New Crowdin translations by GitHub Action

i18n/fr/tools.md

@@ -197,9 +197,9 @@ Nous [recommandons](dns.md#recommended-providers) un certain nombre de serveurs
 
 <div class="grid cards" markdown>
 
-- ![Proton VPN logo](assets/img/vpn/protonvpn.svg){ .twemoji } [Proton VPN](vpn.md#proton-vpn)
-- ![IVPN logo](assets/img/vpn/mini/ivpn.svg){ .twemoji } [IVPN](vpn.md#ivpn)
-- ![Mullvad logo](assets/img/vpn/mullvad.svg){ .twemoji } [Mullvad](vpn.md#mullvad)
+- ![logo Proton VPN](assets/img/vpn/protonvpn.svg){ .twemoji } [Proton VPN](vpn.md#proton-vpn)
+- ![logo IVPN](assets/img/vpn/mini/ivpn.svg){ .twemoji } [IVPN](vpn.md#ivpn)
+- ![logo Mullvad](assets/img/vpn/mullvad.svg){ .twemoji } [Mullvad](vpn.md#mullvad)
 
 </div>
 

i18n/fr/vpn.md

@@ -10,9 +10,9 @@ Si vous recherchez à protéger votre **vie privée** vis-à-vis de votre FAI, s
 
 <div class="grid cards" markdown>
 
-- ![Proton VPN logo](assets/img/vpn/protonvpn.svg){ .twemoji } [Proton VPN](#proton-vpn)
-- ![IVPN logo](assets/img/vpn/mini/ivpn.svg){ .twemoji } [IVPN](#ivpn)
-- ![Mullvad logo](assets/img/vpn/mullvad.svg){ .twemoji } [Mullvad](#mullvad)
+- ![logo Proton VPN](assets/img/vpn/protonvpn.svg){ .twemoji } [Proton VPN](#proton-vpn)
+- ![logo IVPN](assets/img/vpn/mini/ivpn.svg){ .twemoji } [IVPN](#ivpn)
+- ![logo Mullvad](assets/img/vpn/mullvad.svg){ .twemoji } [Mullvad](#mullvad)
 
 </div>
 
@@ -147,7 +147,7 @@ IVPN [recommande](https://www.ivpn.net/wireguard/) l'utilisation de WireGuard av
 
 #### :material-alert-outline:{ .pg-orange } Redirection de port
 
-IVPN previously supported port forwarding, but removed the option in [June 2023](https://www.ivpn.net/blog/gradual-removal-of-port-forwarding). L'absence de cette fonctionnalité pourrait avoir un impact négatif sur certaines applications, en particulier les applications pair-à-pair telles que les clients torrent.
+IVPN prenait auparavant en charge la redirection de port, mais a supprimé cette option en [juin 2023](https://www.ivpn.net/blog/gradual-removal-of-port-forwarding). L'absence de cette fonctionnalité pourrait avoir un impact négatif sur certaines applications, en particulier les applications pair-à-pair telles que les clients torrent.
 
 #### :material-check:{ .pg-green } Clients mobiles
 

i18n/pt/basics/account-creation.md

@@ -1,79 +1,79 @@
 ---
-meta_title: "How to Create Internet Accounts Privately - Privacy Guides"
-title: "Account Creation"
+meta_title: "Como Criar Contas Na Internet Privadamente - Privacy Guides"
+title: "Criação de Contas"
 icon: 'material/account-plus'
-description: Creating accounts online is practically an internet necessity, take these steps to make sure you stay private.
+description: A criação de contas online é praticamente uma necessidade da Internet, siga estes passos para garantir a sua privacidade.
 ---
 
-Often people sign up for services without thinking. Maybe it's a streaming service so you can watch that new show everyone's talking about, or an account that gives you a discount for your favorite fast food place. Whatever the case may be, you should consider the implications for your data now and later on down the line.
+Muitas vezes, as pessoas inscrevem-se em serviços sem pensar. Talvez seja um serviço de streaming para poder ver aquela nova série de que todos falam, ou uma conta que lhe dá um desconto no seu restaurante de fast food favorito. Seja qual for o caso, deve considerar as implicações para os seus dados agora e mais tarde.
 
-There are risks associated with every new service that you use. Data breaches; disclosure of customer information to third parties; rogue employees accessing data; all are possibilities that must be considered when giving your information out. You need to be confident that you can trust the service, which is why we don't recommend storing valuable data on anything but the most mature and battle-tested products. That usually means services which provide E2EE and have undergone a cryptographic audit. An audit increases assurance that the product was designed without glaring security issues caused by an inexperienced developer.
+Há riscos associados a cada novo serviço que utiliza. Violações de dados; divulgação de informações de clientes a terceiros; acesso de funcionários desonestos aos dados; todas estas são possibilidades que devem ser tidas em conta ao se divulgarem informações. É necessário ter a certeza de que pode confiar no serviço, razão pela qual não recomendamos o armazenamento de dados valiosos em nada que não seja os produtos mais maduros e testados. Isto significa, normalmente, serviços que fornecem E2EE e que foram submetidos a uma auditoria criptográfica. Uma auditoria aumenta a garantia de que o produto foi concebido sem problemas de segurança evidentes causados por um programador inexperiente.
 
-It can also be difficult to delete the accounts on some services. Sometimes [overwriting data](account-deletion.md#overwriting-account-information) associated with an account can be possible, but in other cases the service will keep an entire history of changes to the account.
+Também pode ser difícil apagar as contas em alguns serviços. Por vezes, [substituir os dados](account-deletion.md#overwriting-account-information) associados a uma conta é possível, mas noutros casos o serviço manterá um histórico completo das alterações à conta.
 
-## Terms of Service & Privacy Policy
+## Termos de Serviço e Política de Privacidade
 
-The ToS are the rules that you agree to follow when using the service. With larger services these rules are often enforced by automated systems. Sometimes these automated systems can make mistakes. For example, you may be banned or locked out of your account on some services for using a VPN or VOIP number. Appealing such bans is often difficult, and involves an automated process too, which isn't always successful. This would be one of the reasons why we wouldn't suggest using Gmail for email as an example. Email is crucial for access to other services you might have signed up for.
+Os ToS são as regras que aceita seguir quando utiliza o serviço. Nos serviços de maior dimensão, estas regras são frequentemente aplicadas por sistemas automatizados. Por vezes, estes sistemas automatizados podem cometer erros. Por exemplo, pode ser banido ou bloqueado da sua conta em alguns serviços por utilizar uma VPN, ou VOIP. O recurso a estas proibições é muitas vezes difícil e envolve também um processo automatizado, que nem sempre é bem-sucedido. Esta é uma das razões pelas quais não sugerimos a utilização do Gmail para correio eletrónico, por exemplo. O correio eletrónico é crucial para o acesso a outros serviços em que se tenha inscrito.
 
-The Privacy Policy is how the service says they will use your data and it is worth reading so that you understand how your data will be used. A company or organization might not be legally obligated to follow everything contained in the policy (it depends on the jurisdiction). We would recommend having some idea what your local laws are and what they permit a provider to collect.
+A Política de Privacidade é como o serviço diz que irá utilizar os seus dados e vale a pena lê-la para compreender como os seus dados serão utilizados. Uma empresa ou organização pode não ser legalmente obrigada a seguir tudo o que está contido na política (depende da jurisdição). Recomendamos que tenha uma ideia das leis locais e do que estas permitem que um fornecedor recolha.
 
-We recommend looking for particular terms such as "data collection", "data analysis", "cookies", "ads" or "3rd-party" services. Sometimes you will be able to opt-out from data collection or from sharing your data, but it is best to choose a service that respects your privacy from the start.
+Recomendamos que procure termos específicos como "recolha de dados", "análise de dados", "cookies", "anúncios" ou serviços "de terceiros". Por vezes, pode optar por não participar na recolha de dados ou na partilha dos seus dados, mas é melhor escolher um serviço que respeite a sua privacidade desde o início.
 
-Keep in mind you're also placing your trust in the company or organization and that they will comply with their own privacy policy.
+Não se esqueça de que também está a depositar a sua confiança na empresa ou organização e que esta irá cumprir a sua própria política de privacidade.
 
-## Authentication methods
+## Métodos de autenticação
 
-There are usually multiple ways to sign up for an account, each with their own benefits and drawbacks.
+Normalmente, existem várias formas de registar uma conta, cada uma com as suas próprias vantagens e desvantagens.
 
-### Email and password
+### Correio eletrónico + palavra-passe
 
-The most common way to create a new account is by an email address and password. When using this method, you should use a password manager and follow [best practices](passwords-overview.md) regarding passwords.
+A forma mais comum de criar uma nova conta é por um endereço de correio eletrónico e de uma palavra-passe. Ao utilizar este método, deve utilizar um gestor de palavras-passe e seguir as [melhores práticas](passwords-overview.md) relativamente a palavras-passe.
 
