diff --git a/i18n/ja/android/general-apps.md b/i18n/ja/android/general-apps.md index c0f53a13..bce6b57f 100644 --- a/i18n/ja/android/general-apps.md +++ b/i18n/ja/android/general-apps.md @@ -49,7 +49,7 @@ Shelter supports blocking contact search cross profiles and sharing files across
-

Warning

+

注意

When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile. diff --git a/i18n/ja/basics/hardware.md b/i18n/ja/basics/hardware.md index 4786d207..73dce539 100644 --- a/i18n/ja/basics/hardware.md +++ b/i18n/ja/basics/hardware.md @@ -53,7 +53,7 @@ Biometrics can prevent someone from watching you type in your password, so if sh Most implementations of face authentication require you to be looking at your phone and also only work from a relatively close distance, so you don't need to worry too much about someone pointing your phone at your face to unlock it without your consent. You can still disable biometrics when your phone is locked if you want. On iOS, you can hold the side button and a volume button for 3 seconds to disable Face ID on models that support it. On Android, hold the power button and press Lockdown on the menu.
-

Warning

+

注意

Some devices do not have the proper hardware for secure face authentication. There are two main types of face authentication: 2D and 3D. 3D face authentication makes use of a dot projector that lets the device create a 3D depth map of your face. Make sure that your device has this capability. @@ -82,7 +82,7 @@ Hardware keys are devices that use strong cryptography to authenticate you to a If you don't want to trust your OS's permission controls to prevent the camera from activating in the first place, you can buy camera blockers that physically prevent light from reaching the camera. You could also buy a device that doesn't have a built-in camera and use an external camera that you can unplug whenever you're done using it. Some devices come with built-in camera blockers or hardware switches that physically disconnect the camera from power.
-

Warning

+

注意

You should only buy covers that fit your laptop and won't cause damage when you close the lid. Covering the camera will interfere with automatic brightness and face authentication features. diff --git a/i18n/ja/basics/multi-factor-authentication.md b/i18n/ja/basics/multi-factor-authentication.md index 6cc1a795..ec3790e0 100644 --- a/i18n/ja/basics/multi-factor-authentication.md +++ b/i18n/ja/basics/multi-factor-authentication.md @@ -135,7 +135,7 @@ The command will prevent an adversary from bypassing MFA when the computer boots ### Linux
-

Warning

+

注意

If the hostname of your system changes (such as due to DHCP), you would be unable to login. It is vital that you set up a proper hostname for your computer before following this guide. diff --git a/i18n/ja/data-redaction.md b/i18n/ja/data-redaction.md index 2f184464..f599690a 100644 --- a/i18n/ja/data-redaction.md +++ b/i18n/ja/data-redaction.md @@ -13,7 +13,7 @@ cover: data-redaction.webp When sharing files, be sure to remove associated metadata. Image files commonly include [Exif](https://en.wikipedia.org/wiki/Exif) data. Photos sometimes even include GPS coordinates in the file metadata.
-

Warning

+

注意

You should **never** use blur to redact [text in images](https://bishopfox.com/blog/unredacter-tool-never-pixelation). If you want to redact text in an image, you should draw a box over the text. diff --git a/i18n/ja/desktop.md b/i18n/ja/desktop.md index 918324d3..5a27faf7 100644 --- a/i18n/ja/desktop.md +++ b/i18n/ja/desktop.md @@ -173,7 +173,7 @@ Whonix is best used [in conjunction with Qubes](https://whonix.org/wiki/Qubes/Wh
-

Warning

+

注意

Tails [doesn't erase](https://gitlab.tails.boum.org/tails/tails/-/issues/5356) the [video memory](https://en.wikipedia.org/wiki/Dual-ported_video_RAM) when shutting down. When you restart your computer after using Tails, it might briefly display the last screen that was displayed in Tails. If you shut down your computer instead of restarting it, the video memory will erase itself automatically after being unpowered for some time. diff --git a/i18n/ja/device-integrity.md b/i18n/ja/device-integrity.md index fe312d03..1bef5f93 100644 --- a/i18n/ja/device-integrity.md +++ b/i18n/ja/device-integrity.md @@ -87,7 +87,7 @@ These tools can trigger false-positives. If any of these tools finds indicators
-

Warning

+

注意

Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. @@ -141,7 +141,7 @@ iMazing automates and interactively guides you through the process of using [MVT These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
-

