `198.51.100.32` the DNS provider might share `198.51.100.0/24` with the authoritative server. Some DNS providers anonymize this data by providing another IP address which is approximately near your location.
If you have `dig` installed you can test whether your DNS provider gives EDNS information out to DNS nameservers with the following command:
```bash
dig +nocmd -t txt o-o.myaddr.l.google.com +nocomments +noall +answer +stats
```
Note that this command will contact Google for the test, and return your IP as well as EDNS client subnet information. If you want to test another DNS resolver you can specify their IP, to test `9.9.9.11` for example:
```bash
dig +nocmd @9.9.9.11 -t txt o-o.myaddr.l.google.com +nocomments +noall +answer +stats
```
If the results include a second edns0-client-subnet TXT record (like shown below), then your DNS server is passing along EDNS information. The IP or network shown after is the precise information which was shared with Google by your DNS provider.
```text
o-o.myaddr.l.google.com. 60 IN TXT "198.51.100.32"
o-o.myaddr.l.google.com. 60 IN TXT "edns0-client-subnet 198.51.100.0/24"
;; Query time: 64 msec
;; SERVER: 9.9.9.11#53(9.9.9.11)
;; WHEN: Wed Mar 13 10:23:08 CDT 2024
;; MSG SIZE rcvd: 130
```