 !!! aviso
-     Backup `BitLocker-Recovery-Key.txt` em um dispositivo de armazenamento separado.
+ Backup `BitLocker-Recovery-Key. txt` em um dispositivo de armazenamento separado
 
-    You can use your password manager to organize other authentication methods too! Just add the new entry and fill the appropriate fields, you can add notes for things like security questions or a backup key.
+    Também pode utilizar o seu gestor de palavra-passes para organizar outros métodos de autenticação! Basta adicionar a nova entrada e preencher os campos adequados, pode adicionar notas para coisas como perguntas de segurança ou uma chave de segurança.
 
-You will be responsible for managing your login credentials. For added security, you can set up [MFA](multi-factor-authentication.md) on your accounts.
+Será responsável pela gestão das suas credenciais de início de sessão. Para maior segurança, pode configurar [MFA](multi-factor-authentication.md) nas suas contas.
 
-[Recommended password managers](../passwords.md ""){.md-button}
+[Gestores de palavras-passe recomendados](../passwords.md ""){.md-button}
 
-#### Email aliases
+#### Aliases de correio eletrónico
 
-If you don't want to give your real email address to a service, you have the option to use an alias. We described them in more detail on our email services recommendation page. Essentially, alias services allow you to generate new email addresses that forward all emails to your main address. This can help prevent tracking across services and help you manage the marketing emails that sometimes come with the sign up process. Those can be filtered automatically based on the alias they are sent to.
+Se não quiser fornecer o seu verdadeiro endereço de correio eletrónico a um serviço, tem a opção de utilizar um pseudónimo. Descrevemos los com mais pormenor na nossa página de recomendações de serviços de correio eletrónico. Essencialmente, os serviços de alias permitem-lhe gerar novos endereços de correio eletrónico que reencaminham todas as mensagens para o seu endereço principal. Isto pode ajudar a evitar o rastreio entre serviços e ajudá-lo a gerir as mensagens eletrónicas de marketing que, por vezes, acompanham o processo de registo. Estes podem ser filtrados automaticamente com base no pseudónimo para o qual são enviados.
 
-Should a service get hacked, you might start receiving phishing or spam emails to the address you used to sign up. Using unique aliases for each service can assist in identifying exactly what service was hacked.
+Se um serviço for comprometido, pode começar a receber mensagens eletrónicas de phishing ou spam no endereço que utilizou para se registar. A utilização de aliases únicos para cada serviço pode ajudar a identificar exatamente qual o serviço comprometido.
 
-[Recommended email aliasing services](../email.md#email-aliasing-services ""){.md-button}
+[Serviços de aliasing de correio eletrónico recomendados](../email.md#email-aliasing-services ""){.md-button}
 
-### "Sign in with..." (OAuth)
+### "Iniciar a sessão com..." (OAuth)
 
-OAuth is an authentication protocol that allows you to register for a service without sharing much information with the service provider, if any, by using an existing account you have with another service instead. Whenever you see something along the lines of "Sign in with *provider name*" on a registration form, it's typically using OAuth.
+A OAuth é um protocolo de autenticação que permite registar-se num serviço sem partilhar muitas informações com o fornecedor do serviço, se for caso disso, utilizando uma conta existente noutro serviço. Sempre que vir algo como "Inicie sessão com o nome do fornecedor **" num formulário de registo, normalmente utiliza o OAuth.
 
-When you sign in with OAuth, it will open a login page with the provider you choose, and your existing account and new account will be connected. Your password won't be shared, but some basic information typically will (you can review it during the login request). This process is needed every time you want to log in to the same account.
+Quando iniciar sessão com o OAuth, será aberta uma página de início de sessão com o fornecedor que escolher, e a sua conta existente e a nova conta serão ligadas. A sua palavra-passe não será partilhada, mas algumas informações básicas serão normalmente partilhadas (pode revê-las durante o pedido de início de sessão). Este processo é necessário sempre que se pretende iniciar sessão na mesma conta.
 
-The main advantages are:
+As principais vantagens são:
 
-- **Security**: no risk of being involved in a [data breach](https://en.wikipedia.org/wiki/Data_breach) because the website does not store your credentials.
-- **Ease of use**: multiple accounts are managed by a single login.
+- **Segurança**: não há risco de estar envolvido numa violação de dados [](https://en.wikipedia.org/wiki/Data_breach) porque o sítio web não armazena as suas credenciais.
+- **Facilidade de utilização**: várias contas são geridas por um único início de sessão.
 
-But there are disadvantages:
+Mas há desvantagens:
 
-- **Privacy**: the OAuth provider you log in with will know the services you use.
-- **Centralization**: if the account you use for OAuth is compromised or you aren't able to login to it, all other accounts connected to it are affected.
+- **Privacidade**: o fornecedor OAuth com o qual inicia sessão conhecerá os serviços que utiliza.
+- **Centralização**: se a conta que utiliza para o OAuth for comprometida ou se não conseguir iniciar sessão nela, todas as outras contas ligadas a essa conta são afetadas.
 
-OAuth authentication can be especially useful in those situations where you could benefit from deeper integration between services. Our recommendation is to limit using OAuth to only where you need it, and always protect the main account with [MFA](multi-factor-authentication.md).
+A autenticação OAuth pode ser especialmente útil nas situações em que pode beneficiar de uma integração mais profunda entre serviços. A nossa recomendação é limitar a utilização do OAuth apenas onde for necessário e proteger sempre a conta principal com [MFA](multi-factor-authentication.md).
 
-All the services that use OAuth will be as secure as your underlying provider's account. For example, if you want to secure an account with a hardware key, but that service doesn't support hardware keys, you can secure the account you use with OAuth with a hardware key instead, and now you essentially have hardware MFA on all your accounts. It is worth noting though that weak authentication on your OAuth provider account means that any account tied to that login will also be weak.
+Todos os serviços que utilizam o OAuth serão tão seguros como a conta do seu fornecedor subjacente. Por exemplo, se quiser proteger uma conta com uma chave de hardware, mas esse serviço não suportar chaves de hardware, pode proteger a conta que utiliza com o OAuth com uma chave de hardware, e agora tem essencialmente MFA de hardware em todas as suas contas. No entanto, vale a pena notar que uma autenticação fraca na sua conta de fornecedor OAuth significa que qualquer conta associada a esse início de sessão também será fraca.
 
-### Phone number
+### Número de telemóvel
 
-We recommend avoiding services that require a phone number for sign up. A phone number can identity you across multiple services and depending on data sharing agreements this will make your usage easier to track, particularly if one of those services is breached as the phone number is often **not** encrypted.
+Recomendamos que evite serviços que exijam um número de telefone para se registar. Um número de telefone pode identificá-lo em vários serviços e, dependendo dos acordos de partilha de dados, facilitará o rastreio da sua utilização, especialmente se um desses serviços for violado, dado que o número de telefone é frequentemente **e não** encriptado.
 
-You should avoid giving out your real phone number if you can. Some services will allow the use of VOIP numbers, however these often trigger fraud detection systems, causing an account to be locked down, so we don't recommend that for important accounts.
+Se possível, deve evitar dar o seu número de telefone verdadeiro. Alguns serviços permitem a utilização de números VOIP, no entanto, estes acionam frequentemente sistemas de deteção de fraudes, fazendo com que uma conta seja bloqueada, pelo que não recomendamos a sua utilização para contas importantes.
 
-In many cases you will need to provide a number that you can receive SMS or calls from, particularly when shopping internationally, in case there is a problem with your order at border screening. It's common for services to use your number as a verification method; don't let yourself get locked out of an important account because you wanted to be clever and give a fake number!
+Em muitos casos, é necessário fornecer um número a partir do qual possa receber SMS ou chamadas, especialmente em compras internacionais, para o caso de haver um problema com a sua encomenda no controlo fronteiriço. É comum os serviços utilizarem o seu número como método de verificação; não se deixe bloquear numa conta importante porque quis ser esperto e dar um número falso!
 