Warning

+

注意

Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. diff --git a/i18n/ja/dns.md b/i18n/ja/dns.md index e82eaaa8..85565bf1 100644 --- a/i18n/ja/dns.md +++ b/i18n/ja/dns.md @@ -191,7 +191,7 @@ While RethinkDNS takes up the Android VPN slot, you can still use a VPN or Orbot
-

Warning

+

注意

The anonymized DNS feature does [not](advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns) anonymize other network traffic. diff --git a/i18n/ja/email-clients.md b/i18n/ja/email-clients.md index d8378e45..6d5f7c67 100644 --- a/i18n/ja/email-clients.md +++ b/i18n/ja/email-clients.md @@ -53,7 +53,7 @@ OpenPGP also does not support [forward secrecy](https://en.wikipedia.org/wiki/Fo
-

Warning

+

注意

When replying to someone on a mailing list in Thunderbird Mobile, the "reply" option may also include the mailing list. For more information see [thunderbird/thunderbird-android #3738](https://github.com/thunderbird/thunderbird-android/issues/3738). @@ -136,7 +136,7 @@ Apple Mail has the ability to load remote content in the background or block it
-Warning +注意 Canary Mail only recently released a Windows and Android client, though we don't believe they are as stable as their iOS and Mac counterparts. diff --git a/i18n/ja/email.md b/i18n/ja/email.md index d712b43c..de90be26 100644 --- a/i18n/ja/email.md +++ b/i18n/ja/email.md @@ -34,7 +34,7 @@ global: ## OpenPGP対応サービス -These providers natively support OpenPGP encryption/decryption and the [Web Key Directory standard](basics/email-security.md#what-is-the-web-key-directory-standard), allowing for provider-agnostic E2EE emails. 例えば、Proton MailのユーザはMailbox.orgのユーザにE2EEメッセージを送れますし、OpenPGPで暗号化された通知を、それをサポートするインターネットサービスから受け取ることができます。 +OpenPGPによる暗号化・復号化や[Web Key Directory規格](basics/email-security.md#what-is-the-web-key-directory-standard)をネイティブサポートしているプロバイダーでは、プロバイダーに依存しないE2EE(エンドツーエンド暗号化)メールが利用可能です。 例えば、Proton MailのユーザはMailbox.orgのユーザにE2EEメッセージを送れますし、OpenPGPで暗号化された通知を、それをサポートするインターネットサービスから受け取ることができます。
@@ -44,11 +44,11 @@ These providers natively support OpenPGP encryption/decryption and the [Web Key
-

Warning

+

注意

-When using E2EE technology like OpenPGP your email will still have some metadata that is not encrypted in the header of the email, generally including the subject line! Read more about [email metadata](basics/email-security.md#email-metadata-overview). +OpenPGPのようなE2EE(エンドツーエンド暗号化)を利用しても、件名などを含むメールのヘッダーには暗号化されていないメタデータが残ります! 詳細は [電子メールのメタデータ](basics/email-security.md#email-metadata-overview)のページにあります。 -OpenPGP also does not support Forward secrecy, which means if either your or the recipient's private key is ever stolen, all previous messages encrypted with it will be exposed. [How do I protect my private keys?](basics/email-security.md#how-do-i-protect-my-private-keys) +OpenPGPは前方秘匿性に対応していないため、送信者であるあなたか受信者の秘密鍵が盗まれた場合、その秘密鍵で暗号化した過去を含めたすべてのメッセージが暗号化解除可能な状態となります。 [秘密鍵を保護するには?](basics/email-security.md#how-do-i-protect-my-private-keys)
diff --git a/i18n/ja/frontends.md b/i18n/ja/frontends.md index 12b0f99c..d091191b 100644 --- a/i18n/ja/frontends.md +++ b/i18n/ja/frontends.md @@ -100,7 +100,7 @@ There are a number of public instances, with some that offer a [Tor](tor.md) oni
-

Warning

+

注意

Invidious does not proxy video streams by default. Videos watched through Invidious will still make direct connections to Google's servers (e.g. `googlevideo.com`); however, some instances support video proxying—simply enable *Proxy videos* within the instances' settings or add `&local=true` to the URL. @@ -169,7 +169,7 @@ When using FreeTube, your subscription list and playlists are saved locally on y
-

Warning

+

注意

When using FreeTube, your IP address may still be known to YouTube, [Invidious](https://instances.invidious.io), or [SponsorBlock](https://sponsor.ajay.app) depending on your configuration. Consider using a [VPN](vpn.md) or [Tor](tor.md) if your [threat model](basics/threat-modeling.md) requires hiding your IP address. @@ -204,7 +204,7 @@ When using Yattee, your subscription list is saved locally on your device.
-