-### Username and password
+### Nome de utilizador e palavra-passe
 
-Some services allow you to register without using an email address and only require you to set a username and password. These services may provide increased anonymity when combined with a VPN or Tor. Keep in mind that for these accounts there will most likely be **no way to recover your account** in the event you forget your username or password.
+Alguns serviços permitem-lhe registar-se sem utilizar um endereço de correio eletrónico e apenas lhe exigem a definição de um nome de utilizador e de uma palavra-passe. Estes serviços podem proporcionar um maior anonimato quando combinados com uma VPN ou Tor. Tenha em atenção que, para estas contas, é muito provável que não haja **forma de recuperar a sua conta** caso se esqueça do seu nome de utilizador ou palavra-passe.

i18n/pt/basics/account-deletion.md

@@ -1,45 +1,45 @@
 ---
-title: "Account Deletion"
+title: "Eliminação de Contas"
 icon: 'material/account-remove'
-description: It's easy to accumulate a large number of internet accounts, here are some tips on how to prune your collection.
+description: É fácil acumular um grande número de contas na Internet. Eis algumas dicas sobre como reduzir a sua coleção.
 ---
 
-Over time, it can be easy to accumulate a number of online accounts, many of which you may no longer use. Deleting these unused accounts is an important step in reclaiming your privacy, as dormant accounts are vulnerable to data breaches. A data breach is when a service's security is compromised and protected information is viewed, transmitted, or stolen by unauthorized actors. Data breaches are unfortunately all [too common](https://haveibeenpwned.com/PwnedWebsites) these days, and so practicing good digital hygiene is the best way to minimize the impact they have on your life. The goal of this guide then is to help navigate you through the irksome process of account deletion, often made difficult by [deceptive design](https://www.deceptive.design/), for the betterment of your online presence.
+Com o passar do tempo, pode ser fácil acumular uma série de contas em linha, muitas das quais podem já não ser utilizadas. A eliminação destas contas não utilizadas é um passo importante para recuperar a sua privacidade, uma vez que as contas inativas são vulneráveis a violações de dados. Uma violação de dados ocorre quando a segurança de um serviço é comprometida e as informações protegidas são visualizadas, transmitidas ou roubadas por pessoas não autorizadas. Infelizmente, as violações de dados são [demasiado comuns](https://haveibeenpwned.com/PwnedWebsites) atualmente, pelo que praticar uma boa higiene digital é a melhor forma de minimizar o impacto tido na sua vida. O objetivo deste guia é ajudá-lo a navegar pelo processo incómodo de eliminação de contas, muitas vezes dificultado pelo [design enganador](https://www.deceptive.design/), para melhorar a sua presença online.
 
-## Finding Old Accounts
+## Encontrar Contas Antigas
 
-### Password Manager
+### Gestor de Palavras-Passe
 
-If you have a password manager that you've used for your entire digital life, this part will be very easy. Oftentimes, they include built-in functionality for detecting if your credentials were exposed in a data breach—such as Bitwarden's [Data Breach Report](https://bitwarden.com/blog/have-you-been-pwned/).
+Se tiver um gestor de palavras-passe que tenha utilizado durante toda a sua vida digital, esta parte será muito fácil. Muitas vezes, incluem funcionalidades incorporadas para detetar se as suas credenciais foram expostas numa violação de dados — como o Relatório de violação de dados [da Bitwarden](https://bitwarden.com/blog/have-you-been-pwned/).
 
 <figure markdown>
-  ![Bitwarden's Data Breach Report feature](../assets/img/account-deletion/exposed_passwords.png)
+  ![Funcionalidade do Relatório de Violação de Dados da Bitwarden](../assets/img/account-deletion/exposed_passwords.png)
 </figure>
 
-Even if you haven't explicitly used a password manager before, there's a chance you've used the one in your browser or your phone without even realizing it. For example: [Firefox Password Manager](https://support.mozilla.org/kb/password-manager-remember-delete-edit-logins), [Google Password Manager](https://passwords.google.com/intro) and [Edge Password Manager](https://support.microsoft.com/en-us/microsoft-edge/save-or-forget-passwords-in-microsoft-edge-b4beecb0-f2a8-1ca0-f26f-9ec247a3f336).
+Mesmo que nunca tenha utilizado explicitamente um gestor de palavras-passe, é provável que já o tenha feito no seu navegador ou no seu telemóvel sem se aperceber. Por exemplo: [Gestor de Palavras-Passe da Google](https://support.mozilla.org/kb/password-manager-remember-delete-edit-logins), [Gestor de Palavras-Passe da Google](https://passwords.google.com/intro) e [Gestor de Palavras-Passe da Google](https://support.microsoft.com/en-us/microsoft-edge/save-or-forget-passwords-in-microsoft-edge-b4beecb0-f2a8-1ca0-f26f-9ec247a3f336).
 
-Desktop platforms also often have a password manager which may help you recover passwords you've forgotten about:
+As plataformas de ambiente de trabalho também têm frequentemente um gestor de palavras-passe que pode ajudá-lo a recuperar palavras-passe esquecidas:
 
-- Windows [Credential Manager](https://support.microsoft.com/en-us/windows/accessing-credential-manager-1b5c916a-6a16-889f-8581-fc16e8165ac0)
-- macOS [Passwords](https://support.apple.com/en-us/HT211145)
-- iOS [Passwords](https://support.apple.com/en-us/HT211146)
+- [Gestor de Credenciais](https://support.microsoft.com/en-us/windows/accessing-credential-manager-1b5c916a-6a16-889f-8581-fc16e8165ac0) Windows
+- [Palavras-passe](https://support.apple.com/en-us/HT211145) macOS
+- [Palavras-passe](https://support.apple.com/en-us/HT211146) iOS
 - Linux, Gnome Keyring, que pode ser acedido através de [Seahorse](https://wiki.gnome.org/Apps/Seahorse) ou [KDE Wallet Manager](https://userbase.kde.org /KDE_Wallet_Manager)
 
-### E-mail
+### Correio eletrónico
 
-If you didn't use a password manager in the past or you think you have accounts that were never added to your password manager, another option is to search the email account(s) that you believe you signed up on. On your email client, search for keywords such as "verify" or "welcome." Almost every time you make an online account, the service will send a verification link or an introductory message to your email. This can be a good way to find old, forgotten accounts.
+Se não utilizou um gestor de palavras-passe no passado ou se pensa que tem contas que nunca foram adicionadas ao seu gestor de palavras-passe, outra opção é pesquisar a(s) conta(s) de correio eletrónico em que pensa ter-se registado. No seu cliente de correio eletrónico, procure palavras-chave como "verificar" ou "bem-vindo." Quase sempre que cria uma conta em linha, o serviço envia uma ligação de verificação ou uma mensagem introdutória para o seu correio eletrónico. Esta pode ser uma boa forma de encontrar contas antigas e esquecidas.
 
-## Deleting Old Accounts
+## Eliminar Contas Antigas
 
-### Log In
+### Iniciar Sessão
 
-In order to delete your old accounts, you'll need to first make sure you can log in to them. Again, if the account was in your password manager, this step is easy. If not, you can try to guess your password. Failing that, there are typically options to regain access to your account, commonly available through a "forgot password" link on the login page. It may also be possible that accounts you've abandoned have already been deleted—sometimes services prune all old accounts.
+Para eliminar as contas antigas, tem de se certificar primeiro de que pode iniciar sessão nas mesmas. Mais uma vez, se a conta estava no seu gestor de palavras-passe, este passo é fácil. Caso contrário, pode tentar adivinhar a sua palavra-passe. Caso contrário, normalmente existem opções para recuperar o acesso à sua conta, normalmente disponíveis através de uma ligação "esqueci-me da palavra-passe" na página de início de sessão. Também pode ser possível que as contas que abandonou já tenham sido eliminadas — por vezes, os serviços eliminam todas as contas antigas.
 
-When attempting to regain access, if the site returns an error message saying that email is not associated with an account, or you never receive a reset link after multiple attempts, then you do not have an account under that email address and should try a different one. If you can't figure out which email address you used, or you no longer have access to that email, you can try contacting the service's customer support. Unfortunately, there is no guarantee that you will be able to reclaim access your account.
+Ao tentar recuperar o acesso, se o sítio web devolver uma mensagem de erro a indicar que o endereço de correio eletrónico não está associado a uma conta, ou se nunca receber uma ligação de reposição após várias tentativas, então não tem uma conta com esse endereço de correio eletrónico e deve tentar um endereço diferente. Se não conseguir descobrir qual o endereço de correio eletrónico que utilizou, ou se já não tiver acesso a esse correio eletrónico, pode tentar contactar o apoio ao cliente do serviço. Infelizmente, não existe nenhuma garantia de que conseguirá recuperar o acesso à sua conta.
 
-### GDPR (EEA residents only)
+### RGPD (somente residentes no EEE)
 
-Residents of the EEA have additional rights regarding data erasure specified in [Article 17](https://www.gdpr.org/regulation/article-17.html) of the GDPR. If it's applicable to you, read the privacy policy for any given service to find information on how to exercise your right to erasure. Reading the privacy policy can prove important, as some services have a "Delete Account" option that only disables your account and for real deletion you have to take additional action. Sometimes actual deletion may involve filling out surveys, emailing the data protection officer of the service or even proving your residence in the EEA. If you plan to go this way, do **not** overwrite account information—your identity as an EEA resident may be required. Note that the location of the service does not matter; GDPR applies to anyone serving European users. If the service does not respect your right to erasure, you can contact your national [Data Protection Authority](https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens/redress/what-should-i-do-if-i-think-my-personal-data-protection-rights-havent-been-respected_en) and you may be entitled to monetary compensation.
+Os residentes do EEE têm direitos adicionais relativamente à eliminação de dados especificados em [Artigo 17](https://www.gdpr.org/regulation/article-17.html) do RGPD. Se for aplicável ao seu caso, leia a política de privacidade de um determinado serviço para obter informações sobre como exercer o seu direito ao apagamento. A leitura da política de privacidade pode revelar-se importante, uma vez que alguns serviços têm uma opção "Eliminar conta" que apenas desativa a sua conta e, para uma verdadeira eliminação, tem de tomar medidas adicionais. Sometimes actual deletion may involve filling out surveys, emailing the data protection officer of the service or even proving your residence in the EEA. If you plan to go this way, do **not** overwrite account information—your identity as an EEA resident may be required. Note that the location of the service does not matter; GDPR applies to anyone serving European users. If the service does not respect your right to erasure, you can contact your national [Data Protection Authority](https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens/redress/what-should-i-do-if-i-think-my-personal-data-protection-rights-havent-been-respected_en) and you may be entitled to monetary compensation.
 
 ### Overwriting Account information
 

i18n/pt/passwords.md

@@ -52,7 +52,7 @@ schema:
     name: Bitwarden
     image: /assets/img/password-management/psono.svg
     url: https://psono.com
-    applicationCategory: Password Manager
+    applicationCategory: Gestor de Palavras-Passe
     operatingSystem:
       - Android
       - iOS
@@ -67,7 +67,7 @@ schema:
     image: /assets/img/password-management/keepassxc.svg
     url: https://keepassxc.org/
     sameAs: https://en.wikipedia.org/wiki/KeePassXC
-    applicationCategory: Password Manager
+    applicationCategory: Gestor de Palavras-Passe
     operatingSystem:
       - Windows
       - macOS
@@ -82,7 +82,7 @@ schema:
     name: KeePassDX
     image: /assets/img/password-management/keepassdx.svg
     url: https://www.keepassdx.com/
-    applicationCategory: Password Manager
+    applicationCategory: Gestor de Palavras-Passe
     operatingSystem: Android
     subjectOf:
       "@context": http://schema.org
@@ -94,7 +94,7 @@ schema:
     name: Strongbox
     image: /assets/img/password-management/strongbox.svg
     url: https://strongboxsafe.com/
-    applicationCategory: Password Manager
+    applicationCategory: Gestor de Palavras-Passe
     operatingSystem: iOS
     subjectOf:
       "@context": http://schema.org
@@ -106,7 +106,7 @@ schema:
     name: gopass
     image: /assets/img/password-management/gopass.svg
     url: https://www.gopass.pw/
-    applicationCategory: Password Manager
+    applicationCategory: Gestor de Palavras-Passe
     operatingSystem:
       - Windows
       - macOS

i18n/ru/desktop.md

@@ -95,13 +95,13 @@ Silverblue (и Kinoite) отличаются от Fedora Workstation тем, ч
 
 Менеджер пакетов NixOS хранит каждую версию каждого пакета в отдельной папке в **хранилище Nix**. Из-за этого в вашей системе могут быть установлены разные версии одного и того же пакета. После записи содержимого пакета в папку, папка становится доступной только для чтения.
 
-NixOS also provides atomic updates; first it downloads (or builds) the packages and files for the new system generation and then switches to it. There are different ways to switch to a new generation; you can tell NixOS to activate it after reboot or you can switch to it at runtime. You can also *test* the new generation by switching to it at runtime, but not setting it as the current system generation. If something in the update process breaks, you can just reboot and automatically and return to a working version of your system.
+NixOS также предоставляет атомные обновления; сначала она загружает (или собирает) пакеты и файлы для нового поколения системы, а затем переходит на него. Есть разные способы переключения на новое поколение; вы можете указать NixOS активировать его после перезагрузки или переключиться на него во время выполнения. Вы также можете *протестировать* новое поколение, переключившись на него во время выполнения, но не устанавливая его в качестве текущего поколения системы. Если что-то в процессе обновления сломается, вы можете просто перезагрузиться и автоматически вернуться к рабочей версии системы.
 
-Nix the package manager uses a purely functional language - which is also called Nix - to define packages.
+Менеджер пакетов Nix использует чистый функциональный язык - который также называется Nix - для определения пакетов.
 
-[Nixpkgs](https://github.com/nixos/nixpkgs) (the main source of packages) are contained in a single GitHub repository. You can also define your own packages in the same language and then easily include them in your config.
+[Nixpkgs](https://github.com/nixos/nixpkgs) (основной источник пакетов) содержится в едином репозитории GitHub. Вы также можете определить свои собственные пакеты на том же языке и затем легко включить их в свою конфигурацию.
 
-Nix is a source-based package manager; if there’s no pre-built available in the binary cache, Nix will just build the package from source using its definition. It builds each package in a sandboxed *pure* environment, which is as independent of the host system as possible, thus making binaries reproducible.
+Nix - это менеджер пакетов на основе исходных файлов; если в кэше бинарных файлов нет готовой сборки, Nix просто соберет пакет из исходных файлов, используя его определение. Он собирает каждый пакет в изолированной *чистой* среде, которая максимально независима от хост-системы, что делает двоичные файлы воспроизводимыми.
 
 ## Дистрибутивы для анонимности
 
@@ -120,9 +120,9 @@ Nix is a source-based package manager; if there’s no pre-built available in th
 
 Whonix предназначен для запуска в виде двух виртуальных машин: "Рабочая" и "Шлюз Tor." Все соединения рабочей станции должны проходить через шлюз Tor. Это означает, даже если рабочая станция будет скомпрометирована каким-либо вредоносным ПО, настоящий IP-адрес останется скрытым.
 
-Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
+Некоторые из его возможностей включают изоляцию потока Tor, [анонимизацию нажатия клавиш](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [зашифрованный swap](https://github.com/Whonix/swap-file-creator), а также усиленный распределитель памяти.
 
-Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
+Будущие версии Whonix, вероятно, будут включать [полные системные политики AppArmor](https://github.com/Whonix/apparmor-profile-everything) и [программу запуска приложений в песочнице](https://www.whonix.org/wiki/Sandbox-app-launcher) для полного ограничения всех процессов в системе.
 
 Whonix лучше всего использовать [в сочетании с Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix имеет различные [недостатки](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) по сравнению с другими гипервизорами.
 
@@ -138,11 +138,11 @@ Whonix лучше всего использовать [в сочетании с
     [:octicons-info-16:](https://tails.boum.org/doc/index.en.html){ .card-link title=Документация}
     [:octicons-heart-16:](https://tails.boum.org/donate/){ .card-link title=Поддержать }
 
-Tails отлично подходит для криминалистической экспертизы благодаря амнезии (то есть ничего не записывается на диск); однако это не такой защищенный дистрибутив, как Whonix. В нем нет многих функций анонимности и безопасности, которые есть в Whonix, и он обновляется гораздо реже (только раз в шесть недель). A Tails system that is compromised by malware may potentially bypass the transparent proxy allowing for the user to be deanonymized.
+Tails отлично подходит для криминалистической экспертизы благодаря амнезии (то есть ничего не записывается на диск); однако это не такой защищенный дистрибутив, как Whonix. В нем нет многих функций анонимности и безопасности, которые есть в Whonix, и он обновляется гораздо реже (только раз в шесть недель). Система Tails, взломанная вредоносным ПО, может потенциально обойти прозрачный прокси-сервер, что позволит деанонимизировать пользователя.
 
-Tails includes [uBlock Origin](desktop-browsers.md#ublock-origin) in Tor Browser by default, which may potentially make it easier for adversaries to fingerprint Tails users. [Whonix](desktop.md#whonix) virtual machines may be more leak-proof, however they are not amnesic, meaning data may be recovered from your storage device.
+Tails содержит [uBlock Origin](desktop-browsers.md#ublock-origin) в Tor Browser по умолчанию, что потенциально может облегчить злоумышленникам составить цифровые отпечатки пользователей Tails. [Виртуальные машины Whonix](desktop.md#whonix) могут быть более защищены от утечек, однако они не поддерживают амнезию, то есть данные могут быть восстановлены с вашего устройства хранения.
 