Warning

+

注意

When using Yattee, your IP address may still be known to YouTube, [Invidious](https://instances.invidious.io), [Piped](https://github.com/TeamPiped/Piped/wiki/Instances), or [SponsorBlock](https://sponsor.ajay.app) depending on your configuration. Consider using a [VPN](vpn.md) or [Tor](tor.md) if your [threat model](basics/threat-modeling.md) requires hiding your IP address. @@ -239,7 +239,7 @@ When using Yattee, your IP address may still be known to YouTube, [Invidious](ht
-

Warning

+

注意

When using LibreTube, your IP address will be visible to YouTube, [Piped](https://github.com/TeamPiped/Piped/wiki/Instances), or [SponsorBlock](https://sponsor.ajay.app) depending on your configuration. Consider using a [VPN](vpn.md) or [Tor](tor.md) if your [threat model](basics/threat-modeling.md) requires hiding your IP address. @@ -275,7 +275,7 @@ By default, LibreTube blocks all YouTube advertisements. Additionally, LibreTube 1. The default instance is [FramaTube](https://framatube.org), however more can be added via **Settings** → **Content** → **PeerTube instances**.
-

Warning

+

注意

NewPipeを使用すると、使用している動画プロバイダーにあなたのIPアドレスが表示されます。 Consider using a [VPN](vpn.md) or [Tor](tor.md) if your [threat model](basics/threat-modeling.md) requires hiding your IP address. diff --git a/i18n/ja/meta/admonitions.md b/i18n/ja/meta/admonitions.md index 591c1d24..39c87c44 100644 --- a/i18n/ja/meta/admonitions.md +++ b/i18n/ja/meta/admonitions.md @@ -104,7 +104,7 @@ Lorem ipsum dolor sit amet, consectetur adipiscing elit. #### `warning`
-

Warning

+

注意

Lorem ipsum dolor sit amet, consectetur adipiscing elit. diff --git a/i18n/ja/mobile-phones.md b/i18n/ja/mobile-phones.md index d7378877..69e83b68 100644 --- a/i18n/ja/mobile-phones.md +++ b/i18n/ja/mobile-phones.md @@ -36,7 +36,7 @@ The mobile devices listed here provide a long lifespan of guaranteed security up [Recommended Android Distributions :material-arrow-right-drop-circle:](android/distributions.md){ .md-button .md-button--primary } [Details about Android Security :material-arrow-right-drop-circle:](os/android-overview.md#security-protections){ .md-button }
-

Warning

+

注意

End-of-life devices (such as GrapheneOS's "extended support" devices) do not have full security patches (firmware updates) due to the OEM discontinuing support. These devices cannot be considered completely secure regardless of installed software. diff --git a/i18n/ja/os/android-overview.md b/i18n/ja/os/android-overview.md index e6560e1d..1ac2fb05 100644 --- a/i18n/ja/os/android-overview.md +++ b/i18n/ja/os/android-overview.md @@ -75,7 +75,7 @@ An app may request a permission for a specific feature it has. For example, any [Exodus](https://exodus-privacy.eu.org) can be useful when comparing apps that have similar purposes. If an app requires a lot of permissions and has a lot of advertising and analytics this is probably a bad sign. We recommend looking at the individual trackers and reading their descriptions rather than simply **counting the total** and assuming all items listed are equal.
-

Warning

+

注意

If an app is mostly a web-based service, the tracking may occur on the server side. [Facebook](https://reports.exodus-privacy.eu.org/en/reports/com.facebook.katana/latest) shows "no trackers" but certainly does track users' interests and behavior across the site. Apps may evade detection by not using standard code libraries produced by the advertising industry, though this is unlikely. diff --git a/i18n/ja/os/ios-overview.md b/i18n/ja/os/ios-overview.md index f53a3138..124710f2 100644 --- a/i18n/ja/os/ios-overview.md +++ b/i18n/ja/os/ios-overview.md @@ -157,7 +157,7 @@ After enabling Stolen Device Protection, [certain actions](https://support.apple iPhones are already resistant to brute-force attacks by making you wait long periods of time after multiple failed attempts; however, there have historically been exploits to get around this. To be extra safe, you can set your phone to wipe itself after 10 failed passcode attempts.
-