-By design, Tails is meant to completely reset itself after each reboot. Зашифрованное [постоянное хранилище](https://tails.boum.org/doc/persistent_storage/index.en.html) может быть настроено для хранения некоторых данных между перезагрузками.
+По замыслу разработчиков, Tails должна сама полностью сбрасываться после каждой перезагрузки. Зашифрованное [постоянное хранилище](https://tails.boum.org/doc/persistent_storage/index.en.html) может быть настроено для хранения некоторых данных между перезагрузками.
 
 ## Дистрибутивы для безопасности
 
@@ -164,7 +164,7 @@ By design, Tails is meant to completely reset itself after each reboot. Заши
 
 Qubes OS - это операционная система на базе Xen, предназначенная для обеспечения надежной защиты настольных компьютеров с помощью защищенных виртуальных машин (ВМ), также известных как *Qubes*.
 
-Операционная система Qubes OS обеспечивает безопасность компьютера путем изоляции подсистем (например, сетевых, USB и т.д.) и приложений в отдельных виртуальных машинах. Should one part of the system be compromised, the extra isolation is likely to protect the rest of the system. For further details see the Qubes [FAQ](https://www.qubes-os.org/faq/).
+Операционная система Qubes OS обеспечивает безопасность компьютера путем изоляции подсистем (например, сетевых, USB и т.д.) и приложений в отдельных виртуальных машинах. Если одна часть системы будет скомпрометирована, дополнительная изоляция, скорее всего, защитит остальную часть системы. Более подробную информацию можно найти на сайте [Qubes](https://www.qubes-os.org/faq/).
 
 ## Критерии
 

i18n/ru/email-clients.md

@@ -181,16 +181,16 @@ Canary Mail имеет закрытый исходный код. Мы реком
 
 !!! recommendation
 
-    ![Mailvelope logo](assets/img/email-clients/mailvelope.svg){ align=right }
+    ![Логотип Mailvelope](assets/img/email-clients/mailvelope.svg){ align=right }
     
-    **Mailvelope** is a browser extension that enables the exchange of encrypted emails following the OpenPGP encryption standard.
+    **Mailvelope** - это расширение для браузера, позволяющее обмениваться зашифрованными электронными письмами в соответствии со стандартом шифрования OpenPGP.
     
-    [:octicons-home-16: Homepage](https://www.mailvelope.com){ .md-button .md-button--primary }
-    [:octicons-eye-16:](https://www.mailvelope.com/en/privacy-policy){ .card-link title="Privacy Policy" }
-    [:octicons-info-16:](https://mailvelope.com/faq){ .card-link title=Documentation}
-    [:octicons-code-16:](https://github.com/mailvelope/mailvelope){ .card-link title="Source Code" }
+    [:octicons-home-16: Домашняя страница](https://www.mailvelope.com){ .md-button .md-button--primary }
+    [:octicons-eye-16:](https://www.mailvelope.com/en/privacy-policy){ .card-link title="Политика конфиденциальности" }
+    [:octicons-info-16:](https://mailvelope.com/faq){ .card-link title=Документация}
+    [:octicons-code-16:](https://github.com/mailvelope/mailvelope){ .card-link title="Исходный код" }
     
-    ??? downloads
+    ??? downloads "Скачать"
     
         - [:simple-firefoxbrowser: Firefox](https://addons.mozilla.org/firefox/addon/mailvelope)
         - [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/mailvelope/kajibbejlbohfaggdiogboambcijhkke)
@@ -200,18 +200,18 @@ Canary Mail имеет закрытый исходный код. Мы реком
 
 !!! recommendation
 
-    ![NeoMutt logo](assets/img/email-clients/mutt.svg){ align=right }
+    ![Логотип NeoMutt](assets/img/email-clients/mutt.svg){ align=right }
     
-    **NeoMutt** is an open-source command line mail reader (or MUA) for Linux and BSD. It's a fork of [Mutt](https://en.wikipedia.org/wiki/Mutt_(email_client)) with added features.
+    **NeoMutt** - это читалка почты (или MUA) для командной строки с открытым исходным кодом для Linux и BSD. Это форк [Mutt](https://en.wikipedia.org/wiki/Mutt_(email_client)) с добавленными возможностями.
     
-    NeoMutt is a text-based client that has a steep learning curve. It is however, very customizable.
+    Neomut - это текстовый клиент, которым сложно научиться пользоваться. Тем не менее он очень кастомизируемый.
     
-    [:octicons-home-16: Homepage](https://neomutt.org){ .md-button .md-button--primary }
-    [:octicons-info-16:](https://neomutt.org/guide/){ .card-link title=Documentation}
-    [:octicons-code-16:](https://github.com/neomutt/neomutt){ .card-link title="Source Code" }
-    [:octicons-heart-16:](https://www.paypal.com/paypalme/russon/){ .card-link title=Contribute }
+    [:octicons-home-16: Домашняя страница](https://neomutt.org){ .md-button .md-button--primary }
+    [:octicons-info-16:](https://neomutt.org/guide/){ .card-link title=Документация}
+    [:octicons-code-16:](https://github.com/neomutt/neomutt){ .card-link title="Исходный код" }
+    [:octicons-heart-16:](https://www.paypal.com/paypalme/russon/){ .card-link title=Поддержать }
     
-    ??? downloads
+    ??? downloads "Скачать"
     
         - [:simple-apple: macOS](https://neomutt.org/distro)
         - [:simple-linux: Linux](https://neomutt.org/distro)
@@ -227,15 +227,15 @@ Canary Mail имеет закрытый исходный код. Мы реком
 ### Минимальные требования
 
 - Приложения, разработанные для операционных систем с открытым исходным кодом, должны быть с открытым исходным кодом.
-- Must not collect telemetry, or have an easy way to disable all telemetry.
-- Must support OpenPGP message encryption.
+- Не должны собирать телеметрию или должен быть простой способ её отключить.
+- Должны поддерживать шифрование сообщений OpenPGP.
 
 ### В лучшем случае
 
 Эти критерии представляют собой то, что мы хотели бы видеть от идеального проекта в этой категории. Наши рекомендации могут не соответствовать всем или нескольким из этих критериев, но проекты, которые им соответствуют, расположены выше остальных.
 
-- Should be open-source.
-- Should be cross-platform.
-- Should not collect any telemetry by default.
-- Should support OpenPGP natively, i.e. without extensions.
-- Should support storing OpenPGP encrypted emails locally.
+- Должны иметь открытый исходный код.
+- Должны быть кроссплатформенными.
+- По умолчанию не должны собирать телеметрию.
+- Должны нативно поддерживать OpenPGP, т.е. без расширений.
+- Должны поддерживать локальное хранение писем, зашифрованных OpenPGP.

i18n/ru/os/android-overview.md

@@ -40,17 +40,17 @@ Android 10 и выше перешел от шифрования всего ди
 
 ## Обновления прошивки
 
-Firmware updates are critical for maintaining security and without them your device cannot be secure. OEMs have support agreements with their partners to provide the closed-source components for a limited support period. These are detailed in the monthly [Android Security Bulletins](https://source.android.com/security/bulletin).
+Обновления прошивки имеют критическое значение для поддержания безопасности. Без них ваше устройство не может быть безопасным. OEM-производители имеют соглашения о поддержке со своими партнерами для предоставления компонентов с закрытым исходным кодом на ограниченный период поддержки. Они подробно описаны в ежемесячных [бюллетенях по безопасности Android](https://source.android.com/docs/security/bulletin?hl=ru).
 
-As the components of the phone, such as the processor and radio technologies rely on closed-source components, the updates must be provided by the respective manufacturers. Therefore, it is important that you purchase a device within an active support cycle. [Qualcomm](https://www.qualcomm.com/news/releases/2020/12/16/qualcomm-and-google-announce-collaboration-extend-android-os-support-and) and [Samsung](https://news.samsung.com/us/samsung-galaxy-security-extending-updates-knox/) support their devices for 4 years, while cheaper products often have shorter support cycles. With the introduction of the [Pixel 6](https://support.google.com/pixelphone/answer/4457705), Google now makes their own SoC and they will provide a minimum of 5 years of support.
+Поскольку компоненты телефона, такие как процессор и радиотехнологии, полагаются на компоненты с закрытым исходным кодом, обновления должны предоставляться соответствующими производителями. Поэтому важно, чтобы вы приобрели устройство в рамках активного цикла поддержки. [Qualcomm](https://www.qualcomm.com/news/releases/2020/12/16/qualcomm-and-google-announce-collaboration-extend-android-os-support-and) и [Samsung](https://news.samsung.com/us/samsung-galaxy-security-extending-updates-knox/) поддерживают свои устройства в течение 4 лет, в то время как более дешевые продукты часто имеют более короткие циклы поддержки. С релизом [Pixel 6](https://support.google.com/pixelphone/answer/4457705), Google теперь производит свои собственные SoC, и они обеспечат минимум 5 лет поддержки.
 
-EOL devices which are no longer supported by the SoC manufacturer cannot receive firmware updates from OEM vendors or after market Android distributors. This means that security issues with those devices will remain unfixed.
+Устройства EOL, которые больше не поддерживаются производителем SoC, не могут получать обновления прошивки от OEM-производителей или дистрибьюторов Android. Это означает, что проблемы безопасности этих устройств останутся неисправленными.
 
-Fairphone, for example, markets their devices as receiving 6 years of support. However, the SoC (Qualcomm Snapdragon 750G on the Fairphone 4) has a considerably shorter EOL date. This means that firmware security updates from Qualcomm for the Fairphone 4 will end in September 2023, regardless of whether Fairphone continues to release software security updates.
+Fairphone, например, рекламирует свои устройства как имеющие 6 лет поддержки. Однако SoC (Qualcomm Snapdragon 750G в Fairphone 4) имеет значительно более короткую дату выхода из эксплуатации. Это означает, что обновления безопасности прошивки от Qualcomm для Fairphone 4 закончатся в сентябре 2023 года, независимо от того, будет ли Fairphone продолжать выпускать обновления безопасности программного обеспечения.
 
 ## Версии Android
 
-It's important to not use an [end-of-life](https://endoflife.date/android) version of Android. Newer versions of Android not only receive security updates for the operating system but also important privacy enhancing updates too. For example, [prior to Android 10](https://developer.android.com/about/versions/10/privacy/changes), any apps with the [`READ_PHONE_STATE`](https://developer.android.com/reference/android/Manifest.permission#READ_PHONE_STATE) permission could access sensitive and unique serial numbers of your phone such as [IMEI](https://en.wikipedia.org/wiki/International_Mobile_Equipment_Identity), [MEID](https://en.wikipedia.org/wiki/Mobile_equipment_identifier), your SIM card's [IMSI](https://en.wikipedia.org/wiki/International_mobile_subscriber_identity), whereas now they must be system apps to do so. System apps are only provided by the OEM or Android distribution.
+Важно не использовать [устаревшую](https://endoflife.date/android) версию Android. Новые версии Android получают не только обновления безопасности операционной системы, но и важные обновления, улучшающие конфиденциальность. Например, [до Android 10](https://developer.android.com/about/versions/10/privacy/changes)любые приложения с разрешением [`READ_PHONE_STATE`](https://developer.android.com/reference/android/Manifest.permission#READ_PHONE_STATE) могли получить доступ к конфиденциальным и уникальным серийным номерам вашего телефона, таким как [IMEI](https://en.wikipedia.org/wiki/International_Mobile_Equipment_Identity), [MEID](https://en.wikipedia.org/wiki/Mobile_equipment_identifier), SIM-карта [IMSI](https://en.wikipedia.org/wiki/International_mobile_subscriber_identity), тогда как теперь для этого они должны быть системными приложениями. Системные приложения предоставляются только OEM-производителем или дистрибутивом Android.
 
 ## Разрешения в Android
 
@@ -145,25 +145,25 @@ Android 7 и выше поддерживает VPN killswitch, и он дост
 
 ### Обновление Google Play
 
-In the past, Android security updates had to be shipped by the operating system vendor. Android has become more modular beginning with Android 10, and Google can push security updates for **some** system components via the privileged Play Services.
+В прошлом обновления безопасности для Android должны были поставляться производителем операционной системы. Android стал более модульным, начиная с Android 10, и Google может распространять обновления безопасности для **некоторых** системных компонентов через привилегированные службы Play Services.
 
-If you have an EOL device shipped with Android 10 or above and are unable to run any of our recommended operating systems on your device, you are likely going to be better off sticking with your OEM Android installation (as opposed to an operating system not listed here such as LineageOS or /e/ OS). This will allow you to receive **some** security fixes from Google, while not violating the Android security model by using an insecure Android derivative and increasing your attack surface. We would still recommend upgrading to a supported device as soon as possible.
+Если у вас есть устройство EOL, поставляемое с Android 10 или выше, и вы не можете запустить ни одну из рекомендованных нами операционных систем на своем устройстве, вам, скорее всего, лучше придерживаться OEM-установки Android (в отличие от операционной системы, не указанной здесь, например, LineageOS или /e/ OS). Это позволит вам получать **некоторые** исправления безопасности от Google, но при этом не нарушать модель безопасности Android, используя небезопасный вариант Android и увеличивая поверхность атаки. Мы по-прежнему рекомендуем как можно скорее перейти на поддерживаемое устройство.
 
 ### Рекламный идентификатор
 
-All devices with Google Play Services installed automatically generate an [advertising ID](https://support.google.com/googleplay/android-developer/answer/6048248?hl=en) used for targeted advertising. Disable this feature to limit the data collected about you.
+Все устройства с установленными Службами Google Play автоматически генерируют [рекламный идентификатор](https://support.google.com/googleplay/android-developer/answer/6048248?hl=en), используемый для таргетированной рекламы. Отключите эту функцию, чтобы ограничить объем собираемых о вас данных.
 
 В дистрибутивах андроид с [Sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play), откройте :gear: **Настройки** → **Приложения** → **Sandboxed Google Play** → **Google Settings** → **Реклама**, и выберите *Удалить рекламный идентификатор*.
 
-On Android distributions with privileged Google Play Services (such as stock OSes), the setting may be in one of several locations. Check
+В дистрибутивах Android с привилегированными службами Google Play (например, в стоковых ОС) эта настройка может находиться в одном из нескольких мест. Проверьте
 
 - :gear: **Настройки** → **Google** → **Реклама**
 - :gear: **Настройки** → **Конфиденциальность** → **Реклама**
 
-У вас либо будет опция удаления рекламного идентификатора либо опция *отключения рекламы, основанной на интересах*, это варьируется в зависимости от производителя. If presented with the option to delete the advertising ID that is preferred. If not, then make sure to opt out and reset your advertising ID.
+У вас либо будет опция удаления рекламного идентификатора либо опция *отключения рекламы, основанной на интересах*, это варьируется в зависимости от производителя. Если предоставляется возможность удалить рекламный идентификатор, то она предпочтительнее. Если нет, то обязательно откажитесь и сбросьте свой рекламный ID.
 
 ### SafetyNet и Play Integrity API
 
-[SafetyNet](https://developer.android.com/training/safetynet/attestation) and the [Play Integrity APIs](https://developer.android.com/google/play/integrity) are generally used for [banking apps](https://grapheneos.org/usage#banking-apps). Many banking apps will work fine in GrapheneOS with sandboxed Play services, however some non-financial apps have their own crude anti-tampering mechanisms which might fail. GrapheneOS passes the `basicIntegrity` check, but not the certification check `ctsProfileMatch`. Devices with Android 8 or later have hardware attestation support which cannot be bypassed without leaked keys or serious vulnerabilities.
+[SafetyNet](https://developer.android.com/training/safetynet/attestation) и [Play Integrity APIs](https://developer.android.com/google/play/integrity) обычно используются для [банковских приложений](https://grapheneos.org/usage#banking-apps). Многие банковские приложения будут отлично работать в GrapheneOS с "изолированными" Play services, однако некоторые нефинансовые приложения имеют свои собственные слабые механизмы защиты от взлома, которые могут дать сбой. GrapheneOS проходит проверку `basicIntegrity`, но не проверку сертификации `ctsProfileMatch`. Устройства с Android 8 или более поздней версией имеют поддержку аппаратной аттестации, которую невозможно обойти без утечки ключей или серьезных уязвимостей.
 