Warning

+

注意

With this setting enabled, someone could intentionally wipe your phone by entering the wrong password many times. Make sure you have proper backups and only enable this setting if you feel comfortable with it. diff --git a/i18n/ja/os/macos-overview.md b/i18n/ja/os/macos-overview.md index 667dc57d..0e8cfc74 100644 --- a/i18n/ja/os/macos-overview.md +++ b/i18n/ja/os/macos-overview.md @@ -151,7 +151,7 @@ macOS employs defense in depth by relying on multiple layers of software and har ### ソフトウェアのセキュリティー
-

Warning

+

注意

macOSではベータ版アップデートをインストールできます。 These are unstable and may come with extra telemetry since they're for testing purposes. Because of this, we recommend you avoid beta software in general. @@ -176,7 +176,7 @@ System Integrity Protection makes critical file locations read-only to protect a On macOS, whether an app is sandboxed is determined by the developer when they sign it. The App Sandbox protects against vulnerabilities in the apps you run by limiting what a malicious actor can access in the event that the app is exploited. The App Sandbox *alone* can't protect against [:material-package-variant-closed-remove: Supply Chain Attacks](../basics/common-threats.md#attacks-against-certain-organizations ""){.pg-viridian} by malicious developers. For that, sandboxing needs to be enforced by someone other than the developer themselves, as it is on the App Store.
-

Warning

+

注意

Software downloaded from outside the official App Store is not required to be sandboxed. If your threat model prioritizes defending against [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }, then you may want to check if the software you download outside the App Store is sandboxed, which is up to the developer to *opt in*. @@ -187,7 +187,7 @@ You can check if an app uses the App Sandbox in a few ways: You can check if apps that are already running are sandboxed using the [Activity Monitor](https://developer.apple.com/documentation/security/protecting-user-data-with-app-sandbox#Verify-that-your-app-uses-App-Sandbox).
-

Warning

+

注意

Just because one of an app's processes is sandboxed doesn't mean they all are. diff --git a/i18n/ja/real-time-communication.md b/i18n/ja/real-time-communication.md index c030f640..c4678141 100644 --- a/i18n/ja/real-time-communication.md +++ b/i18n/ja/real-time-communication.md @@ -178,7 +178,7 @@ Briar supports forward secrecy[^1] by using the Bramble [Handshake](https://code ## 追加のオプション
-

Warning

+

注意

These messengers do not have forward secrecy[^1], and while they fulfill certain needs that our previous recommendations may not, we do not recommend them for long-term or sensitive communications. Any key compromise among message recipients would affect the confidentiality of **all** past communications. diff --git a/i18n/ja/security-keys.md b/i18n/ja/security-keys.md index 887f8c71..eebdcc4d 100644 --- a/i18n/ja/security-keys.md +++ b/i18n/ja/security-keys.md @@ -41,7 +41,7 @@ This key provides only basic FIDO2 functionality, but for most people that is al If you need any of those features, you should consider their higher-end [YubiKey](#yubikey) of products instead.
-

Warning

+

注意

The firmware of Yubico's Security Keys is not updatable. If you want features in newer firmware versions, or if there is a vulnerability in the firmware version you are using, you would need to purchase a new key. @@ -74,7 +74,7 @@ YubiKeys can be programmed using the [YubiKey Manager](https://yubico.com/suppor For models which support HOTP and TOTP, there are 2 slots in the OTP interface which could be used for HOTP and 32 slots to store TOTP secrets. These secrets are stored encrypted on the key and never expose them to the devices they are plugged into. Once a seed (shared secret) is given to the Yubico Authenticator, it will only give out the six-digit codes, but never the seed. This security model helps limit what an attacker can do if they compromise one of the devices running the Yubico Authenticator and make the YubiKey resistant to a physical attacker.
-

Warning

+

注意

The firmware of YubiKey is not updatable. If you want features in newer firmware versions, or if there is a vulnerability in the firmware version you are using, you would need to purchase a new key. @@ -105,14 +105,14 @@ Nitrokey models can be configured using the [Nitrokey app](https://nitrokey.com/ For the models which support HOTP and TOTP, there are 3 slots for HOTP and 15 for TOTP. Some Nitrokeys can act as a password manager. They can store 16 different credentials and encrypt them using the same password as the OpenPGP interface.
-

Warning

+

注意

While Nitrokeys do not release the HOTP/TOTP secrets to the device they are plugged into, the HOTP and TOTP storage is **not** encrypted and is vulnerable to physical attacks. If you are looking to store HOTP or TOTP secrets, we highly recommend that you use a YubiKey instead.
-

Warning

+

注意

Resetting the OpenPGP interface on a Nitrokey will also make the password database [inaccessible](https://docs.nitrokey.com/pro/linux/factory-reset).