-As for Google Wallet, we don't recommend this due to their [privacy policy](https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=en), which states you must opt-out if you don't want your credit rating and personal information shared with affiliate marketing services.
+Что касается Google Wallet, мы не рекомендуем его использовать из-за их [политики конфиденциальности](https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=en), которая гласит, что вы должны отказаться от перредачи вашего кредитного рейтига и личной информации партнерским маркетинговым служюам, если не хотите этого.

i18n/ru/os/linux-overview.md

@@ -1,32 +1,32 @@
 ---
-title: Linux Overview
+title: Обзор Linux
 icon: fontawesome/brands/linux
-description: Linux is an open-source, privacy-focused desktop operating system alternative, but not all distribitions are created equal.
+description: Linux - это альтернативная настольная операционная система с открытым исходным кодом, ориентированная на конфиденциальность, но не все дистрибутивы созданы одинаково.
 ---
 
-It is often believed that [open-source](https://en.wikipedia.org/wiki/Open-source_software) software is inherently secure because the source code is available. There is an expectation that community verification occurs regularly; however, this isn’t always [the case](https://seirdy.one/posts/2022/02/02/floss-security/). It does depend on a number of factors, such as project activity, developer experience, level of rigor applied to [code reviews](https://en.wikipedia.org/wiki/Code_review), and how often attention is given to specific parts of the [codebase](https://en.wikipedia.org/wiki/Codebase) that may go untouched for years.
+Часто считается, что программное обеспечение с [открытым исходным кодом](https://en.wikipedia.org/wiki/Open-source_software) по своей сути безопасно, поскольку исходный код доступен. Существует ожидание, что проверка сообщества происходит регулярно; однако это [не всегда так](https://seirdy.one/posts/2022/02/02/floss-security/). Это зависит от ряда факторов, таких как активность проекта, опыт разработчиков, уровень строгости, применяемый в [обзорах кода](https://en.wikipedia.org/wiki/Code_review), и как часто уделяется внимание определенным частям [кодовой базы](https://en.wikipedia.org/wiki/Codebase), которые могут оставаться нетронутыми годами.
 
-At the moment, desktop Linux does have some areas that could be better improved when compared to their proprietary counterparts, e.g.:
+На данный момент в настольном Linux есть некоторые области, которые можно улучшить при сравнении с проприетарными аналогами, например:
 
-- A verified boot chain, like Apple’s [Secure Boot](https://support.apple.com/guide/security/startup-security-utility-secc7b34e5b5/web) (with [Secure Enclave](https://support.apple.com/guide/security/secure-enclave-sec59b0b31ff/1/web/1)), Android’s [Verified Boot](https://source.android.com/security/verifiedboot), ChromeOS' [Verified boot](https://www.chromium.org/chromium-os/chromiumos-design-docs/security-overview/#verified-boot), or Microsoft Windows’s [boot process](https://docs.microsoft.com/en-us/windows/security/information-protection/secure-the-windows-10-boot-process) with [TPM](https://docs.microsoft.com/en-us/windows/security/information-protection/tpm/how-windows-uses-the-tpm). These features and hardware technologies can all help prevent persistent tampering by malware or [evil maid attacks](https://en.wikipedia.org/wiki/Evil_Maid_attack)
-- A strong sandboxing solution such as that found in [macOS](https://developer.apple.com/library/archive/documentation/Security/Conceptual/AppSandboxDesignGuide/AboutAppSandbox/AboutAppSandbox.html), [ChromeOS](https://chromium.googlesource.com/chromiumos/docs/+/HEAD/sandboxing.md), and [Android](https://source.android.com/security/app-sandbox). Commonly used Linux sandboxing solutions such as [Flatpak](https://docs.flatpak.org/en/latest/sandbox-permissions.html) and [Firejail](https://firejail.wordpress.com/) still have a long way to go
-- Strong [exploit mitigations](https://madaidans-insecurities.github.io/linux.html#exploit-mitigations)
+- Проверенная загрузка, например, [безопасная загрузка](https://support.apple.com/ru-ru/guide/security/secc7b34e5b5/web) от Apple (с [Secure Enclave](https://support.apple.com/ru-ru/guide/security/sec59b0b31ff/1/web/1)), [проверенная загрузка](https://source.android.com/security/verifiedboot) в Android, [Verified boot](https://www.chromium.org/chromium-os/chromiumos-design-docs/security-overview/#verified-boot) в ChromeOS или [защита процесса загрузки](https://learn.microsoft.com/ru-ru/windows/security/operating-system-security/system-security/secure-the-windows-10-boot-process) с [TPM](https://learn.microsoft.com/ru-ru/windows/security/information-protection/tpm/how-windows-uses-the-tpm) в Microsoft Windows. Все эти функции и аппаратные технологии могут помочь предотвратить постоянное вмешательство вредоносных программ или предотвратить [атаки злой горничной](https://encyclopedia.kaspersky.ru/glossary/evil-maid/)
+- Сильная "песочница", такая как в [macOS](https://developer.apple.com/library/archive/documentation/Security/Conceptual/AppSandboxDesignGuide/AboutAppSandbox/AboutAppSandbox.html), [ChromeOS](https://chromium.googlesource.com/chromiumos/docs/+/HEAD/sandboxing.md), и [Android](https://source.android.com/security/app-sandbox). Широко используемые решения для создания песочниц в Linux, например [Flatpak](https://docs.flatpak.org/en/latest/sandbox-permissions.html) и [Firejail](https://firejail.wordpress.com/), все еще требуют много улучшений
+- Сильные [средства защиты от эксплойтов](https://madaidans-insecurities.github.io/linux.html#exploit-mitigations)
 
-Despite these drawbacks, desktop Linux distributions are great if you want to:
+Несмотря на эти недостатки, настольные дистрибутивы Linux отлично вам подойдут, если вы хотите:
 
-- Avoid telemetry that often comes with proprietary operating systems
-- Maintain [software freedom](https://www.gnu.org/philosophy/free-sw.en.html#four-freedoms)
-- Have privacy focused systems such as [Whonix](https://www.whonix.org) or [Tails](https://tails.boum.org/)
+- Избежать телеметрии, которая часто поставляется с проприетарными операционными системами
+- Поддержать [свободу программного обеспечения](https://www.gnu.org/philosophy/free-sw.en.html#four-freedoms)
+- Использовать системы, ориентированные на конфиденциальность, такие как [Whonix](https://www.whonix.org) или [Tails](https://tails.boum.org/index.ru.html)
 
-Our website generally uses the term “Linux” to describe desktop Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed here.
+На нашем сайте термин "Linux" обычно используется для описания дистрибутивов Linux для настольных компьютеров. Другие операционные системы, которые также используют ядро Linux (ChromeOS, Android и Qubes OS) здесь не рассматриваются.
 
-[Our Linux Recommendations :material-arrow-right-drop-circle:](../desktop.md ""){.md-button}
+[Наши рекомендации Linux :material-arrow-right-drop-circle:](../desktop.md ""){.md-button}
 
-## Choosing your distribution
+## Выбор дистрибутива
 
 Not all Linux distributions are created equal. While our Linux recommendation page is not meant to be an authoritative source on which distribution you should use, there are a few things you should keep in mind when choosing which distribution to use.
 
-### Release cycle
+### Цикл релиза
 
 We highly recommend that you choose distributions which stay close to the stable upstream software releases, often referred to as rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates.
 
@@ -38,7 +38,7 @@ We don’t believe holding packages back and applying interim patches is a good
   <iframe width="560" height="315" src="https://invidious.privacyguides.net/embed/i8c0mg_mS7U?local=true" title="Regular Releases are Wrong, Roll for your life" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
 </div>
 
-### Traditional vs Atomic updates
+### Традиционные vs атомные обновления
 
 Traditionally, Linux distributions update by sequentially updating the desired packages. Traditional updates such as those used in Fedora, Arch Linux, and Debian based distributions can be less reliable if an error occurs while updating.
 
@@ -52,11 +52,11 @@ The Atomic update method is used for immutable distributions like Silverblue, Tu
   <iframe width="560" height="315" src="https://invidious.privacyguides.net/embed/-hpV5l-gJnQ?local=true" title="Let's try Fedora Silverblue — an immutable desktop OS! - Adam Šamalik" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
 </div>
 
-### “Security-focused” distributions
+### Дистрибутивы "ориентированные на безопасность"
 
 There is often some confusion between “security-focused” distributions and “pentesting” distributions. A quick search for “the most secure Linux distribution” will often give results like Kali Linux, Black Arch and Parrot OS. These distributions are offensive penetration testing distributions that bundle tools for testing other systems. They don’t include any “extra security” or defensive mitigations intended for regular use.
 
-### Arch-based distributions
+### Дистрибутивы на базе Arch
 
 Arch based distributions are not recommended for those new to Linux, (regardless of distribution) as they require regular [system maintenance](https://wiki.archlinux.org/title/System_maintenance). Arch does not have an distribution update mechanism for the underlying software choices. As a result you have to stay aware with current trends and adopt technologies as they supersede older practices on your own.
 
@@ -66,20 +66,20 @@ Anyone using the [Arch User Repository (AUR)](https://wiki.archlinux.org/title/A
 
 If you are experienced with Linux and wish to use an Arch-based distribution, we only recommend mainline Arch Linux, not any of its derivatives. We recommend against these two Arch derivatives specifically:
 
-- **Manjaro**: This distribution holds packages back for 2 weeks to make sure that their own changes don’t break, not to make sure that upstream is stable. When AUR packages are used, they are often built against the latest [libraries](https://en.wikipedia.org/wiki/Library_(computing)) from Arch’s repositories.
-- **Garuda**: They use [Chaotic-AUR](https://aur.chaotic.cx/) which automatically and blindly compiles packages from the AUR. There is no verification process to make sure that the AUR packages don’t suffer from supply chain attacks.
+- **Manjaro**: Этот дистрибутив задерживает пакеты на 2 недели, чтобы убедиться, что их собственные изменения не сломаются, а не для того, чтобы убедиться в стабильности upstream. When AUR packages are used, they are often built against the latest [libraries](https://en.wikipedia.org/wiki/Library_(computing)) from Arch’s repositories.
+- **Garuda**: Они используют [Chaotic-AUR](https://aur.chaotic.cx/), который автоматически и вслепую компилирует пакеты из AUR. There is no verification process to make sure that the AUR packages don’t suffer from supply chain attacks.
 
 ### Kicksecure
 
 While we strongly recommend against using outdated distributions like Debian, there is a Debian based operating system that has been hardened to be much more secure than typical Linux distributions: [Kicksecure](https://www.kicksecure.com/). Kicksecure, in oversimplified terms, is a set of scripts, configurations, and packages that substantially reduce the attack surface of Debian. It covers a lot of privacy and hardening recommendations by default.
 
-### Linux-libre kernel and “Libre” distributions
+### Ядро Linux-libre и дистрибутивы "Libre"
 
-We strongly recommend **against** using the Linux-libre kernel, since it [removes security mitigations](https://www.phoronix.com/scan.php?page=news_item&px=GNU-Linux-Libre-5.7-Released) and [suppresses kernel warnings](https://news.ycombinator.com/item?id=29674846) about vulnerable microcode for ideological reasons.
+Мы настоятельно рекомендуем **не** использовать ядро Linux-libre, поскольку оно [удаляет некоторые компоненты безопасности](https://www.phoronix.com/scan.php?page=news_item&px=GNU-Linux-Libre-5.7-Released) и [подавляет предупреждения ядра](https://news.ycombinator.com/item?id=29674846) об уязвимом микрокоде (по идеологическим причинам).
 
 ## Общие рекомендации
 
-### Drive Encryption
+### Шифрование диска
 
 Most Linux distributions have an option within its installer for enabling [LUKS](../encryption.md#linux-unified-key-setup) FDE. If this option isn’t set at installation time, you will have to backup your data and re-install, as encryption is applied after [disk partitioning](https://en.wikipedia.org/wiki/Disk_partitioning), but before [file systems](https://en.wikipedia.org/wiki/File_system) are formatted. We also suggest securely erasing your storage device:
 
@@ -97,13 +97,13 @@ Fortunately, common environments such as [GNOME](https://www.gnome.org), [KDE](h
 
 We recommend **against** using desktop environments or window managers that do not have Wayland support, such as Cinnamon (default on Linux Mint), Pantheon (default on Elementary OS), MATE, Xfce, and i3.
 
-### Proprietary Firmware (Microcode Updates)
+### Проприетарная прошивка (обновления микрокода)
 
 Linux distributions such as those which are [Linux-libre](https://en.wikipedia.org/wiki/Linux-libre) or DIY (Arch Linux) don’t come with the proprietary [microcode](https://en.wikipedia.org/wiki/Microcode) updates that often patch vulnerabilities. Some notable examples of these vulnerabilities include [Spectre](https://en.wikipedia.org/wiki/Spectre_(security_vulnerability)), [Meltdown](https://en.wikipedia.org/wiki/Meltdown_(security_vulnerability)), [SSB](https://en.wikipedia.org/wiki/Speculative_Store_Bypass), [Foreshadow](https://en.wikipedia.org/wiki/Foreshadow), [MDS](https://en.wikipedia.org/wiki/Microarchitectural_Data_Sampling), [SWAPGS](https://en.wikipedia.org/wiki/SWAPGS_(security_vulnerability)), and other [hardware vulnerabilities](https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/index.html).
 
 We **highly recommend** that you install the microcode updates, as your CPU is already running the proprietary microcode from the factory. Fedora and openSUSE both have the microcode updates applied by default.
 
-### Updates
+### Обновления
 
 Most Linux distributions will automatically install updates or remind you to do so. It is important to keep your OS up to date so that your software is patched when a vulnerability is found.
 
@@ -111,9 +111,9 @@ Some distributions (particularly those aimed at advanced users) are more barebon
 
 Additionally, some distributions will not download firmware updates automatically. For that you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd).
 
-## Privacy Tweaks
+## Твики конфиденциальности
 
-### MAC Address Randomization
+### Рандомизация MAC-адресов
 
 Many desktop Linux distributions (Fedora, openSUSE, etc.) will come with [NetworkManager](https://en.wikipedia.org/wiki/NetworkManager), to configure Ethernet and Wi-Fi settings.
 
@@ -125,7 +125,7 @@ If you are using [systemd-networkd](https://en.wikipedia.org/wiki/Systemd#Ancill
 
 There isn’t many points in randomizing the MAC address for Ethernet connections as a system administrator can find you by looking at the port you are using on the [network switch](https://en.wikipedia.org/wiki/Network_switch). Randomizing Wi-Fi MAC addresses depends on support from the Wi-Fi’s firmware.
 
-### Other Identifiers
+### Другие идентификаторы
 
 There are other system identifiers which you may wish to be careful about. You should give this some thought to see if it applies to your [threat model](../basics/threat-modeling.md):
 
@@ -133,7 +133,7 @@ There are other system identifiers which you may wish to be careful about. You s
 - **Usernames:** Similarly, your username is used in a variety of ways across your system. Consider using generic terms like "user" rather than your actual name.
 - **Machine ID:**: During installation a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id).
 
-### System Counting
+### Подсчёт систем
 
 The Fedora Project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Counting) how many unique systems access its mirrors by using a [`countme`](https://fedoraproject.org/wiki/Changes/DNF_Better_Counting#Detailed_Description) variable instead of a unique ID. Fedora does this to determine load and provision better servers for updates where necessary.
 

i18n/ru/tools.md

@@ -214,9 +214,9 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
 
 <div class="grid cards" markdown>
 
-- ![Proton VPN logo](assets/img/vpn/protonvpn.svg){ .twemoji } [Proton VPN](vpn.md#proton-vpn)
-- ![IVPN logo](assets/img/vpn/mini/ivpn.svg){ .twemoji } [IVPN](vpn.md#ivpn)
-- ![Mullvad logo](assets/img/vpn/mullvad.svg){ .twemoji } [Mullvad](vpn.md#mullvad)
+- ![Логотип Proton VPN](assets/img/vpn/protonvpn.svg){ .twemoji } [Proton VPN](vpn.md#proton-vpn)
+- ![Логотип IVPN](assets/img/vpn/mini/ivpn.svg){ .twemoji } [IVPN](vpn.md#ivpn)
+- ![Логотип Mullvad](assets/img/vpn/mullvad.svg){ .twemoji } [Mullvad](vpn.md#mullvad)
 
 </div>
 

i18n/ru/vpn.md

@@ -10,9 +10,9 @@ cover: vpn.png
 
 <div class="grid cards" markdown>
 
-- ![Proton VPN logo](assets/img/vpn/protonvpn.svg){ .twemoji } [Proton VPN](#proton-vpn)
-- ![IVPN logo](assets/img/vpn/mini/ivpn.svg){ .twemoji } [IVPN](#ivpn)
-- ![Mullvad logo](assets/img/vpn/mullvad.svg){ .twemoji } [Mullvad](#mullvad)
+- ![Логотип Proton VPN](assets/img/vpn/protonvpn.svg){ .twemoji } [Proton VPN](#proton-vpn)
+- ![Логотип IVPN](assets/img/vpn/mini/ivpn.svg){ .twemoji } [IVPN](#ivpn)
+- ![Логотип Mullvad](assets/img/vpn/mullvad.svg){ .twemoji } [Mullvad](#mullvad)
 
 </div>
 
@@ -147,7 +147,7 @@ IVPN [рекомендует](https://www.ivpn.net/wireguard/) использо
 
 #### :material-alert-outline:{ .pg-orange } Удаленная переадресация портов
 
-IVPN previously supported port forwarding, but removed the option in [June 2023](https://www.ivpn.net/blog/gradual-removal-of-port-forwarding). Отсутствие этой функции может негативно сказаться на некоторых приложениях, особенно на пиринговых приложениях, таких как торрент-клиенты.
+IVPN ранее поддерживал перенаправление портов, но убрал эту опцию в [июне 2023 года](https://www.ivpn.net/blog/gradual-removal-of-port-forwarding). Отсутствие этой функции может негативно сказаться на некоторых приложениях, особенно на пиринговых приложениях, таких как торрент-клиенты.
 
 #### :material-check:{ .pg-green } Приложения для смартфонов