diff --git a/i18n/ar/desktop-browsers.md b/i18n/ar/desktop-browsers.md index 1be29d94..d7376a28 100644 --- a/i18n/ar/desktop-browsers.md +++ b/i18n/ar/desktop-browsers.md @@ -346,7 +346,7 @@ Brave's Web3 features can potentially add to your browser fingerprint and attack #### Brave Rewards and Wallet -**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#other-coins-bitcoin-ethereum-etc), so we would discourage using this feature. +**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave Wallet** operates locally on your computer, but does not support any private cryptocurrencies, so we would discourage using this feature as well. diff --git a/i18n/ar/os/linux-overview.md b/i18n/ar/os/linux-overview.md index 56db7195..1e8a0dbc 100644 --- a/i18n/ar/os/linux-overview.md +++ b/i18n/ar/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux is an open-source, privacy-focused desktop operating system alternative, but not all distribitions are created equal. --- -**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, Linux desktop has remained the clear choice for people looking for total control over their computers from the ground up. +**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Our website generally uses the term “Linux” to describe **desktop** Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed on this page. @@ -16,7 +16,7 @@ There are some notable privacy concerns with Linux which you should be aware of. - Avoid telemetry that often comes with proprietary operating systems - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ Not all Linux distributions are created equal. Our [Linux recommendation page](. We highly recommend that you choose distributions which stay close to the stable upstream software releases, often referred to as rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result minor security fixes are sometimes held back until the next major release. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result, minor security fixes are sometimes held back until the next major release. We don’t believe holding packages back and applying interim patches is a good idea, as it diverges from the way the developer might have intended the software to work. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ If you require suspend-to-disk (hibernation) functionality, you will still need We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Its predecessor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) does not support GUI isolation, which allows any window to [record, log, and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). We recommend **against** using desktop environments or window managers that do not have Wayland support, such as Cinnamon (default on Linux Mint), Pantheon (default on Elementary OS), MATE, Xfce, and i3. @@ -123,7 +123,7 @@ Most Linux distributions will automatically install updates or remind you to do Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). These will require running the "package manager" (`apt`, `pacman`, `dnf`, etc.) manually in order to receive important security updates. -Additionally, some distributions will not download firmware updates automatically. For that you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Additionally, some distributions will not download firmware updates automatically. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Privacy Tweaks @@ -145,7 +145,7 @@ There are other system identifiers which you may wish to be careful about. You s - **Hostnames:** Your system's hostname is shared with the networks you connect to. You should avoid including identifying terms like your name or operating system in your hostname, instead sticking to generic terms or random strings. - **Usernames:** Similarly, your username is used in a variety of ways across your system. Consider using generic terms like "user" rather than your actual name. -- **Machine ID:**: During installation a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### System Counting @@ -153,4 +153,4 @@ The Fedora Project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Co This [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) is currently off by default. We recommend adding `countme=false` to `/etc/dnf/dnf.conf` just in case it is enabled in the future. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by deleting the `/var/lib/zypp/AnonymousUniqueId` file. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/ar/search-engines.md b/i18n/ar/search-engines.md index 0c54e98f..7c2adb77 100644 --- a/i18n/ar/search-engines.md +++ b/i18n/ar/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. The index is optimized against Google Search and therefore may provide more contextually accurate results compared to other alternatives. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ When you are using a SearXNG instance, be sure to go read their privacy policy. ### Minimum Requirements - Must not collect PII per their privacy policy. -- Must not allow users to create an account with them. +- Must not require users to create an account with them. ### Best-Case diff --git a/i18n/bn-IN/desktop-browsers.md b/i18n/bn-IN/desktop-browsers.md index 44b94447..3719c26e 100644 --- a/i18n/bn-IN/desktop-browsers.md +++ b/i18n/bn-IN/desktop-browsers.md @@ -346,7 +346,7 @@ Brave's Web3 features can potentially add to your browser fingerprint and attack #### Brave Rewards and Wallet -**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#other-coins-bitcoin-ethereum-etc), so we would discourage using this feature. +**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave Wallet** operates locally on your computer, but does not support any private cryptocurrencies, so we would discourage using this feature as well. diff --git a/i18n/bn-IN/os/linux-overview.md b/i18n/bn-IN/os/linux-overview.md index 56db7195..1e8a0dbc 100644 --- a/i18n/bn-IN/os/linux-overview.md +++ b/i18n/bn-IN/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux is an open-source, privacy-focused desktop operating system alternative, but not all distribitions are created equal. --- -**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, Linux desktop has remained the clear choice for people looking for total control over their computers from the ground up. +**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Our website generally uses the term “Linux” to describe **desktop** Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed on this page. @@ -16,7 +16,7 @@ There are some notable privacy concerns with Linux which you should be aware of. - Avoid telemetry that often comes with proprietary operating systems - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ Not all Linux distributions are created equal. Our [Linux recommendation page](. We highly recommend that you choose distributions which stay close to the stable upstream software releases, often referred to as rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result minor security fixes are sometimes held back until the next major release. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result, minor security fixes are sometimes held back until the next major release. We don’t believe holding packages back and applying interim patches is a good idea, as it diverges from the way the developer might have intended the software to work. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ If you require suspend-to-disk (hibernation) functionality, you will still need We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Its predecessor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) does not support GUI isolation, which allows any window to [record, log, and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). We recommend **against** using desktop environments or window managers that do not have Wayland support, such as Cinnamon (default on Linux Mint), Pantheon (default on Elementary OS), MATE, Xfce, and i3. @@ -123,7 +123,7 @@ Most Linux distributions will automatically install updates or remind you to do Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). These will require running the "package manager" (`apt`, `pacman`, `dnf`, etc.) manually in order to receive important security updates. -Additionally, some distributions will not download firmware updates automatically. For that you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Additionally, some distributions will not download firmware updates automatically. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Privacy Tweaks @@ -145,7 +145,7 @@ There are other system identifiers which you may wish to be careful about. You s - **Hostnames:** Your system's hostname is shared with the networks you connect to. You should avoid including identifying terms like your name or operating system in your hostname, instead sticking to generic terms or random strings. - **Usernames:** Similarly, your username is used in a variety of ways across your system. Consider using generic terms like "user" rather than your actual name. -- **Machine ID:**: During installation a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### System Counting @@ -153,4 +153,4 @@ The Fedora Project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Co This [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) is currently off by default. We recommend adding `countme=false` to `/etc/dnf/dnf.conf` just in case it is enabled in the future. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by deleting the `/var/lib/zypp/AnonymousUniqueId` file. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/bn-IN/search-engines.md b/i18n/bn-IN/search-engines.md index 53871162..0df0b9b2 100644 --- a/i18n/bn-IN/search-engines.md +++ b/i18n/bn-IN/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. The index is optimized against Google Search and therefore may provide more contextually accurate results compared to other alternatives. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ When you are using a SearXNG instance, be sure to go read their privacy policy. ### Minimum Requirements - Must not collect PII per their privacy policy. -- Must not allow users to create an account with them. +- Must not require users to create an account with them. ### Best-Case diff --git a/i18n/bn/desktop-browsers.md b/i18n/bn/desktop-browsers.md index 44b94447..3719c26e 100644 --- a/i18n/bn/desktop-browsers.md +++ b/i18n/bn/desktop-browsers.md @@ -346,7 +346,7 @@ Brave's Web3 features can potentially add to your browser fingerprint and attack #### Brave Rewards and Wallet -**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#other-coins-bitcoin-ethereum-etc), so we would discourage using this feature. +**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave Wallet** operates locally on your computer, but does not support any private cryptocurrencies, so we would discourage using this feature as well. diff --git a/i18n/bn/os/linux-overview.md b/i18n/bn/os/linux-overview.md index 56db7195..1e8a0dbc 100644 --- a/i18n/bn/os/linux-overview.md +++ b/i18n/bn/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux is an open-source, privacy-focused desktop operating system alternative, but not all distribitions are created equal. --- -**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, Linux desktop has remained the clear choice for people looking for total control over their computers from the ground up. +**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Our website generally uses the term “Linux” to describe **desktop** Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed on this page. @@ -16,7 +16,7 @@ There are some notable privacy concerns with Linux which you should be aware of. - Avoid telemetry that often comes with proprietary operating systems - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ Not all Linux distributions are created equal. Our [Linux recommendation page](. We highly recommend that you choose distributions which stay close to the stable upstream software releases, often referred to as rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result minor security fixes are sometimes held back until the next major release. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result, minor security fixes are sometimes held back until the next major release. We don’t believe holding packages back and applying interim patches is a good idea, as it diverges from the way the developer might have intended the software to work. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ If you require suspend-to-disk (hibernation) functionality, you will still need We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Its predecessor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) does not support GUI isolation, which allows any window to [record, log, and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). We recommend **against** using desktop environments or window managers that do not have Wayland support, such as Cinnamon (default on Linux Mint), Pantheon (default on Elementary OS), MATE, Xfce, and i3. @@ -123,7 +123,7 @@ Most Linux distributions will automatically install updates or remind you to do Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). These will require running the "package manager" (`apt`, `pacman`, `dnf`, etc.) manually in order to receive important security updates. -Additionally, some distributions will not download firmware updates automatically. For that you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Additionally, some distributions will not download firmware updates automatically. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Privacy Tweaks @@ -145,7 +145,7 @@ There are other system identifiers which you may wish to be careful about. You s - **Hostnames:** Your system's hostname is shared with the networks you connect to. You should avoid including identifying terms like your name or operating system in your hostname, instead sticking to generic terms or random strings. - **Usernames:** Similarly, your username is used in a variety of ways across your system. Consider using generic terms like "user" rather than your actual name. -- **Machine ID:**: During installation a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### System Counting @@ -153,4 +153,4 @@ The Fedora Project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Co This [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) is currently off by default. We recommend adding `countme=false` to `/etc/dnf/dnf.conf` just in case it is enabled in the future. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by deleting the `/var/lib/zypp/AnonymousUniqueId` file. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/bn/search-engines.md b/i18n/bn/search-engines.md index 53871162..0df0b9b2 100644 --- a/i18n/bn/search-engines.md +++ b/i18n/bn/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. The index is optimized against Google Search and therefore may provide more contextually accurate results compared to other alternatives. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ When you are using a SearXNG instance, be sure to go read their privacy policy. ### Minimum Requirements - Must not collect PII per their privacy policy. -- Must not allow users to create an account with them. +- Must not require users to create an account with them. ### Best-Case diff --git a/i18n/cs/desktop-browsers.md b/i18n/cs/desktop-browsers.md index f6ef7d4d..6a41638f 100644 --- a/i18n/cs/desktop-browsers.md +++ b/i18n/cs/desktop-browsers.md @@ -346,7 +346,7 @@ Brave's Web3 features can potentially add to your browser fingerprint and attack #### Brave Rewards and Wallet -**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#other-coins-bitcoin-ethereum-etc), so we would discourage using this feature. +**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave Wallet** operates locally on your computer, but does not support any private cryptocurrencies, so we would discourage using this feature as well. diff --git a/i18n/cs/os/linux-overview.md b/i18n/cs/os/linux-overview.md index 56db7195..1e8a0dbc 100644 --- a/i18n/cs/os/linux-overview.md +++ b/i18n/cs/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux is an open-source, privacy-focused desktop operating system alternative, but not all distribitions are created equal. --- -**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, Linux desktop has remained the clear choice for people looking for total control over their computers from the ground up. +**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Our website generally uses the term “Linux” to describe **desktop** Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed on this page. @@ -16,7 +16,7 @@ There are some notable privacy concerns with Linux which you should be aware of. - Avoid telemetry that often comes with proprietary operating systems - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ Not all Linux distributions are created equal. Our [Linux recommendation page](. We highly recommend that you choose distributions which stay close to the stable upstream software releases, often referred to as rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result minor security fixes are sometimes held back until the next major release. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result, minor security fixes are sometimes held back until the next major release. We don’t believe holding packages back and applying interim patches is a good idea, as it diverges from the way the developer might have intended the software to work. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ If you require suspend-to-disk (hibernation) functionality, you will still need We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Its predecessor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) does not support GUI isolation, which allows any window to [record, log, and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). We recommend **against** using desktop environments or window managers that do not have Wayland support, such as Cinnamon (default on Linux Mint), Pantheon (default on Elementary OS), MATE, Xfce, and i3. @@ -123,7 +123,7 @@ Most Linux distributions will automatically install updates or remind you to do Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). These will require running the "package manager" (`apt`, `pacman`, `dnf`, etc.) manually in order to receive important security updates. -Additionally, some distributions will not download firmware updates automatically. For that you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Additionally, some distributions will not download firmware updates automatically. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Privacy Tweaks @@ -145,7 +145,7 @@ There are other system identifiers which you may wish to be careful about. You s - **Hostnames:** Your system's hostname is shared with the networks you connect to. You should avoid including identifying terms like your name or operating system in your hostname, instead sticking to generic terms or random strings. - **Usernames:** Similarly, your username is used in a variety of ways across your system. Consider using generic terms like "user" rather than your actual name. -- **Machine ID:**: During installation a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### System Counting @@ -153,4 +153,4 @@ The Fedora Project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Co This [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) is currently off by default. We recommend adding `countme=false` to `/etc/dnf/dnf.conf` just in case it is enabled in the future. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by deleting the `/var/lib/zypp/AnonymousUniqueId` file. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/cs/search-engines.md b/i18n/cs/search-engines.md index 53871162..0df0b9b2 100644 --- a/i18n/cs/search-engines.md +++ b/i18n/cs/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. The index is optimized against Google Search and therefore may provide more contextually accurate results compared to other alternatives. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ When you are using a SearXNG instance, be sure to go read their privacy policy. ### Minimum Requirements - Must not collect PII per their privacy policy. -- Must not allow users to create an account with them. +- Must not require users to create an account with them. ### Best-Case diff --git a/i18n/de/desktop-browsers.md b/i18n/de/desktop-browsers.md index f79483fd..828f6929 100644 --- a/i18n/de/desktop-browsers.md +++ b/i18n/de/desktop-browsers.md @@ -346,7 +346,7 @@ Die Web3-Funktionen von Brave können deinen Browser-Fingerabdruck und deine Ang #### Brave Rewards und Wallet -Durch **Brave Rewards** erhälst du Basic Attention Token (BAT) Kryptowährung für die Durchführung bestimmter Aktionen in Brave. Es basiert auf einem Account und KYC von einer ausgewählten Anzahl von Anbietern. Wir empfehlen BAT nicht als [private Kryptowährung](cryptocurrency.md), und wir empfehlen auch nicht die Verwendung einer [depotgeführten Geldbörse](advanced/payments.md#other-coins-bitcoin-ethereum-etc). Wir raten also von dieser Funktion ab. +Durch **Brave Rewards** erhälst du Basic Attention Token (BAT) Kryptowährung für die Durchführung bestimmter Aktionen in Brave. Es basiert auf einem Account und KYC von einer ausgewählten Anzahl von Anbietern. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave Wallet** arbeitet lokal auf Ihrem Computer, unterstützt aber keine privaten Kryptowährungen, weshalb wir auch von dieser Funktion abraten würden. diff --git a/i18n/de/os/linux-overview.md b/i18n/de/os/linux-overview.md index 363bc276..77261d05 100644 --- a/i18n/de/os/linux-overview.md +++ b/i18n/de/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux ist eine Open-Source-Alternative für Desktop-Betriebssysteme, bei der der Datenschutz im Vordergrund steht, aber nicht alle Distributionen sind gleich. --- -**Linux** ist eine Open-Source-Alternative für Desktop-Betriebssysteme, bei der die Privatsphäre im Vordergrund steht. Angesichts der allgegenwärtigen Telemetrie und anderer die Privatsphäre verletzender Technologien in Mainstream-Betriebssystemen ist Linux nach wie vor die erste Wahl für Menschen, die von Grund auf die volle Kontrolle über ihren Computer haben wollen. +**Linux** ist eine Open-Source-Alternative für Desktop-Betriebssysteme, bei der die Privatsphäre im Vordergrund steht. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Auf unserer Website wird der Begriff "Linux" im Allgemeinen zur Beschreibung von **Desktop** Linux-Distributionen verwendet. Andere Betriebssysteme, die ebenfalls den Linux-Kernel verwenden, wie ChromeOS, Android und Qubes OS, werden auf dieser Seite nicht behandelt. @@ -16,7 +16,7 @@ Es gibt einige Datenschutzprobleme bei Linux, die Sie beachten sollten. Trotz di - Telemetrie vermeiden wollen, die oft mit proprietären Betriebssystemen einhergeht - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ Not all Linux distributions are created equal. Our [Linux recommendation page](. We highly recommend that you choose distributions which stay close to the stable upstream software releases, often referred to as rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result minor security fixes are sometimes held back until the next major release. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result, minor security fixes are sometimes held back until the next major release. We don’t believe holding packages back and applying interim patches is a good idea, as it diverges from the way the developer might have intended the software to work. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ If you require suspend-to-disk (hibernation) functionality, you will still need We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Its predecessor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) does not support GUI isolation, which allows any window to [record, log, and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). We recommend **against** using desktop environments or window managers that do not have Wayland support, such as Cinnamon (default on Linux Mint), Pantheon (default on Elementary OS), MATE, Xfce, and i3. @@ -123,7 +123,7 @@ Most Linux distributions will automatically install updates or remind you to do Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). These will require running the "package manager" (`apt`, `pacman`, `dnf`, etc.) manually in order to receive important security updates. -Additionally, some distributions will not download firmware updates automatically. For that you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Additionally, some distributions will not download firmware updates automatically. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Privacy Tweaks @@ -145,7 +145,7 @@ There are other system identifiers which you may wish to be careful about. You s - **Hostnames:** Your system's hostname is shared with the networks you connect to. You should avoid including identifying terms like your name or operating system in your hostname, instead sticking to generic terms or random strings. - **Usernames:** Similarly, your username is used in a variety of ways across your system. Consider using generic terms like "user" rather than your actual name. -- **Machine ID:**: During installation a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### System Counting @@ -153,4 +153,4 @@ The Fedora Project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Co This [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) is currently off by default. We recommend adding `countme=false` to `/etc/dnf/dnf.conf` just in case it is enabled in the future. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by deleting the `/var/lib/zypp/AnonymousUniqueId` file. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/de/search-engines.md b/i18n/de/search-engines.md index 738f278b..8c0ac79a 100644 --- a/i18n/de/search-engines.md +++ b/i18n/de/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. Der Index ist für die Google-Suche optimiert und kann daher im Vergleich zu anderen Alternativen möglicherweise kontextgenauere Ergebnisse liefern. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ Wenn du eine SearXNG-Instanz verwendest, beachte unbedingt deren Datenschutzbest ### Mindestanforderungen - Must not collect PII per their privacy policy. -- Sie dürfen den Nutzern nicht erlauben, ein Konto bei ihnen anzulegen. +- Must not require users to create an account with them. ### Im besten Fall diff --git a/i18n/el/desktop-browsers.md b/i18n/el/desktop-browsers.md index 7b4eb922..7d3b213c 100644 --- a/i18n/el/desktop-browsers.md +++ b/i18n/el/desktop-browsers.md @@ -346,7 +346,7 @@ Disable built-in extensions you do not use in **Extensions** #### Brave Rewards and Wallet -Το **Brave Rewards** σας επιτρέπει να λαμβάνετε το κρυπτονόμισμα Basic Attention Token (BAT) για την εκτέλεση ορισμένων ενεργειών στο Brave. Βασίζεται σε custodial λογαριασμό και KYC από έναν επιλεγμένο αριθμό παρόχων. Δεν συνιστούμε το BAT ως [ιδιωτικό κρυπτονόμισμα](cryptocurrency.md), ούτε συνιστούμε τη χρήση ενός [ custodial πορτοφολιού](advanced/payments.md#other-coins-bitcoin-ethereum-etc), οπότε αποθαρρύνουμε τη χρήση αυτής της λειτουργίας. +Το **Brave Rewards** σας επιτρέπει να λαμβάνετε το κρυπτονόμισμα Basic Attention Token (BAT) για την εκτέλεση ορισμένων ενεργειών στο Brave. Βασίζεται σε custodial λογαριασμό και KYC από έναν επιλεγμένο αριθμό παρόχων. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. Το **Brave Wallet** λειτουργεί τοπικά στον υπολογιστή σας, αλλά δεν υποστηρίζει ιδιωτικά κρυπτονομίσματα, οπότε θα αποθαρρύναμε τη χρήση και αυτής της δυνατότητας. diff --git a/i18n/el/os/linux-overview.md b/i18n/el/os/linux-overview.md index ea57dadb..920532eb 100644 --- a/i18n/el/os/linux-overview.md +++ b/i18n/el/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux is an open-source, privacy-focused desktop operating system alternative, but not all distribitions are created equal. --- -**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, Linux desktop has remained the clear choice for people looking for total control over their computers from the ground up. +**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Our website generally uses the term “Linux” to describe **desktop** Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed on this page. @@ -16,7 +16,7 @@ There are some notable privacy concerns with Linux which you should be aware of. - Avoid telemetry that often comes with proprietary operating systems - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ Not all Linux distributions are created equal. Our [Linux recommendation page](. We highly recommend that you choose distributions which stay close to the stable upstream software releases, often referred to as rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result minor security fixes are sometimes held back until the next major release. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result, minor security fixes are sometimes held back until the next major release. We don’t believe holding packages back and applying interim patches is a good idea, as it diverges from the way the developer might have intended the software to work. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ If you require suspend-to-disk (hibernation) functionality, you will still need We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Its predecessor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) does not support GUI isolation, which allows any window to [record, log, and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). We recommend **against** using desktop environments or window managers that do not have Wayland support, such as Cinnamon (default on Linux Mint), Pantheon (default on Elementary OS), MATE, Xfce, and i3. @@ -123,7 +123,7 @@ Most Linux distributions will automatically install updates or remind you to do Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). These will require running the "package manager" (`apt`, `pacman`, `dnf`, etc.) manually in order to receive important security updates. -Additionally, some distributions will not download firmware updates automatically. For that you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Additionally, some distributions will not download firmware updates automatically. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Privacy Tweaks @@ -145,7 +145,7 @@ There are other system identifiers which you may wish to be careful about. You s - **Hostnames:** Your system's hostname is shared with the networks you connect to. You should avoid including identifying terms like your name or operating system in your hostname, instead sticking to generic terms or random strings. - **Usernames:** Similarly, your username is used in a variety of ways across your system. Consider using generic terms like "user" rather than your actual name. -- **Machine ID:**: During installation a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### System Counting @@ -153,4 +153,4 @@ The Fedora Project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Co This [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) is currently off by default. We recommend adding `countme=false` to `/etc/dnf/dnf.conf` just in case it is enabled in the future. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by deleting the `/var/lib/zypp/AnonymousUniqueId` file. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/el/search-engines.md b/i18n/el/search-engines.md index 53871162..0df0b9b2 100644 --- a/i18n/el/search-engines.md +++ b/i18n/el/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. The index is optimized against Google Search and therefore may provide more contextually accurate results compared to other alternatives. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ When you are using a SearXNG instance, be sure to go read their privacy policy. ### Minimum Requirements - Must not collect PII per their privacy policy. -- Must not allow users to create an account with them. +- Must not require users to create an account with them. ### Best-Case diff --git a/i18n/eo/desktop-browsers.md b/i18n/eo/desktop-browsers.md index 44b94447..3719c26e 100644 --- a/i18n/eo/desktop-browsers.md +++ b/i18n/eo/desktop-browsers.md @@ -346,7 +346,7 @@ Brave's Web3 features can potentially add to your browser fingerprint and attack #### Brave Rewards and Wallet -**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#other-coins-bitcoin-ethereum-etc), so we would discourage using this feature. +**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave Wallet** operates locally on your computer, but does not support any private cryptocurrencies, so we would discourage using this feature as well. diff --git a/i18n/eo/os/linux-overview.md b/i18n/eo/os/linux-overview.md index 56db7195..1e8a0dbc 100644 --- a/i18n/eo/os/linux-overview.md +++ b/i18n/eo/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux is an open-source, privacy-focused desktop operating system alternative, but not all distribitions are created equal. --- -**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, Linux desktop has remained the clear choice for people looking for total control over their computers from the ground up. +**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Our website generally uses the term “Linux” to describe **desktop** Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed on this page. @@ -16,7 +16,7 @@ There are some notable privacy concerns with Linux which you should be aware of. - Avoid telemetry that often comes with proprietary operating systems - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ Not all Linux distributions are created equal. Our [Linux recommendation page](. We highly recommend that you choose distributions which stay close to the stable upstream software releases, often referred to as rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result minor security fixes are sometimes held back until the next major release. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result, minor security fixes are sometimes held back until the next major release. We don’t believe holding packages back and applying interim patches is a good idea, as it diverges from the way the developer might have intended the software to work. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ If you require suspend-to-disk (hibernation) functionality, you will still need We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Its predecessor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) does not support GUI isolation, which allows any window to [record, log, and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). We recommend **against** using desktop environments or window managers that do not have Wayland support, such as Cinnamon (default on Linux Mint), Pantheon (default on Elementary OS), MATE, Xfce, and i3. @@ -123,7 +123,7 @@ Most Linux distributions will automatically install updates or remind you to do Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). These will require running the "package manager" (`apt`, `pacman`, `dnf`, etc.) manually in order to receive important security updates. -Additionally, some distributions will not download firmware updates automatically. For that you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Additionally, some distributions will not download firmware updates automatically. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Privacy Tweaks @@ -145,7 +145,7 @@ There are other system identifiers which you may wish to be careful about. You s - **Hostnames:** Your system's hostname is shared with the networks you connect to. You should avoid including identifying terms like your name or operating system in your hostname, instead sticking to generic terms or random strings. - **Usernames:** Similarly, your username is used in a variety of ways across your system. Consider using generic terms like "user" rather than your actual name. -- **Machine ID:**: During installation a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### System Counting @@ -153,4 +153,4 @@ The Fedora Project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Co This [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) is currently off by default. We recommend adding `countme=false` to `/etc/dnf/dnf.conf` just in case it is enabled in the future. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by deleting the `/var/lib/zypp/AnonymousUniqueId` file. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/eo/search-engines.md b/i18n/eo/search-engines.md index 53871162..0df0b9b2 100644 --- a/i18n/eo/search-engines.md +++ b/i18n/eo/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. The index is optimized against Google Search and therefore may provide more contextually accurate results compared to other alternatives. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ When you are using a SearXNG instance, be sure to go read their privacy policy. ### Minimum Requirements - Must not collect PII per their privacy policy. -- Must not allow users to create an account with them. +- Must not require users to create an account with them. ### Best-Case diff --git a/i18n/es/desktop-browsers.md b/i18n/es/desktop-browsers.md index dc8cbb04..bbd09545 100644 --- a/i18n/es/desktop-browsers.md +++ b/i18n/es/desktop-browsers.md @@ -346,7 +346,7 @@ Las funciones Web3 de Brave pueden aumentar potencialmente la huella digital de #### Brave Rewards y Wallet -**Brave Rewards** te permite recibir la criptomoneda Basic Attention Token (BAT) por realizar ciertas acciones dentro de Brave. Se basa en una cuenta de custodia y KYC de un número selecto de proveedores. No recomendamos BAT como [criptomoneda privada](cryptocurrency.md), ni tampoco recomendamos utilizar un [monedero de custodia](advanced/payments.md#other-coins-bitcoin-ethereum-etc), por lo que desaconsejamos utilizar esta función. +**Brave Rewards** te permite recibir la criptomoneda Basic Attention Token (BAT) por realizar ciertas acciones dentro de Brave. Se basa en una cuenta de custodia y KYC de un número selecto de proveedores. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave Wallet** funciona localmente en tu ordenador, pero no admite ninguna criptomoneda privada, por lo que desaconsejamos utilizar esta función también. diff --git a/i18n/es/os/linux-overview.md b/i18n/es/os/linux-overview.md index 781e43fe..eed1274d 100644 --- a/i18n/es/os/linux-overview.md +++ b/i18n/es/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux es una alternativa de sistema operativo de escritorio de código abierto y centrado en la privacidad, pero no todas las distribuciones son iguales. --- -**Linux** es una alternativa de sistema operativo de escritorio de código abierto centrada en la privacidad. Frente a la telemetría omnipresente y otras tecnologías que atentan contra la privacidad en los principales sistemas operativos, Linux de escritorio ha seguido siendo la opción clara para quienes buscan un control total sobre sus ordenadores desde la base. +**Linux** es una alternativa de sistema operativo de escritorio de código abierto centrada en la privacidad. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. En general, nuestro sitio web utiliza el término "Linux" para describir las distribuciones Linux de **escritorio**. En esta página no se tratan otros sistemas operativos que también utilizan el núcleo Linux, como ChromeOS, Android y Qubes OS. @@ -16,7 +16,7 @@ Linux plantea algunos problemas de privacidad importantes que debes tener en cue - Evitar la telemetría que, regularmente, viene con los sistemas operativos propietarios - Mantener la [libertad de software](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Utilizar sistemas centrados en la privacidad como [Whonix](https://whonix.org) o [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Seguridad de Código Abierto @@ -42,7 +42,7 @@ No todas las distribuciones Linux son iguales. Nuestra [página de recomendacion Recomendamos encarecidamente que elijas distribuciones que permanezcan cerca de los lanzamientos estables del software de origen, comúnmente denominadas como distribuciones de lanzamiento continuo. Esto se debe a que las distribuciones de lanzamiento de ciclo congelado, normalmente no actualizan las versiones de sus paquetes y se encuentran detrás en actualizaciones de seguridad. -Para las distribuciones congeladas como [Debian](https://debian.org/security/faq#handling), se espera que los encargados de mantener los paquetes adapten los parches para corregir vulnerabilidades, en lugar de actualizar el software a la "siguiente versión" lanzada por el desarrollador original. Algunas correcciones de seguridad [no](https://arxiv.org/abs/2105.14565) reciben un [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (en particular el software menos popular) y por lo tanto no llegan a la distribución con este modelo de parches. Como resultado, las correcciones de seguridad menores a veces se retrasan hasta el siguiente lanzamiento importante. +Para las distribuciones congeladas como [Debian](https://debian.org/security/faq#handling), se espera que los encargados de mantener los paquetes adapten los parches para corregir vulnerabilidades, en lugar de actualizar el software a la "siguiente versión" lanzada por el desarrollador original. Algunas correcciones de seguridad [no](https://arxiv.org/abs/2105.14565) reciben un [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (en particular el software menos popular) y por lo tanto no llegan a la distribución con este modelo de parches. As a result, minor security fixes are sometimes held back until the next major release. No creemos que retener paquetes y aplicar parches provisionales sea una buena idea, ya que se aparta de la forma en que el desarrollador podría haber previsto que funcionara el software. [Richard Brown](https://rootco.de/aboutme) tiene una presentación sobre esto: @@ -107,7 +107,7 @@ Si necesitas la función de suspensión en disco (hibernación), tendrás que ut Recomendamos utilizar un entorno de escritorio compatible con el protocolo de visualización [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)), ya que se ha desarrollado teniendo [en cuenta](https://lwn.net/Articles/589147) la seguridad. Su predecesor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) no soporta el aislamiento GUI, lo que permite a cualquier ventana [grabar, registrar e inyectar entradas en otras ventanas](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), haciendo inútil cualquier intento de aislamiento. Aunque hay opciones para hacer X11 anidado como [Xpra](https://en.wikipedia.org/wiki/Xpra) o [Xephyr](https://en.wikipedia.org/wiki/Xephyr), a menudo vienen con consecuencias negativas en el rendimiento, y no son ni convenientes de configurar ni preferibles sobre Wayland. -Afortunadamente, los [compositores wayland](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) como los incluidos con [GNOME](https://gnome.org) y [KDE Plasma](https://kde.org) ahora tienen un buen soporte para Wayland junto con algunos otros compositores que usan [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (por ejemplo [Sway](https://swaywm.org)). Algunas distribuciones como Fedora y Tumbleweed lo utilizan por defecto, y es posible que otras lo hagan en el futuro, ya que X11 está en [modo de mantenimiento duro](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). Si estás utilizando uno de esos entornos es tan fácil como seleccionar la sesión "Wayland" en el gestor de pantalla del escritorio ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Algunas distribuciones como Fedora y Tumbleweed lo utilizan por defecto, y es posible que otras lo hagan en el futuro, ya que X11 está en [modo de mantenimiento duro](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). Si estás utilizando uno de esos entornos es tan fácil como seleccionar la sesión "Wayland" en el gestor de pantalla del escritorio ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). Estamos **en contra** de usar entornos de escritorio o gestores de ventanas que no tengan soporte para Wayland, como Cinnamon (por defecto en Linux Mint), Pantheon (por defecto en Elementary OS), MATE, Xfce e i3. @@ -123,7 +123,7 @@ La mayoría de las distribuciones de Linux instalan automáticamente las actuali Algunas distribuciones (especialmente las dirigidas a usuarios avanzados) son más básicas y esperan que hagas las cosas tú mismo (por ejemplo, Arch o Debian). Con estas distribuciones será necesario ejecutar manualmente el "gestor de paquetes" (`apt`, `pacman`, `dnf`, etc.) para recibir actualizaciones de seguridad importantes. -Además, algunas distribuciones no descargan automáticamente las actualizaciones de firmware. Para eso necesitarás instalar [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Además, algunas distribuciones no descargan automáticamente las actualizaciones de firmware. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Ajustes de privacidad @@ -145,7 +145,7 @@ Hay otros identificadores del sistema con los que conviene tener cuidado. Deber - **Nombres de host:** El nombre de host de tu sistema se comparte con las redes a las que te conectas. Debes evitar incluir términos identificativos como tu nombre o tu sistema operativo en tu nombre de host, en su lugar, cíñete a términos genéricos o cadenas de caracteres aleatorias. - **Nombres de usuario:** Del mismo modo, tu nombre de usuario se utiliza de diversas maneras en todo el sistema. Considera la posibilidad de utilizar términos genéricos como "usuario" en lugar de tu nombre real. -- **ID de máquina:**Durante la instalación se genera un ID de máquina único que se almacena en tu dispositivo. Considera [configurarlo en un ID genérico](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Considera [configurarlo en un ID genérico](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### Contador de sistema @@ -153,4 +153,4 @@ El Proyecto Fedora [cuenta](https://fedoraproject.org/wiki/Changes/DNF_Better_Co Esta [opción](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) está actualmente desactivada por defecto. Recomendamos añadir `countme=false` en `/etc/dnf/dnf.conf` por si se habilita en el futuro. En sistemas que utilizan `rpm-ostree`, como Silverblue, la opción countme se desactiva enmascarando el temporizador [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems). -openSUSE también utiliza un [ID único](https://en.opensuse.org/openSUSE:Statistics) para contar los sistemas, que puede desactivarse borrando el archivo `/var/lib/zypp/AnonymousUniqueId`. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/es/search-engines.md b/i18n/es/search-engines.md index 53767a89..9d31043b 100644 --- a/i18n/es/search-engines.md +++ b/i18n/es/search-engines.md @@ -32,7 +32,7 @@ Considere usar una [VPN](vpn.md) o [Tor](tor.md) si su modelo de amenaza requier **Brave Search** is a search engine developed by Brave. El índice está optimizado en comparación con Google Search y, por lo tanto, puede proporcionar resultados más precisos contextualmente en comparación con otras alternativas. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Página Principal](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Servicio Onion" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ Cuando utilice una instancia de SearXNG, asegúrese de leer su política de priv ### Requisitos Mínimos - Must not collect PII per their privacy policy. -- No debe permitir que los usuarios creen una cuenta con ellos. +- Must not require users to create an account with them. ### Mejor Caso diff --git a/i18n/fa/desktop-browsers.md b/i18n/fa/desktop-browsers.md index 9fcac4c9..e06d9285 100644 --- a/i18n/fa/desktop-browsers.md +++ b/i18n/fa/desktop-browsers.md @@ -346,7 +346,7 @@ Brave's Web3 features can potentially add to your browser fingerprint and attack #### Brave Rewards and Wallet -**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#other-coins-bitcoin-ethereum-etc), so we would discourage using this feature. +**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave Wallet** operates locally on your computer, but does not support any private cryptocurrencies, so we would discourage using this feature as well. diff --git a/i18n/fa/os/linux-overview.md b/i18n/fa/os/linux-overview.md index a1d14d3d..472a2f28 100644 --- a/i18n/fa/os/linux-overview.md +++ b/i18n/fa/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux is an open-source, privacy-focused desktop operating system alternative, but not all distribitions are created equal. --- -**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, Linux desktop has remained the clear choice for people looking for total control over their computers from the ground up. +**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Our website generally uses the term “Linux” to describe **desktop** Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed on this page. @@ -16,7 +16,7 @@ There are some notable privacy concerns with Linux which you should be aware of. - Avoid telemetry that often comes with proprietary operating systems - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ Not all Linux distributions are created equal. Our [Linux recommendation page](. We highly recommend that you choose distributions which stay close to the stable upstream software releases, often referred to as rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result minor security fixes are sometimes held back until the next major release. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result, minor security fixes are sometimes held back until the next major release. We don’t believe holding packages back and applying interim patches is a good idea, as it diverges from the way the developer might have intended the software to work. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ If you require suspend-to-disk (hibernation) functionality, you will still need We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Its predecessor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) does not support GUI isolation, which allows any window to [record, log, and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). We recommend **against** using desktop environments or window managers that do not have Wayland support, such as Cinnamon (default on Linux Mint), Pantheon (default on Elementary OS), MATE, Xfce, and i3. @@ -123,7 +123,7 @@ Most Linux distributions will automatically install updates or remind you to do Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). These will require running the "package manager" (`apt`, `pacman`, `dnf`, etc.) manually in order to receive important security updates. -Additionally, some distributions will not download firmware updates automatically. For that you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Additionally, some distributions will not download firmware updates automatically. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Privacy Tweaks @@ -145,7 +145,7 @@ There are other system identifiers which you may wish to be careful about. You s - **Hostnames:** Your system's hostname is shared with the networks you connect to. You should avoid including identifying terms like your name or operating system in your hostname, instead sticking to generic terms or random strings. - **Usernames:** Similarly, your username is used in a variety of ways across your system. Consider using generic terms like "user" rather than your actual name. -- **Machine ID:**: During installation a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### System Counting @@ -153,4 +153,4 @@ The Fedora Project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Co This [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) is currently off by default. We recommend adding `countme=false` to `/etc/dnf/dnf.conf` just in case it is enabled in the future. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by deleting the `/var/lib/zypp/AnonymousUniqueId` file. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/fa/search-engines.md b/i18n/fa/search-engines.md index 53871162..0df0b9b2 100644 --- a/i18n/fa/search-engines.md +++ b/i18n/fa/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. The index is optimized against Google Search and therefore may provide more contextually accurate results compared to other alternatives. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ When you are using a SearXNG instance, be sure to go read their privacy policy. ### Minimum Requirements - Must not collect PII per their privacy policy. -- Must not allow users to create an account with them. +- Must not require users to create an account with them. ### Best-Case diff --git a/i18n/fr/desktop-browsers.md b/i18n/fr/desktop-browsers.md index 3d56b68f..184049d8 100644 --- a/i18n/fr/desktop-browsers.md +++ b/i18n/fr/desktop-browsers.md @@ -346,7 +346,7 @@ La [Synchronisation Brave](https://support.brave.com/hc/articles/360059793111-Un #### Récompenses et portefeuille Brave -Les **Récompenses Brave** vous permettent de recevoir de la crypto-monnaie Basic Attention Token (BAT) en effectuant certaines actions dans Brave. Elles s'appuient sur un compte de garde et sur la connaissance du client (KYC) d'un certain nombre de fournisseurs. Nous ne recommandons pas le BAT en tant que [crypto-monnaie privée](cryptocurrency.md), ni l'utilisation d'un [portefeuille de garde](advanced/payments.md#other-coins-bitcoin-ethereum-etc), et nous décourageons donc l'utilisation de cette fonctionnalité. +Les **Récompenses Brave** vous permettent de recevoir de la crypto-monnaie Basic Attention Token (BAT) en effectuant certaines actions dans Brave. Elles s'appuient sur un compte de garde et sur la connaissance du client (KYC) d'un certain nombre de fournisseurs. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. Le **Portefeuille Brave** fonctionne localement sur votre ordinateur, mais ne prend pas en charge les crypto-monnaies privées, nous vous déconseillons donc d'utiliser cette fonctionnalité. diff --git a/i18n/fr/os/linux-overview.md b/i18n/fr/os/linux-overview.md index b8fff884..01e12684 100644 --- a/i18n/fr/os/linux-overview.md +++ b/i18n/fr/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux est un système d'exploitation de bureau alternatif open source, axé sur la protection de la vie privée, mais toutes les distributions ne sont pas créées égales. --- -**Linux** est un système d'exploitation de bureau alternatif, open-source et axé sur la protection de la vie privée. Face à l'omniprésence de la télémétrie et d'autres technologies portant atteinte à la vie privée dans les systèmes d'exploitation courants, Linux est resté le choix le plus évident pour les personnes désireuses de contrôler totalement leur ordinateur de zéro. +**Linux** est un système d'exploitation de bureau alternatif, open-source et axé sur la protection de la vie privée. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Notre site web utilise généralement le terme "Linux" pour décrire les distributions Linux de **bureau**. Les autres systèmes d'exploitation qui utilisent également le noyau Linux, tels que ChromeOS, Android et Qubes OS, ne sont pas abordés sur cette page. @@ -16,7 +16,7 @@ Linux pose quelques problèmes importants en matière de protection de la vie pr - Éviter la télémétrie qui accompagne souvent les systèmes d'exploitation propriétaires - Maintenir la [liberté des logiciels](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Utiliser des systèmes axés sur la protection de la vie privée tels que [Whonix](https://whonix.org) ou [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Sécurité de l'open source @@ -42,7 +42,7 @@ Toutes les distributions Linux ne sont pas créées égales. Notre [page de reco Nous vous recommandons vivement de choisir des distributions qui restent proches des versions stables des logiciels en amont, souvent appelées distributions à publications continues. En effet, les distributions à cycle de publication gelé ne mettent souvent pas à jour les versions des paquets et prennent du retard sur les mises à jour de sécurité. -Pour les distributions gelées telles que [Debian](https://debian.org/security/faq#handling), les responsables de paquets sont censés importer les correctifs pour corriger les vulnérabilités plutôt que de faire passer le logiciel à la "prochaine version" publiée par le développeur en amont. Certains correctifs de sécurité [ne reçoivent pas](https://arxiv.org/abs/2105.14565) du tout [d'ID CVE](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (en particulier les logiciels moins populaires) et ne sont donc pas intégrés dans la distribution avec ce modèle de correctif. Par conséquent, les corrections de sécurité mineures sont parfois reportées à la prochaine version majeure. +Pour les distributions gelées telles que [Debian](https://debian.org/security/faq#handling), les responsables de paquets sont censés importer les correctifs pour corriger les vulnérabilités plutôt que de faire passer le logiciel à la "prochaine version" publiée par le développeur en amont. Certains correctifs de sécurité [ne reçoivent pas](https://arxiv.org/abs/2105.14565) du tout [d'ID CVE](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (en particulier les logiciels moins populaires) et ne sont donc pas intégrés dans la distribution avec ce modèle de correctif. As a result, minor security fixes are sometimes held back until the next major release. Nous ne pensons pas que retenir les paquets et appliquer des correctifs provisoires soit une bonne idée, car cela s'écarte de la manière dont le développeur aurait pu vouloir que le logiciel fonctionne. [Richard Brown](https://rootco.de/aboutme) propose une présentation à ce sujet : @@ -107,7 +107,7 @@ Si vous avez besoin d'une fonctionnalité de suspension sur disque (hibernation) Nous recommandons d'utiliser un environnement de bureau qui prend en charge le protocole d'affichage [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)), car il a été développé en tenant compte de la [sécurité](https://lwn.net/Articles/589147). Son prédécesseur ([X11](https://fr.wikipedia.org/wiki/X_Window_System)) ne prend pas en charge l'isolation de l'interface graphique, ce qui permet à n'importe quelle fenêtre [d'enregistrer, de consigner et d'injecter des données dans d'autres fenêtres](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), rendant toute tentative de sandboxing futile. Bien qu'il existe des options pour faire du X11 imbriqué comme [Xpra](https://en.wikipedia.org/wiki/Xpra) ou [Xephyr](https://en.wikipedia.org/wiki/Xephyr), elles ont souvent des conséquences négatives sur les performances, et ne sont ni pratiques à mettre en place ni préférables à Wayland. -Heureusement, [les compositeurs wayland](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) tels que ceux inclus dans [GNOME](https://gnome.org) et [KDE Plasma](https://kde.org) ont maintenant une bonne prise en charge de Wayland ainsi que d'autres compositeurs qui utilisent [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (par exemple [Sway](https://swaywm.org)). Certaines distributions comme Fedora et Tumbleweed l'utilisent par défaut, et d'autres pourraient le faire à l'avenir car X11 est en [mode maintenance limitée](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). Si vous utilisez l'un de ces environnements, il vous suffit de sélectionner la session "Wayland" dans le gestionnaire d'affichage du bureau ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Certaines distributions comme Fedora et Tumbleweed l'utilisent par défaut, et d'autres pourraient le faire à l'avenir car X11 est en [mode maintenance limitée](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). Si vous utilisez l'un de ces environnements, il vous suffit de sélectionner la session "Wayland" dans le gestionnaire d'affichage du bureau ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). Nous recommandons **de ne pas** utiliser des environnements de bureau ou des gestionnaires de fenêtres qui ne prennent pas en charge Wayland, comme Cinnamon (par défaut sur Linux Mint), Pantheon (par défaut sur Elementary OS), MATE, Xfce et i3. @@ -123,7 +123,7 @@ La plupart des distributions Linux installent automatiquement les mises à jour Certaines distributions (en particulier celles destinées aux utilisateurs avancés) sont plus dépouillées et attendent de vous que vous fassiez les choses vous-même (par exemple Arch ou Debian). Il faudra manuellement exécuter le "gestionnaire de paquets" (`apt`, `pacman`, `dnf`, etc.) afin de recevoir les mises à jour de sécurité importantes. -En outre, certaines distributions ne téléchargent pas automatiquement les mises à jour du micrologiciel. Pour cela, vous devrez installer [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +En outre, certaines distributions ne téléchargent pas automatiquement les mises à jour du micrologiciel. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Ajustements de confidentialité @@ -145,7 +145,7 @@ Il existe d'autres identifiants de système auxquels vous devez faire attention. - **Noms d'hôte :** Le nom d'hôte de votre système est partagé avec les réseaux auxquels vous vous connectez. Vous devriez éviter d'inclure des termes d'identification comme votre nom ou votre système d'exploitation dans votre nom d'hôte, et vous en tenir plutôt à des termes génériques ou à des chaînes aléatoires. - **Noms d'utilisateur :** De même, votre nom d'utilisateur est utilisé de diverses manières dans votre système. Envisagez d'utiliser des termes génériques comme "utilisateur" plutôt que votre nom réel. -- **Identifiant machine :**: Pendant l'installation, un identifiant machine unique est généré et stocké sur votre appareil. Envisagez de [le régler sur un identifiant générique](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Envisagez de [le régler sur un identifiant générique](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### Comptage des systèmes @@ -153,4 +153,4 @@ Le projet Fedora [compte](https://fedoraproject.org/wiki/Changes/DNF_Better_Coun Cette [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) est actuellement désactivée par défaut. Nous recommandons d'ajouter `countme=false` à `/etc/dnf/dnf.conf` juste au cas où il serait activé dans le futur. Sur les systèmes qui utilisent `rpm-ostree` tels que Silverblue, l'option countme est désactivée en masquant le compteur [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems). -openSUSE utilise également un [identifiant unique](https://en.opensuse.org/openSUSE:Statistics) pour compter les systèmes, qui peut être désactivé en supprimant le fichier `/var/lib/zypp/AnonymousUniqueId`. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/fr/search-engines.md b/i18n/fr/search-engines.md index 34a15d8d..ebf7ab6c 100644 --- a/i18n/fr/search-engines.md +++ b/i18n/fr/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. L'index est optimisé en se basant sur Google Search et peut donc fournir des résultats contextuellement plus précis que d'autres solutions. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ Lorsque vous utilisez une instance SearXNG, assurez-vous d'aller lire sa politiq ### Exigences minimales - Must not collect PII per their privacy policy. -- Ne doit pas permettre aux utilisateurs de créer un compte chez eux. +- Must not require users to create an account with them. ### Dans le meilleur des cas diff --git a/i18n/he/desktop-browsers.md b/i18n/he/desktop-browsers.md index 8e597c26..69a935c7 100644 --- a/i18n/he/desktop-browsers.md +++ b/i18n/he/desktop-browsers.md @@ -346,7 +346,7 @@ If you wish to stay logged in to a particular site you visit often, you can set #### Brave Rewards and Wallet -**Brave Rewards** מאפשר לך לקבל מטבע קריפטוגרפי Basic Attention Token (BAT) עבור ביצוע פעולות מסוימות בתוך Brave. זה מסתמך על חשבון משמורת ו-KYC ממספר נבחר של ספקים. איננו ממליצים על BAT כ[מטבע קריפטוגרפי פרטי](cryptocurrency.md), וגם איננו ממליצים להשתמש ב[ארנק משמורת](advanced/payments.md#other-coins-bitcoin-ethereum-etc), לכן נמנע משימוש בתכונה זו. +**Brave Rewards** מאפשר לך לקבל מטבע קריפטוגרפי Basic Attention Token (BAT) עבור ביצוע פעולות מסוימות בתוך Brave. זה מסתמך על חשבון משמורת ו-KYC ממספר נבחר של ספקים. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave Wallet** פועל באופן מקומי במחשב שלך, אך אינו תומך במטבעות קריפטוגרפיים פרטיים כלשהם, ולכן אנו נמנע משימוש גם בתכונה זו. diff --git a/i18n/he/os/linux-overview.md b/i18n/he/os/linux-overview.md index 952f61ce..c8c0bf8f 100644 --- a/i18n/he/os/linux-overview.md +++ b/i18n/he/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: לינוקס היא חלופה למערכת הפעלה שולחנית ממוקדת פרטיות בקוד פתוח, אך לא כל ההפצות נוצרות שווה. --- -**Linux** היא חלופה למערכת הפעלה שולחנית בקוד פתוח, ממוקדת פרטיות. מול טלמטריה נרחבת וטכנולוגיות אחרות שפוגעות בפרטיות במערכות הפעלה מיינסטרים, שולחן העבודה של לינוקס נשאר הבחירה הברורה עבור אנשים שמחפשים שליטה מוחלטת על המחשבים שלהם מהיסוד. +**Linux** היא חלופה למערכת הפעלה שולחנית בקוד פתוח, ממוקדת פרטיות. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. האתר שלנו משתמש בדרך כלל במונח "Linux" כדי לתאר הפצות לינוקס של **שולחן העבודה**. מערכות הפעלה אחרות המשתמשות גם בליבת לינוקס כגון ChromeOS, Android ו-Qubes OS אינן נדונות בדף זה. @@ -16,7 +16,7 @@ description: לינוקס היא חלופה למערכת הפעלה שולחני - הימנע מטלמטריה שמגיעה לרוב עם מערכות הפעלה קנייניות - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ description: לינוקס היא חלופה למערכת הפעלה שולחני אנו ממליצים בחום לבחור בהפצות שנשארות קרובות למהדורות התוכנה היציבות במעלה הזרם, המכונה לעתים קרובות הפצות מהדורות מתגלגלות. הסיבה לכך היא שהפצות מחזור שחרור קפוא לרוב אינן מעדכנות גרסאות חבילה ונגררות לפי עדכוני אבטחה. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. חלק מתיקוני האבטחה [לא](https://arxiv.org/abs/2105.14565) מקבלים [מזהה CVE](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (במיוחד תוכנה פחות פופולרית) כלל ולכן אינם נכנסים להפצה עם מודל התיקון הזה. כתוצאה מכך תיקוני אבטחה קלים מתעכבים לפעמים עד לגרסה הגדולה הבאה. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. חלק מתיקוני האבטחה [לא](https://arxiv.org/abs/2105.14565) מקבלים [מזהה CVE](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (במיוחד תוכנה פחות פופולרית) כלל ולכן אינם נכנסים להפצה עם מודל התיקון הזה. As a result, minor security fixes are sometimes held back until the next major release. אנחנו לא מאמינים שהחזקת חבילות והחלת תיקוני ביניים הם רעיון טוב, מכיוון שהוא שונה מהדרך שבה המפתח התכוון שהתוכנה תעבוד. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ We recommend **against** using the Linux-libre kernel, since it [removes securit We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). קודמו ([X11](https://en.wikipedia.org/wiki/X_Window_System)) אינו תומך בבידוד GUI, המאפשר לכל חלון [תיעדו, רשמו והזריקו קלט בחלונות אחרים](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), מה שהופך כל ניסיון לארגז חול חסר תועלת. אמנם יש אפשרויות לעשות X11 מקונן כגון [Xpra](https://en.wikipedia.org/wiki/Xpra) או [Xephyr](https://en.wikipedia.org/wiki/Xephyr), לעתים קרובות הם מגיעים עם השלכות ביצועים שליליות, ואינם נוחים להגדרה ואינם עדיפים על פני Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). אם אתה משתמש באחת מהסביבות האלה זה קל כמו לבחור את הפגישה "Wayland" במנהל התצוגה של שולחן העבודה ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). אם אתה משתמש באחת מהסביבות האלה זה קל כמו לבחור את הפגישה "Wayland" במנהל התצוגה של שולחן העבודה ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). אנו ממליצים **נגד** להשתמש בסביבות שולחן עבודה או במנהלי חלונות שאין להם תמיכה ב-Wayland, כגון Cinnamon (ברירת מחדל ב-Linux Mint), Pantheon (ברירת מחדל במערכת ההפעלה היסודית), MATE, Xfce, ו-i3. @@ -123,7 +123,7 @@ Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protoc חלק מההפצות (במיוחד אלו המיועדות למשתמשים מתקדמים) הן עצמות יותר ומצפות ממך לעשות דברים בעצמך (למשל Arch או Debian). אלה ידרשו להפעיל את "מנהל החבילות" (`apt`, `pacman`, `dnf` וכו') באופן ידני על מנת לקבל עדכוני אבטחה חשובים. -בנוסף, הפצות מסוימות לא יוריד עדכוני קושחה באופן אוטומטי. לשם כך תצטרך להתקין את [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +בנוסף, הפצות מסוימות לא יוריד עדכוני קושחה באופן אוטומטי. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## תיקוני פרטיות @@ -145,7 +145,7 @@ If you are using [systemd-networkd](https://en.wikipedia.org/wiki/Systemd#Ancill - **שמות מארח:** שם המארח של המערכת שלך משותף עם הרשתות שאליהן אתה מתחבר. עליך להימנע מלכלול מונחים מזהים כמו השם או מערכת ההפעלה שלך בשם המארח שלך, במקום להיצמד למונחים גנריים או מחרוזות אקראיות. - **שמות משתמש:** באופן דומה, שם המשתמש שלך משמש במגוון דרכים במערכת שלך. שקול להשתמש במונחים גנריים כמו "משתמש" ולא בשמך האמיתי. -- **מזהה מכונה:** במהלך ההתקנה נוצר מזהה מכונה ייחודי ומאוחסן במכשיר שלך. שקול [להגדיר אותו למזהה גנרי](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. שקול [להגדיר אותו למזהה גנרי](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### ספירת מערכת @@ -153,4 +153,4 @@ If you are using [systemd-networkd](https://en.wikipedia.org/wiki/Systemd#Ancill [אפשרות](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) זו כבויה כעת כברירת מחדל. אנו ממליצים להוסיף את `countme=false` ל-`/etc/dnf/dnf.conf` למקרה שהוא יופעל בעתיד. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE משתמשת גם ב[מזהה ייחודי](https://en.opensuse.org/openSUSE:Statistics) כדי לספור מערכות, אותן ניתן להשבית על ידי מחיקת הקובץ `/var/lib/zypp/AnonymousUniqueId`. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/he/search-engines.md b/i18n/he/search-engines.md index 9cd85417..7290368b 100644 --- a/i18n/he/search-engines.md +++ b/i18n/he/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. האינדקס מותאם לחיפוש Google ולכן עשוי לספק תוצאות מדויקות יותר מבחינה הקשרית בהשוואה לחלופות אחרות. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ SearXNG הוא פרוקסי בינך לבין מנועי החיפוש שמהם ### דרישות מינימליות - Must not collect PII per their privacy policy. -- אסור לאפשר למשתמשים ליצור חשבון אצלם. +- Must not require users to create an account with them. ### המקרה הטוב ביותר diff --git a/i18n/hi/desktop-browsers.md b/i18n/hi/desktop-browsers.md index 44b94447..3719c26e 100644 --- a/i18n/hi/desktop-browsers.md +++ b/i18n/hi/desktop-browsers.md @@ -346,7 +346,7 @@ Brave's Web3 features can potentially add to your browser fingerprint and attack #### Brave Rewards and Wallet -**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#other-coins-bitcoin-ethereum-etc), so we would discourage using this feature. +**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave Wallet** operates locally on your computer, but does not support any private cryptocurrencies, so we would discourage using this feature as well. diff --git a/i18n/hi/os/linux-overview.md b/i18n/hi/os/linux-overview.md index 56db7195..1e8a0dbc 100644 --- a/i18n/hi/os/linux-overview.md +++ b/i18n/hi/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux is an open-source, privacy-focused desktop operating system alternative, but not all distribitions are created equal. --- -**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, Linux desktop has remained the clear choice for people looking for total control over their computers from the ground up. +**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Our website generally uses the term “Linux” to describe **desktop** Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed on this page. @@ -16,7 +16,7 @@ There are some notable privacy concerns with Linux which you should be aware of. - Avoid telemetry that often comes with proprietary operating systems - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ Not all Linux distributions are created equal. Our [Linux recommendation page](. We highly recommend that you choose distributions which stay close to the stable upstream software releases, often referred to as rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result minor security fixes are sometimes held back until the next major release. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result, minor security fixes are sometimes held back until the next major release. We don’t believe holding packages back and applying interim patches is a good idea, as it diverges from the way the developer might have intended the software to work. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ If you require suspend-to-disk (hibernation) functionality, you will still need We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Its predecessor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) does not support GUI isolation, which allows any window to [record, log, and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). We recommend **against** using desktop environments or window managers that do not have Wayland support, such as Cinnamon (default on Linux Mint), Pantheon (default on Elementary OS), MATE, Xfce, and i3. @@ -123,7 +123,7 @@ Most Linux distributions will automatically install updates or remind you to do Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). These will require running the "package manager" (`apt`, `pacman`, `dnf`, etc.) manually in order to receive important security updates. -Additionally, some distributions will not download firmware updates automatically. For that you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Additionally, some distributions will not download firmware updates automatically. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Privacy Tweaks @@ -145,7 +145,7 @@ There are other system identifiers which you may wish to be careful about. You s - **Hostnames:** Your system's hostname is shared with the networks you connect to. You should avoid including identifying terms like your name or operating system in your hostname, instead sticking to generic terms or random strings. - **Usernames:** Similarly, your username is used in a variety of ways across your system. Consider using generic terms like "user" rather than your actual name. -- **Machine ID:**: During installation a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### System Counting @@ -153,4 +153,4 @@ The Fedora Project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Co This [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) is currently off by default. We recommend adding `countme=false` to `/etc/dnf/dnf.conf` just in case it is enabled in the future. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by deleting the `/var/lib/zypp/AnonymousUniqueId` file. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/hi/search-engines.md b/i18n/hi/search-engines.md index 53871162..0df0b9b2 100644 --- a/i18n/hi/search-engines.md +++ b/i18n/hi/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. The index is optimized against Google Search and therefore may provide more contextually accurate results compared to other alternatives. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ When you are using a SearXNG instance, be sure to go read their privacy policy. ### Minimum Requirements - Must not collect PII per their privacy policy. -- Must not allow users to create an account with them. +- Must not require users to create an account with them. ### Best-Case diff --git a/i18n/hu/desktop-browsers.md b/i18n/hu/desktop-browsers.md index 93f0253d..058f6992 100644 --- a/i18n/hu/desktop-browsers.md +++ b/i18n/hu/desktop-browsers.md @@ -347,7 +347,7 @@ Brave's Web3 features can potentially add to your browser fingerprint and attack #### Brave Rewards and Wallet -**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#other-coins-bitcoin-ethereum-etc), so we would discourage using this feature. +**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave Wallet** operates locally on your computer, but does not support any private cryptocurrencies, so we would discourage using this feature as well. diff --git a/i18n/hu/os/linux-overview.md b/i18n/hu/os/linux-overview.md index 56db7195..1e8a0dbc 100644 --- a/i18n/hu/os/linux-overview.md +++ b/i18n/hu/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux is an open-source, privacy-focused desktop operating system alternative, but not all distribitions are created equal. --- -**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, Linux desktop has remained the clear choice for people looking for total control over their computers from the ground up. +**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Our website generally uses the term “Linux” to describe **desktop** Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed on this page. @@ -16,7 +16,7 @@ There are some notable privacy concerns with Linux which you should be aware of. - Avoid telemetry that often comes with proprietary operating systems - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ Not all Linux distributions are created equal. Our [Linux recommendation page](. We highly recommend that you choose distributions which stay close to the stable upstream software releases, often referred to as rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result minor security fixes are sometimes held back until the next major release. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result, minor security fixes are sometimes held back until the next major release. We don’t believe holding packages back and applying interim patches is a good idea, as it diverges from the way the developer might have intended the software to work. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ If you require suspend-to-disk (hibernation) functionality, you will still need We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Its predecessor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) does not support GUI isolation, which allows any window to [record, log, and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). We recommend **against** using desktop environments or window managers that do not have Wayland support, such as Cinnamon (default on Linux Mint), Pantheon (default on Elementary OS), MATE, Xfce, and i3. @@ -123,7 +123,7 @@ Most Linux distributions will automatically install updates or remind you to do Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). These will require running the "package manager" (`apt`, `pacman`, `dnf`, etc.) manually in order to receive important security updates. -Additionally, some distributions will not download firmware updates automatically. For that you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Additionally, some distributions will not download firmware updates automatically. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Privacy Tweaks @@ -145,7 +145,7 @@ There are other system identifiers which you may wish to be careful about. You s - **Hostnames:** Your system's hostname is shared with the networks you connect to. You should avoid including identifying terms like your name or operating system in your hostname, instead sticking to generic terms or random strings. - **Usernames:** Similarly, your username is used in a variety of ways across your system. Consider using generic terms like "user" rather than your actual name. -- **Machine ID:**: During installation a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### System Counting @@ -153,4 +153,4 @@ The Fedora Project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Co This [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) is currently off by default. We recommend adding `countme=false` to `/etc/dnf/dnf.conf` just in case it is enabled in the future. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by deleting the `/var/lib/zypp/AnonymousUniqueId` file. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/hu/search-engines.md b/i18n/hu/search-engines.md index 1fbc9f96..dbb7f4a6 100644 --- a/i18n/hu/search-engines.md +++ b/i18n/hu/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. The index is optimized against Google Search and therefore may provide more contextually accurate results compared to other alternatives. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ When you are using a SearXNG instance, be sure to go read their privacy policy. ### Alap elvárások - Must not collect PII per their privacy policy. -- Must not allow users to create an account with them. +- Must not require users to create an account with them. ### Legjobb esetben diff --git a/i18n/id/desktop-browsers.md b/i18n/id/desktop-browsers.md index ce7538a0..968b9c40 100644 --- a/i18n/id/desktop-browsers.md +++ b/i18n/id/desktop-browsers.md @@ -346,7 +346,7 @@ Brave's Web3 features can potentially add to your browser fingerprint and attack #### Brave Rewards and Wallet -**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#other-coins-bitcoin-ethereum-etc), so we would discourage using this feature. +**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave Wallet** operates locally on your computer, but does not support any private cryptocurrencies, so we would discourage using this feature as well. diff --git a/i18n/id/os/linux-overview.md b/i18n/id/os/linux-overview.md index 9cb80a41..d80740fb 100644 --- a/i18n/id/os/linux-overview.md +++ b/i18n/id/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux adalah alternatif sistem operasi desktop sumber terbuka yang berfokus pada privasi, tetapi tidak semua distribusi diciptakan sama. --- -**Linux** adalah alternatif sistem operasi komputer sumber terbuka yang berfokus pada privasi. Dalam menghadapi telemetri yang merajalela dan teknologi lain yang melanggar privasi dalam sistem operasi utama, Linux tetap menjadi pilihan yang jelas bagi mereka yang mencari kendali penuh atas komputer mereka dari awal. +**Linux** adalah alternatif sistem operasi komputer sumber terbuka yang berfokus pada privasi. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Situs web kami umumnya menggunakan istilah "Linux" untuk menjelaskan distribusi Linux **desktop**. Sistem operasi lain yang juga menggunakan kernel Linux seperti ChromeOS, Android, dan Qubes OS tidak dibahas di halaman ini. @@ -16,7 +16,7 @@ Ada beberapa masalah privasi penting pada Linux yang harus Anda sadari. Terlepas - Menghindari telemetri yang sering kali disertakan dengan sistem operasi berpemilik - Menjaga [kebebasan perangkat lunak](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Menggunakan sistem yang berfokus pada privasi seperti [Whonix](https://whonix.org) atau [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Keamanan Sumber Terbuka @@ -42,7 +42,7 @@ Tidak semua distribusi Linux diciptakan sama. [Halaman rekomendasi Linux](../des Kami sangat menyarankan agar Anda memilih distribusi yang dekat dengan rilis perangkat lunak hulu yang stabil, yang sering disebut sebagai distribusi *rolling release*. Hal ini karena distribusi siklus *frozen release* sering kali tidak memperbarui versi paket dan tertinggal dalam pembaruan keamanan. -Untuk distribusi *frozen* seperti [Debian](https://debian.org/security/faq#handling), pengelola paket diharapkan untuk melakukan *backport patch* untuk memperbaiki kerentanan daripada memindahkan perangkat lunak ke "versi berikutnya" yang dirilis oleh pengembang hulu. Beberapa perbaikan keamanan [tidak](https://arxiv.org/abs/2105.14565) menerima [ID CVE](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (terutama perangkat lunak yang kurang populer) sama sekali dan oleh karena itu tidak masuk ke dalam distribusi dengan model penambalan ini. Akibatnya, perbaikan keamanan kecil terkadang tertunda hingga rilis besar berikutnya. +Untuk distribusi *frozen* seperti [Debian](https://debian.org/security/faq#handling), pengelola paket diharapkan untuk melakukan *backport patch* untuk memperbaiki kerentanan daripada memindahkan perangkat lunak ke "versi berikutnya" yang dirilis oleh pengembang hulu. Beberapa perbaikan keamanan [tidak](https://arxiv.org/abs/2105.14565) menerima [ID CVE](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (terutama perangkat lunak yang kurang populer) sama sekali dan oleh karena itu tidak masuk ke dalam distribusi dengan model penambalan ini. As a result, minor security fixes are sometimes held back until the next major release. Kami tidak percaya bahwa menahan paket dan menerapkan tambalan sementara adalah ide yang bagus, karena hal ini menyimpang dari cara kerja perangkat lunak yang diinginkan oleh pengembang. [Richard Brown](https://rootco.de/aboutme) memiliki presentasi tentang hal ini: @@ -107,7 +107,7 @@ Jika Anda memerlukan fungsi suspend-to-disk (hibernasi), Anda masih perlu menggu Kami menyarankan untuk menggunakan lingkungan desktop yang mendukung protokol tampilan [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)), karena protokol ini dikembangkan dengan [mempertimbangkan](https://lwn.net/Articles/589147) keamanan. Pendahulunya ([X11](https://en.wikipedia.org/wiki/X_Window_System)) tidak mendukung isolasi GUI, yang memungkinkan jendela mana pun [merekam, mencatat, dan menyuntikkan input di jendela lain](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), sehingga upaya *sandboxing* menjadi sia-sia. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). We recommend **against** using desktop environments or window managers that do not have Wayland support, such as Cinnamon (default on Linux Mint), Pantheon (default on Elementary OS), MATE, Xfce, and i3. @@ -123,7 +123,7 @@ Most Linux distributions will automatically install updates or remind you to do Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). These will require running the "package manager" (`apt`, `pacman`, `dnf`, etc.) manually in order to receive important security updates. -Additionally, some distributions will not download firmware updates automatically. For that you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Additionally, some distributions will not download firmware updates automatically. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Privacy Tweaks @@ -145,7 +145,7 @@ There are other system identifiers which you may wish to be careful about. You s - **Hostnames:** Your system's hostname is shared with the networks you connect to. You should avoid including identifying terms like your name or operating system in your hostname, instead sticking to generic terms or random strings. - **Usernames:** Similarly, your username is used in a variety of ways across your system. Consider using generic terms like "user" rather than your actual name. -- **Machine ID:**: During installation a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### System Counting @@ -153,4 +153,4 @@ The Fedora Project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Co This [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) is currently off by default. We recommend adding `countme=false` to `/etc/dnf/dnf.conf` just in case it is enabled in the future. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by deleting the `/var/lib/zypp/AnonymousUniqueId` file. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/id/search-engines.md b/i18n/id/search-engines.md index c47ee027..9fd86a55 100644 --- a/i18n/id/search-engines.md +++ b/i18n/id/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. The index is optimized against Google Search and therefore may provide more contextually accurate results compared to other alternatives. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ When you are using a SearXNG instance, be sure to go read their privacy policy. ### Persyaratan Minimum - Must not collect PII per their privacy policy. -- Must not allow users to create an account with them. +- Must not require users to create an account with them. ### Kasus Terbaik diff --git a/i18n/it/desktop-browsers.md b/i18n/it/desktop-browsers.md index ae4f0524..1593e692 100644 --- a/i18n/it/desktop-browsers.md +++ b/i18n/it/desktop-browsers.md @@ -346,7 +346,7 @@ Le funzionalità Web3 di Brave possono potenzialmente aumentare il fingerprint d #### Ricompense e Portafoglio di Brave -**Brave Rewards** ti consente di ricevere la criptovaluta Basic Attention Token (BAT) per l'esecuzione di certe azioni su Brave. Si affida a un conto custodiale e KYC da un dato numero di fornitori. Sconsigliamo BAT come [criptovaluta privata](cryptocurrency.md), né consigliamo l'utilizzo di un [portafoglio di custodia](advanced/payments.md#other-coins-bitcoin-ethereum-etc), qundi ne scoraggeremo l'utiliizzo. +**Brave Rewards** ti consente di ricevere la criptovaluta Basic Attention Token (BAT) per l'esecuzione di certe azioni su Brave. Si affida a un conto custodiale e KYC da un dato numero di fornitori. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave Wallet** opera localmente sul tuo computer, ma non supporta alcuna criptovaluta privata, quindi, scoraggiamo l'utilizzo di questa funzione. diff --git a/i18n/it/os/linux-overview.md b/i18n/it/os/linux-overview.md index 05d553e8..8a7982ff 100644 --- a/i18n/it/os/linux-overview.md +++ b/i18n/it/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux è un sistema operativo desktop, open source, incentrato sulla privacy e alternativo, ma non tutte le distribuzioni sono uguali. --- -**Linux** è un sistema operativo per desktop open source, alternativo e incentrato sulla privacy. Di fronte alla telemetria pervasiva e altre tecnologie che violano la privacy nei sistemi operativi tradizionali, i desktop Linux sono rimasti la scelta migliore per coloro che vorrebbero il pieno controllo sui propri computer, da cima a fondo. +**Linux** è un sistema operativo per desktop open source, alternativo e incentrato sulla privacy. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Il nostro sito web utilizza generalmente il termine "Linux" per descrivere le distribuzioni Linux per **desktop**. Altri sistemi operativi che utilizzano anch'essi il kernel di Linux, come ChromeOS, Android e Qubes OS non sono discussi su questa pagina. @@ -16,7 +16,7 @@ Esistono alcune notevoli preoccupazioni sulla privacy con Linux, di cui dovresti - Evitare la telemetria fornita dai sistemi operativi proprietari - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Sicurezza Open Source @@ -42,7 +42,7 @@ Non tutte le distribuzioni Linux sono uguali. La nostra [pagina di consigli per Ti consigliamo vivamente di scegliere le distribuzioni che restano vicine alle release stabili a monte del software, spesso note come distribuzioni a rilascio continuo. Questo perché le distribuzioni a rilascio congelato, spesso, non aggiornano le versioni dei pacchetti e restano indietro con gli aggiornamenti di sicurezza. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Alcune correzioni di sicurezza [non](https://arxiv.org/abs/2105.14565) ricevono affatto un [ID CVE](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (software particolarmente meno popolare) e, dunque, non arrivano alla distribuzione con questo modello di correzione. Di conseguenza, talvolta, le correzioni di sicurezza minori sono rimandate alla versione principale successiva. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Alcune correzioni di sicurezza [non](https://arxiv.org/abs/2105.14565) ricevono affatto un [ID CVE](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (software particolarmente meno popolare) e, dunque, non arrivano alla distribuzione con questo modello di correzione. As a result, minor security fixes are sometimes held back until the next major release. Non crediamo che trattenere i pacchetti e applicare patch provvisorie sia una buona idea, poiché si discosta dal modo in cui lo sviluppatore avrebbe voluto che il software funzionasse. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ Se richiedi la funzionalità di sospensione su disco (ibernazione), dovresti com We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Il suo predecessore ([X11](https://en.wikipedia.org/wiki/X_Window_System)) non supporta l'isolamento della GUI, che consente a qualsiasi finestra di [registrare e iniettare input in altre finestre](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), rendendo futile qualsiasi tentativo di sandboxing. Sebbene esistano delle opzioni per eseguire X11 nidificato, quali [Xpra](https://en.wikipedia.org/wiki/Xpra) o [Xephyr](https://en.wikipedia.org/wiki/Xephyr), queste, spesso, presentano delle conseguenze negative sulle prestazioni e non sono né comode da configurare, né preferibili a Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). Se stai utilizzando uno di questi ambienti è molto facile, basta selezionare la sessione “Wayland” nel gestore dello schermo del desktop([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). Se stai utilizzando uno di questi ambienti è molto facile, basta selezionare la sessione “Wayland” nel gestore dello schermo del desktop([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). **Sconsigliamo** di usare ambienti desktop o gestori di finestre che non hanno il supporto per Wayland, come Cinnamon (è di default su Linux Mint), Pantheon (è di default su Elementary OS), MATE, Xfce, e i3. @@ -123,7 +123,7 @@ Molte distribuzioni di Linux installano automaticamente gli aggiornamenti o ti r Alcune distribuzioni (in particolare quelle rivolte agli utenti avanzati) sono più scarne e si aspettano che tu faccia le cose da solo (ad esempio Arch o Debian). Per ricevere gli aggiornamenti di sicurezza importanti su queste distribuzioni è necessario eseguire manualmente il "gestore di pacchetti" (`apt`, `pacman`, `dnf`, ecc.). -Inoltre, alcune distribuzioni non scaricano in automatico gli aggiornamenti del firmware. Per questo, dovrai installare [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Inoltre, alcune distribuzioni non scaricano in automatico gli aggiornamenti del firmware. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Miglioramenti della Privacy @@ -145,7 +145,7 @@ Esistono altri identificatori di sistema a cui dovresti prestare attenzione. Dov - **Nomi del host:** Il nome del host del tuo sistema è condiviso con le reti cui ti connetti. Dovresti evitare di includere i termini identificativi, come il tuo nome o sistema operativo nel tuo nome del host, piuttosto utilizzando termini generici o stringhe casuali. - **Nomi utente:** Similmente, il tuo nome utente è utilizzato in vari modi nel tuo sistema. Cerca di utilizzare termini generici come "utente", piuttosto che il tuo nome reale. -- **ID della macchina:** Durante l'installazione, viene generato un ID della macchina univoco, memorizzato sul tuo dispositivo. Considera di [impostarlo a un ID generico](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Considera di [impostarlo a un ID generico](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### Conteggio di Sistema @@ -153,4 +153,4 @@ Fedora Project [conteggia](https://fedoraproject.org/wiki/Changes/DNF_Better_Cou Quest'[opzione](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) è disabilitata di default. Consigliamo di aggiungere `countme=false` a `/etc/dnf/dnf.conf` nel caso in cui venga abilitato in futuro. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -anche openSUSE utilizza un [ID unico](https://en.opensuse.org/openSUSE:Statistics) per contare i sistemi, che può essere disabilitato cancellando il file `/var/lib/zypp/AnonymousUniqueId`. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/it/search-engines.md b/i18n/it/search-engines.md index bfc967b3..d4ae854f 100644 --- a/i18n/it/search-engines.md +++ b/i18n/it/search-engines.md @@ -32,7 +32,7 @@ Considera l'utilizzo di una [VPN](vpn.md) o di [Tor](tor.md), se il tuo modello **Brave Search** is a search engine developed by Brave. L'indice è ottimizzato rispetto a Google Search e, dunque, potrebbe fornire risultati contestualmente più accurati, rispetto ad altre alternative. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ Utilizzando un'istanza di SearXNG, assicurati di leggere la loro politica sulla ### Requisiti minimi - Must not collect PII per their privacy policy. -- Non deve consentire agli utenti di creare un profilo. +- Must not require users to create an account with them. ### Miglior Caso diff --git a/i18n/ja/desktop-browsers.md b/i18n/ja/desktop-browsers.md index ab3c3886..b31417b3 100644 --- a/i18n/ja/desktop-browsers.md +++ b/i18n/ja/desktop-browsers.md @@ -346,7 +346,7 @@ BraveのWeb3機能はブラウザのフィンガープリントなど攻撃面 #### Brave RewardsとWallet -**Brave Rewards**では、Brave内で特定のアクションを実行することで、Basic Attention Token(BAT)という暗号通貨を受け取ることができます。 It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#other-coins-bitcoin-ethereum-etc), so we would discourage using this feature. +**Brave Rewards**では、Brave内で特定のアクションを実行することで、Basic Attention Token(BAT)という暗号通貨を受け取ることができます。 It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave Wallet** operates locally on your computer, but does not support any private cryptocurrencies, so we would discourage using this feature as well. diff --git a/i18n/ja/os/linux-overview.md b/i18n/ja/os/linux-overview.md index 357e4496..5857c2fe 100644 --- a/i18n/ja/os/linux-overview.md +++ b/i18n/ja/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux is an open-source, privacy-focused desktop operating system alternative, but not all distribitions are created equal. --- -**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, Linux desktop has remained the clear choice for people looking for total control over their computers from the ground up. +**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Our website generally uses the term “Linux” to describe **desktop** Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed on this page. @@ -16,7 +16,7 @@ There are some notable privacy concerns with Linux which you should be aware of. - Avoid telemetry that often comes with proprietary operating systems - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ Additionally, Linux falls behind in implementing [exploit mitigations](https://m We highly recommend that you choose distributions which stay close to the stable upstream software releases, often referred to as rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result minor security fixes are sometimes held back until the next major release. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result, minor security fixes are sometimes held back until the next major release. We don’t believe holding packages back and applying interim patches is a good idea, as it diverges from the way the developer might have intended the software to work. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ If you require suspend-to-disk (hibernation) functionality, you will still need We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Its predecessor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) does not support GUI isolation, which allows any window to [record, log, and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). We recommend **against** using desktop environments or window managers that do not have Wayland support, such as Cinnamon (default on Linux Mint), Pantheon (default on Elementary OS), MATE, Xfce, and i3. @@ -123,7 +123,7 @@ Most Linux distributions will automatically install updates or remind you to do Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). These will require running the "package manager" (`apt`, `pacman`, `dnf`, etc.) manually in order to receive important security updates. -Additionally, some distributions will not download firmware updates automatically. For that you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Additionally, some distributions will not download firmware updates automatically. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Privacy Tweaks @@ -145,7 +145,7 @@ There are other system identifiers which you may wish to be careful about. You s - **Hostnames:** Your system's hostname is shared with the networks you connect to. You should avoid including identifying terms like your name or operating system in your hostname, instead sticking to generic terms or random strings. - **Usernames:** Similarly, your username is used in a variety of ways across your system. Consider using generic terms like "user" rather than your actual name. -- **Machine ID:**: During installation a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### System Counting @@ -153,4 +153,4 @@ The Fedora Project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Co This [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) is currently off by default. We recommend adding `countme=false` to `/etc/dnf/dnf.conf` just in case it is enabled in the future. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by deleting the `/var/lib/zypp/AnonymousUniqueId` file. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/ja/search-engines.md b/i18n/ja/search-engines.md index ae738a84..dbf93067 100644 --- a/i18n/ja/search-engines.md +++ b/i18n/ja/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. The index is optimized against Google Search and therefore may provide more contextually accurate results compared to other alternatives. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ When you are using a SearXNG instance, be sure to go read their privacy policy. ### 最低要件 - Must not collect PII per their privacy policy. -- Must not allow users to create an account with them. +- Must not require users to create an account with them. ### 満たされることが望ましい基準 diff --git a/i18n/ko/desktop-browsers.md b/i18n/ko/desktop-browsers.md index 676bb84d..22a317a1 100644 --- a/i18n/ko/desktop-browsers.md +++ b/i18n/ko/desktop-browsers.md @@ -346,7 +346,7 @@ Brave의 Web3 기능은 잠재적으로 브라우저의 핑거프린트와 공 #### Brave Rewards 및 Brave 월렛 -**Brave Rewards**는 Brave 내에서 특정 작업을 수행하여 BAT(Basic Attention Token) 암호화폐를 받을 수 있는 기능입니다. 해당 기능은 일부 선정된 제공 업체의 수탁형 계정과 KYC(고객 신원 확인)에 기반하여 동작합니다. Privacy Guide는 BAT를 [프라이버시 암호화폐](cryptocurrency.md)로 권장하지 않으며, [수탁형 지갑](advanced/payments.md#other-coins-bitcoin-ethereum-etc) 사용 또한 권장하지 않습니다. 따라서 해당 기능은 사용하지 않을 것을 권장합니다. +**Brave Rewards**는 Brave 내에서 특정 작업을 수행하여 BAT(Basic Attention Token) 암호화폐를 받을 수 있는 기능입니다. 해당 기능은 일부 선정된 제공 업체의 수탁형 계정과 KYC(고객 신원 확인)에 기반하여 동작합니다. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave 월렛**은 사용자 컴퓨터 로컬에서 작동하지만, 프라이버시 암호화폐를 지원하지 않으므로 이 또한 사용을 권장하지 않습니다. diff --git a/i18n/ko/os/linux-overview.md b/i18n/ko/os/linux-overview.md index d3b75df2..7f87207a 100644 --- a/i18n/ko/os/linux-overview.md +++ b/i18n/ko/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux is an open-source, privacy-focused desktop operating system alternative, but not all distribitions are created equal. --- -**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, Linux desktop has remained the clear choice for people looking for total control over their computers from the ground up. +**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Our website generally uses the term “Linux” to describe **desktop** Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed on this page. @@ -16,7 +16,7 @@ There are some notable privacy concerns with Linux which you should be aware of. - 독점 소프트웨어에 자주 따라오는 데이터 수집을 피하고 싶을 때 - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ Not all Linux distributions are created equal. Our [Linux recommendation page](. We highly recommend that you choose distributions which stay close to the stable upstream software releases, often referred to as rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result minor security fixes are sometimes held back until the next major release. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result, minor security fixes are sometimes held back until the next major release. We don’t believe holding packages back and applying interim patches is a good idea, as it diverges from the way the developer might have intended the software to work. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ If you require suspend-to-disk (hibernation) functionality, you will still need We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Its predecessor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) does not support GUI isolation, which allows any window to [record, log, and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). We recommend **against** using desktop environments or window managers that do not have Wayland support, such as Cinnamon (default on Linux Mint), Pantheon (default on Elementary OS), MATE, Xfce, and i3. @@ -123,7 +123,7 @@ Most Linux distributions will automatically install updates or remind you to do Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). These will require running the "package manager" (`apt`, `pacman`, `dnf`, etc.) manually in order to receive important security updates. -Additionally, some distributions will not download firmware updates automatically. For that you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Additionally, some distributions will not download firmware updates automatically. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Privacy Tweaks @@ -145,7 +145,7 @@ There are other system identifiers which you may wish to be careful about. You s - **Hostnames:** Your system's hostname is shared with the networks you connect to. You should avoid including identifying terms like your name or operating system in your hostname, instead sticking to generic terms or random strings. - **Usernames:** Similarly, your username is used in a variety of ways across your system. Consider using generic terms like "user" rather than your actual name. -- **Machine ID:**: During installation a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### System Counting @@ -153,4 +153,4 @@ The Fedora Project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Co This [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) is currently off by default. We recommend adding `countme=false` to `/etc/dnf/dnf.conf` just in case it is enabled in the future. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by deleting the `/var/lib/zypp/AnonymousUniqueId` file. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/ko/search-engines.md b/i18n/ko/search-engines.md index a1fb98c6..b78a59ef 100644 --- a/i18n/ko/search-engines.md +++ b/i18n/ko/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. 해당 색인은 Google 검색에 최적화되어 있으므로, 다른 대안에 비해 문맥상 더 정확한 결과를 제공할 수 있습니다. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ SearXNG 인스턴스를 사용하는 경우에는 해당 인스턴스의 프라 ### 최소 요구 사항 - Must not collect PII per their privacy policy. -- 해당 서비스에서는 사용자가 계정을 만들 수 없어야 합니다. +- Must not require users to create an account with them. ### 우대 사항 diff --git a/i18n/ku-IQ/desktop-browsers.md b/i18n/ku-IQ/desktop-browsers.md index 44b94447..3719c26e 100644 --- a/i18n/ku-IQ/desktop-browsers.md +++ b/i18n/ku-IQ/desktop-browsers.md @@ -346,7 +346,7 @@ Brave's Web3 features can potentially add to your browser fingerprint and attack #### Brave Rewards and Wallet -**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#other-coins-bitcoin-ethereum-etc), so we would discourage using this feature. +**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave Wallet** operates locally on your computer, but does not support any private cryptocurrencies, so we would discourage using this feature as well. diff --git a/i18n/ku-IQ/os/linux-overview.md b/i18n/ku-IQ/os/linux-overview.md index 56db7195..1e8a0dbc 100644 --- a/i18n/ku-IQ/os/linux-overview.md +++ b/i18n/ku-IQ/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux is an open-source, privacy-focused desktop operating system alternative, but not all distribitions are created equal. --- -**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, Linux desktop has remained the clear choice for people looking for total control over their computers from the ground up. +**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Our website generally uses the term “Linux” to describe **desktop** Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed on this page. @@ -16,7 +16,7 @@ There are some notable privacy concerns with Linux which you should be aware of. - Avoid telemetry that often comes with proprietary operating systems - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ Not all Linux distributions are created equal. Our [Linux recommendation page](. We highly recommend that you choose distributions which stay close to the stable upstream software releases, often referred to as rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result minor security fixes are sometimes held back until the next major release. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result, minor security fixes are sometimes held back until the next major release. We don’t believe holding packages back and applying interim patches is a good idea, as it diverges from the way the developer might have intended the software to work. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ If you require suspend-to-disk (hibernation) functionality, you will still need We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Its predecessor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) does not support GUI isolation, which allows any window to [record, log, and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). We recommend **against** using desktop environments or window managers that do not have Wayland support, such as Cinnamon (default on Linux Mint), Pantheon (default on Elementary OS), MATE, Xfce, and i3. @@ -123,7 +123,7 @@ Most Linux distributions will automatically install updates or remind you to do Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). These will require running the "package manager" (`apt`, `pacman`, `dnf`, etc.) manually in order to receive important security updates. -Additionally, some distributions will not download firmware updates automatically. For that you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Additionally, some distributions will not download firmware updates automatically. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Privacy Tweaks @@ -145,7 +145,7 @@ There are other system identifiers which you may wish to be careful about. You s - **Hostnames:** Your system's hostname is shared with the networks you connect to. You should avoid including identifying terms like your name or operating system in your hostname, instead sticking to generic terms or random strings. - **Usernames:** Similarly, your username is used in a variety of ways across your system. Consider using generic terms like "user" rather than your actual name. -- **Machine ID:**: During installation a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### System Counting @@ -153,4 +153,4 @@ The Fedora Project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Co This [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) is currently off by default. We recommend adding `countme=false` to `/etc/dnf/dnf.conf` just in case it is enabled in the future. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by deleting the `/var/lib/zypp/AnonymousUniqueId` file. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/ku-IQ/search-engines.md b/i18n/ku-IQ/search-engines.md index 26549697..d810dcc4 100644 --- a/i18n/ku-IQ/search-engines.md +++ b/i18n/ku-IQ/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. The index is optimized against Google Search and therefore may provide more contextually accurate results compared to other alternatives. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ When you are using a SearXNG instance, be sure to go read their privacy policy. ### Minimum Requirements - Must not collect PII per their privacy policy. -- Must not allow users to create an account with them. +- Must not require users to create an account with them. ### Best-Case diff --git a/i18n/nl/desktop-browsers.md b/i18n/nl/desktop-browsers.md index 2ce02664..ba109624 100644 --- a/i18n/nl/desktop-browsers.md +++ b/i18n/nl/desktop-browsers.md @@ -339,7 +339,7 @@ De Web3-functies van Brave kunnen de vingerafdruk van jouw browser en het aanval #### Brave Rewards en Wallet -**Met Brave Rewards** kun je Basic Attention Token (BAT) cryptocurrency ontvangen voor het uitvoeren van bepaalde acties binnen Brave. Het is afhankelijk van een bewaarrekening en KYC van een select aantal providers. Wij raden BAT niet aan als een [private cryptocurrency](cryptocurrency.md), noch raden wij het gebruik van een [custodial wallet](advanced/payments.md#other-coins-bitcoin-ethereum-etc)aan, dus raden wij het gebruik van deze functie af. +**Met Brave Rewards** kun je Basic Attention Token (BAT) cryptocurrency ontvangen voor het uitvoeren van bepaalde acties binnen Brave. Het is afhankelijk van een bewaarrekening en KYC van een select aantal providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave Wallet** werkt lokaal op jouw computer, maar ondersteunt geen private cryptocurrencies, dus we raden het gebruik van deze functie ook af. diff --git a/i18n/nl/os/linux-overview.md b/i18n/nl/os/linux-overview.md index 0fe826bd..f3c159e8 100644 --- a/i18n/nl/os/linux-overview.md +++ b/i18n/nl/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux is een open-source, privacy-gericht desktop besturingssysteem alternatief, maar niet alle distributies zijn gelijk. --- -**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, Linux desktop has remained the clear choice for people looking for total control over their computers from the ground up. +**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Our website generally uses the term “Linux” to describe **desktop** Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed on this page. @@ -16,7 +16,7 @@ There are some notable privacy concerns with Linux which you should be aware of. - Vermijd telemetrie die vaak gepaard gaat met propriëtaire besturingssystemen - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ Niet alle Linux-distributies zijn gelijk geschapen. Our [Linux recommendation pa Wij raden je ten zeerste aan distributies te kiezen die dicht bij de stabiele upstream software releases blijven, vaak aangeduid als rolling release distributies. Dit komt omdat distributies met een bevroren releasecyclus vaak de pakketversies niet bijwerken en achterlopen op beveiligingsupdates. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. Als gevolg daarvan worden kleine beveiligingsupdates soms uitgesteld tot de volgende grote release. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result, minor security fixes are sometimes held back until the next major release. Wij geloven niet dat het een goed idee is om pakketten tegen te houden en tussentijdse patches toe te passen, aangezien dit afwijkt van de manier waarop de ontwikkelaar de software bedoeld zou kunnen hebben. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ If you require suspend-to-disk (hibernation) functionality, you will still need We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Its predecessor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) does not support GUI isolation, which allows any window to [record, log, and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). Als je een van deze omgevingen gebruikt is het zo eenvoudig als het selecteren van de "Wayland" sessie bij de desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). Als je een van deze omgevingen gebruikt is het zo eenvoudig als het selecteren van de "Wayland" sessie bij de desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). Wij raden **aan tegen** door desktop omgevingen of window managers te gebruiken die geen Wayland ondersteuning hebben, zoals Cinnamon (standaard op Linux Mint), Pantheon (standaard op Elementary OS), MATE, Xfce, en i3. @@ -123,7 +123,7 @@ De meeste Linux-distributies zullen automatisch updates installeren of u eraan h Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). Hiervoor moet de "pakketbeheerder" (`apt`, `pacman`, `dnf`, enz.) handmatig worden uitgevoerd om belangrijke beveiligingsupdates te ontvangen. -Bovendien downloaden sommige distributies firmware-updates niet automatisch. Daarvoor moet je [`fwupd`](https://wiki.archlinux.org/title/Fwupd)installeren. +Bovendien downloaden sommige distributies firmware-updates niet automatisch. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Privacy Tweaks @@ -145,7 +145,7 @@ Er zijn andere systeemidentifiers waar u misschien voorzichtig mee moet zijn. Je - **Hostnamen:** De hostnaam van jouw systeem wordt gedeeld met de netwerken waarmee je verbinding maakt. Je kunt beter geen identificerende termen zoals jouw naam of besturingssysteem in jouw hostnaam opnemen, maar het bij algemene termen of willekeurige strings houden. - **Gebruikersnamen:** Ook jouw gebruikersnaam wordt op verschillende manieren in jouw systeem gebruikt. Gebruik liever algemene termen als "gebruiker" dan jouw eigenlijke naam. -- **Machine ID:**: Tijdens de installatie wordt een unieke machine ID gegenereerd en opgeslagen op jouw toestel. Overweeg [het in te stellen op een generieke ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Overweeg [het in te stellen op een generieke ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### Systeemtelling @@ -153,4 +153,4 @@ Het Fedora Project [telt](https://fedoraproject.org/wiki/Changes/DNF_Better_Coun Deze [optie](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) staat momenteel standaard uit. We raden aan om `countme=false` toe te voegen aan `/etc/dnf/dnf.conf` voor het geval het in de toekomst wordt ingeschakeld. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE gebruikt ook een [unieke ID](https://en.opensuse.org/openSUSE:Statistics) om systemen te tellen, die kan worden uitgeschakeld door het bestand `/var/lib/zypp/AnonymousUniqueId` te verwijderen. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/nl/search-engines.md b/i18n/nl/search-engines.md index d45b6029..08ada499 100644 --- a/i18n/nl/search-engines.md +++ b/i18n/nl/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. De index is geoptimaliseerd voor Google Search en kan daarom contextueel nauwkeurigere resultaten bieden dan andere alternatieven. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ Wanneer je een SearXNG-instantie gebruikt, moet je zeker hun privacybeleid lezen ### Minimale vereisten - Must not collect PII per their privacy policy. -- Mag niet toestaan dat gebruikers bij hen een account aanmaken. +- Must not require users to create an account with them. ### Beste geval diff --git a/i18n/pl/desktop-browsers.md b/i18n/pl/desktop-browsers.md index 9080dbe5..b083670d 100644 --- a/i18n/pl/desktop-browsers.md +++ b/i18n/pl/desktop-browsers.md @@ -346,7 +346,7 @@ Brave's Web3 features can potentially add to your browser fingerprint and attack #### Brave Rewards and Wallet -**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#other-coins-bitcoin-ethereum-etc), so we would discourage using this feature. +**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave Wallet** operates locally on your computer, but does not support any private cryptocurrencies, so we would discourage using this feature as well. diff --git a/i18n/pl/os/linux-overview.md b/i18n/pl/os/linux-overview.md index fe29e338..7b2634fa 100644 --- a/i18n/pl/os/linux-overview.md +++ b/i18n/pl/os/linux-overview.md @@ -4,7 +4,7 @@ icon: fontawesome/brands/linux description: Linux is an open-source, privacy-focused desktop operating system alternative, but not all distribitions are created equal. --- -**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, Linux desktop has remained the clear choice for people looking for total control over their computers from the ground up. +**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Our website generally uses the term “Linux” to describe **desktop** Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed on this page. @@ -16,7 +16,7 @@ There are some notable privacy concerns with Linux which you should be aware of. - Avoid telemetry that often comes with proprietary operating systems - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ Not all Linux distributions are created equal. Our [Linux recommendation page](. We highly recommend that you choose distributions which stay close to the stable upstream software releases, often referred to as rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result minor security fixes are sometimes held back until the next major release. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result, minor security fixes are sometimes held back until the next major release. We don’t believe holding packages back and applying interim patches is a good idea, as it diverges from the way the developer might have intended the software to work. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ If you require suspend-to-disk (hibernation) functionality, you will still need We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Its predecessor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) does not support GUI isolation, which allows any window to [record, log, and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). We recommend **against** using desktop environments or window managers that do not have Wayland support, such as Cinnamon (default on Linux Mint), Pantheon (default on Elementary OS), MATE, Xfce, and i3. @@ -123,7 +123,7 @@ Most Linux distributions will automatically install updates or remind you to do Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). These will require running the "package manager" (`apt`, `pacman`, `dnf`, etc.) manually in order to receive important security updates. -Additionally, some distributions will not download firmware updates automatically. For that you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Additionally, some distributions will not download firmware updates automatically. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Privacy Tweaks @@ -145,7 +145,7 @@ There are other system identifiers which you may wish to be careful about. You s - **Hostnames:** Your system's hostname is shared with the networks you connect to. You should avoid including identifying terms like your name or operating system in your hostname, instead sticking to generic terms or random strings. - **Usernames:** Similarly, your username is used in a variety of ways across your system. Consider using generic terms like "user" rather than your actual name. -- **Machine ID:**: During installation a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### System Counting @@ -153,4 +153,4 @@ The Fedora Project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Co This [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) is currently off by default. We recommend adding `countme=false` to `/etc/dnf/dnf.conf` just in case it is enabled in the future. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by deleting the `/var/lib/zypp/AnonymousUniqueId` file. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/pl/search-engines.md b/i18n/pl/search-engines.md index 611edd59..d17113e9 100644 --- a/i18n/pl/search-engines.md +++ b/i18n/pl/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. The index is optimized against Google Search and therefore may provide more contextually accurate results compared to other alternatives. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ When you are using a SearXNG instance, be sure to go read their privacy policy. ### Minimum Requirements - Must not collect PII per their privacy policy. -- Must not allow users to create an account with them. +- Must not require users to create an account with them. ### Best-Case diff --git a/i18n/pt-BR/desktop-browsers.md b/i18n/pt-BR/desktop-browsers.md index 7b17db55..c8df5140 100644 --- a/i18n/pt-BR/desktop-browsers.md +++ b/i18n/pt-BR/desktop-browsers.md @@ -346,7 +346,7 @@ As funcionalidades Web3 do Brave podem potencialmente acrescentar à impressão #### Recompensas Brave e Carteira -O **Brave Rewards** te permite receber a criptomoeda Basic Attention Token (BAT) por performar certas atividades através do Brave. Ele depende de uma conta de custódia e KYC de um número selecionado de provedores. Nós não recomendamos o BAT como uma [criptomoeda privada](cryptocurrency.md), tampouco recomendamos usar uma [carteira de custódia](advanced/payments.md#other-coins-bitcoin-ethereum-etc), então nós desencorajamos o uso dessa função. +O **Brave Rewards** te permite receber a criptomoeda Basic Attention Token (BAT) por performar certas atividades através do Brave. Ele depende de uma conta de custódia e KYC de um número selecionado de provedores. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. A **Carteira Brave** opera localmente em seu computador, mas não suporta nenhuma criptomoeda privada, então nós desencorajamos o uso dessa ferramenta também. diff --git a/i18n/pt-BR/os/linux-overview.md b/i18n/pt-BR/os/linux-overview.md index 6e55edfa..1a72ac23 100644 --- a/i18n/pt-BR/os/linux-overview.md +++ b/i18n/pt-BR/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux is an open-source, privacy-focused desktop operating system alternative, but not all distribitions are created equal. --- -**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, Linux desktop has remained the clear choice for people looking for total control over their computers from the ground up. +**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Our website generally uses the term “Linux” to describe **desktop** Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed on this page. @@ -16,7 +16,7 @@ There are some notable privacy concerns with Linux which you should be aware of. - Avoid telemetry that often comes with proprietary operating systems - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ Not all Linux distributions are created equal. Our [Linux recommendation page](. We highly recommend that you choose distributions which stay close to the stable upstream software releases, often referred to as rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result minor security fixes are sometimes held back until the next major release. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result, minor security fixes are sometimes held back until the next major release. We don’t believe holding packages back and applying interim patches is a good idea, as it diverges from the way the developer might have intended the software to work. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ If you require suspend-to-disk (hibernation) functionality, you will still need We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Its predecessor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) does not support GUI isolation, which allows any window to [record, log, and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). We recommend **against** using desktop environments or window managers that do not have Wayland support, such as Cinnamon (default on Linux Mint), Pantheon (default on Elementary OS), MATE, Xfce, and i3. @@ -123,7 +123,7 @@ Most Linux distributions will automatically install updates or remind you to do Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). These will require running the "package manager" (`apt`, `pacman`, `dnf`, etc.) manually in order to receive important security updates. -Additionally, some distributions will not download firmware updates automatically. For that you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Additionally, some distributions will not download firmware updates automatically. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Privacy Tweaks @@ -145,7 +145,7 @@ There are other system identifiers which you may wish to be careful about. You s - **Hostnames:** Your system's hostname is shared with the networks you connect to. You should avoid including identifying terms like your name or operating system in your hostname, instead sticking to generic terms or random strings. - **Usernames:** Similarly, your username is used in a variety of ways across your system. Consider using generic terms like "user" rather than your actual name. -- **Machine ID:**: During installation a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### System Counting @@ -153,4 +153,4 @@ The Fedora Project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Co This [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) is currently off by default. We recommend adding `countme=false` to `/etc/dnf/dnf.conf` just in case it is enabled in the future. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by deleting the `/var/lib/zypp/AnonymousUniqueId` file. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/pt-BR/search-engines.md b/i18n/pt-BR/search-engines.md index 68001329..c45fe946 100644 --- a/i18n/pt-BR/search-engines.md +++ b/i18n/pt-BR/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. The index is optimized against Google Search and therefore may provide more contextually accurate results compared to other alternatives. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ When you are using a SearXNG instance, be sure to go read their privacy policy. ### Requisitos Mínimos - Must not collect PII per their privacy policy. -- Must not allow users to create an account with them. +- Must not require users to create an account with them. ### Melhor Caso diff --git a/i18n/pt/desktop-browsers.md b/i18n/pt/desktop-browsers.md index a3c38c10..5bfeb6bb 100644 --- a/i18n/pt/desktop-browsers.md +++ b/i18n/pt/desktop-browsers.md @@ -346,7 +346,7 @@ As funcionalidades Web3 do Brave podem potencialmente aumentar a impressão digi #### Recompensar Brave -**Recompensas Brave** permite-lhe receber criptomoeda Basic Attention Token (BAT) pelo facto de realizar determinadas ações. Baseia-se numa conta de custódia e no KYC de um número selecionado de fornecedores. Não recomendamos a BAT como uma criptomoeda privada [](cryptocurrency.md), nem recomendamos a utilização de uma carteira de custódia [](advanced/payments.md#other-coins-bitcoin-ethereum-etc), pelo que desencorajamos a utilização desta funcionalidade. +**Recompensas Brave** permite-lhe receber criptomoeda Basic Attention Token (BAT) pelo facto de realizar determinadas ações. Baseia-se numa conta de custódia e no KYC de um número selecionado de fornecedores. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **A Brave Wallet** funciona localmente no seu computador, mas não suporta quaisquer criptomoedas privadas, pelo que desencorajamos a utilização desta funcionalidade também. diff --git a/i18n/pt/os/linux-overview.md b/i18n/pt/os/linux-overview.md index b79f925b..cfa65e28 100644 --- a/i18n/pt/os/linux-overview.md +++ b/i18n/pt/os/linux-overview.md @@ -4,7 +4,7 @@ icon: fontawesome/brands/linux description: Linux is an open-source, privacy-focused desktop operating system alternative, but not all distribitions are created equal. --- -**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, Linux desktop has remained the clear choice for people looking for total control over their computers from the ground up. +**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Our website generally uses the term “Linux” to describe **desktop** Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed on this page. @@ -16,7 +16,7 @@ There are some notable privacy concerns with Linux which you should be aware of. - Avoid telemetry that often comes with proprietary operating systems - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ Not all Linux distributions are created equal. Our [Linux recommendation page](. We highly recommend that you choose distributions which stay close to the stable upstream software releases, often referred to as rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result minor security fixes are sometimes held back until the next major release. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result, minor security fixes are sometimes held back until the next major release. We don’t believe holding packages back and applying interim patches is a good idea, as it diverges from the way the developer might have intended the software to work. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ If you require suspend-to-disk (hibernation) functionality, you will still need We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Its predecessor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) does not support GUI isolation, which allows any window to [record, log, and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). We recommend **against** using desktop environments or window managers that do not have Wayland support, such as Cinnamon (default on Linux Mint), Pantheon (default on Elementary OS), MATE, Xfce, and i3. @@ -123,7 +123,7 @@ Most Linux distributions will automatically install updates or remind you to do Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). These will require running the "package manager" (`apt`, `pacman`, `dnf`, etc.) manually in order to receive important security updates. -Additionally, some distributions will not download firmware updates automatically. For that you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Additionally, some distributions will not download firmware updates automatically. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Privacy Tweaks @@ -145,7 +145,7 @@ There are other system identifiers which you may wish to be careful about. You s - **Hostnames:** Your system's hostname is shared with the networks you connect to. You should avoid including identifying terms like your name or operating system in your hostname, instead sticking to generic terms or random strings. - **Usernames:** Similarly, your username is used in a variety of ways across your system. Consider using generic terms like "user" rather than your actual name. -- **Machine ID:**: During installation a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### System Counting @@ -153,4 +153,4 @@ The Fedora Project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Co This [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) is currently off by default. We recommend adding `countme=false` to `/etc/dnf/dnf.conf` just in case it is enabled in the future. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by deleting the `/var/lib/zypp/AnonymousUniqueId` file. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/pt/search-engines.md b/i18n/pt/search-engines.md index 758d5c32..274bfb85 100644 --- a/i18n/pt/search-engines.md +++ b/i18n/pt/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. O índice está otimizado para emular a pesquisa Google e, por esse motivo, está em condições de fornecer resultados mais precisos em termos contextuais do que outras alternativas. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ Quando estiver a utilizar uma instância do SearXNG, certifique-se de que lê a ### Requisitos mínimos - Must not collect PII per their privacy policy. -- Não deve ser obrigatório criar uma conta. +- Must not require users to create an account with them. ### Melhor caso diff --git a/i18n/ru/desktop-browsers.md b/i18n/ru/desktop-browsers.md index ae0c0b47..33d99054 100644 --- a/i18n/ru/desktop-browsers.md +++ b/i18n/ru/desktop-browsers.md @@ -346,7 +346,7 @@ If you wish to stay logged in to a particular site you visit often, you can set #### Вознаграждение Brave и Кошелек -**Вознаграждения Brave** позволяют получать криптовалюту Basic Attention Token (BAT) за выполнение определенных действий в Brave. Она опирается на кастодиальный аккаунт и KYC от определенного числа провайдеров. Мы не рекомендуем использовать BAT в качестве [конфиденциальной криптовалюты](cryptocurrency.md), также мы не рекомендуем использовать [кастодиальный кошелек](advanced/payments.md#other-coins-bitcoin-ethereum-etc), поэтому мы не советуем использовать эту функцию. +**Вознаграждения Brave** позволяют получать криптовалюту Basic Attention Token (BAT) за выполнение определенных действий в Brave. Она опирается на кастодиальный аккаунт и KYC от определенного числа провайдеров. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Кошелек Brave** работает локально на твоём компьютере, но не поддерживает никаких конфиденциальных криптовалют, поэтому мы бы не советовали использовать и эту функцию. diff --git a/i18n/ru/os/linux-overview.md b/i18n/ru/os/linux-overview.md index 3afea1e7..59299a5e 100644 --- a/i18n/ru/os/linux-overview.md +++ b/i18n/ru/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux - это альтернативная настольная операционная система с открытым исходным кодом, ориентированная на конфиденциальность, но не все дистрибутивы созданы одинаково. --- -**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, Linux desktop has remained the clear choice for people looking for total control over their computers from the ground up. +**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Our website generally uses the term “Linux” to describe **desktop** Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed on this page. @@ -16,7 +16,7 @@ There are some notable privacy concerns with Linux which you should be aware of. - Избежать телеметрии, которая часто поставляется с проприетарными операционными системами - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ Additionally, Linux falls behind in implementing [exploit mitigations](https://m Мы настоятельно рекомендуем вам выбирать дистрибутивы, которые близки к стабильным релизам программного обеспечения, часто называемые дистрибутивами с плавающим релизом. Это связано с тем, что дистрибутивы с замороженным циклом выпуска часто не обновляют версии пакетов и не получают обновлений безопасности. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. В результате незначительные исправления безопасности иногда задерживаются до следующего крупного релиза. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result, minor security fixes are sometimes held back until the next major release. Мы не считаем, что задержка пакетов и применение промежуточных исправлений является хорошей идеей, так как это расходится с тем, как разработчик мог задумать работу программного обеспечения. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ If you require suspend-to-disk (hibernation) functionality, you will still need We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Its predecessor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) does not support GUI isolation, which allows any window to [record, log, and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). Если вы используете одну из этих сред, можно просто выбрать сессию "Wayland" в менеджере отображения рабочего стола ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). Если вы используете одну из этих сред, можно просто выбрать сессию "Wayland" в менеджере отображения рабочего стола ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). Мы рекомендуем **не использовать** окружения рабочего стола или оконные менеджеры, которые не имеют поддержки Wayland, например Cinnamon (по умолчанию в Linux Mint), Pantheon (стандартный в Elementary OS), MATE, Xfce и i3. @@ -123,7 +123,7 @@ We **highly recommend** that you install microcode updates, as they contain impo Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). Для получения важных обновлений безопасности потребуется вручную запустить "менеджер пакетов" (`apt`, `pacman`, `dnf` и т.д.). -Кроме того, некоторые дистрибутивы не будут автоматически загружать обновления прошивки. Для этого вам нужно установить [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Кроме того, некоторые дистрибутивы не будут автоматически загружать обновления прошивки. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Твики конфиденциальности @@ -145,7 +145,7 @@ MAC address randomization is primarily beneficial for Wi-Fi connections. For Eth - **Хост-имена:** Имя хоста вашей системы является общим для сетей, к которым вы подключаетесь. Вам следует избегать включения в имя хоста идентифицирующих терминов, таких как ваше имя или операционная система, вместо этого следует использовать общие термины или случайные строки. - **Имена пользователей:** Аналогично, ваше имя пользователя используется различными способами в вашей системе. Рассмотрите возможность использования общих терминов, таких как "пользователь", вместо вашего настоящего имени. -- **Идентификатор устройства:**: Во время установки генерируется уникальный идентификатор устройства, который сохраняется на вашем устройстве. Рассмотрите возможность [установки случайного идентификатора](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Рассмотрите возможность [установки случайного идентификатора](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### Подсчёт систем @@ -153,4 +153,4 @@ MAC address randomization is primarily beneficial for Wi-Fi connections. For Eth Эта [опция](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) в настоящее время по умолчанию выключена. Мы рекомендуем добавить `countme=false` в `/etc/dnf/dnf.conf` на случай, если она будет включена в будущем. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE также использует [уникальный идентификатор](https://en.opensuse.org/openSUSE:Statistics) для подсчета систем, который можно отключить, удалив файл `/var/lib/zypp/AnonymousUniqueId`. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/ru/search-engines.md b/i18n/ru/search-engines.md index 97d4addf..4a2f3f21 100644 --- a/i18n/ru/search-engines.md +++ b/i18n/ru/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. Индекс оптимизирован под Google Search и поэтому может предоставлять более контекстно точные результаты по сравнению с другими альтернативами. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ SearXNG — это прокси между пользователями и по ### Минимальные требования к сервисам - Must not collect PII per their privacy policy. -- Не должны позволять пользователям создавать учетную запись у них. +- Must not require users to create an account with them. ### В лучшем случае diff --git a/i18n/sv/desktop-browsers.md b/i18n/sv/desktop-browsers.md index 0f631f80..83f2d15e 100644 --- a/i18n/sv/desktop-browsers.md +++ b/i18n/sv/desktop-browsers.md @@ -346,7 +346,7 @@ Brave's Web3 features can potentially add to your browser fingerprint and attack #### Brave Rewards and Wallet -**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#other-coins-bitcoin-ethereum-etc), so we would discourage using this feature. +**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave Wallet** operates locally on your computer, but does not support any private cryptocurrencies, so we would discourage using this feature as well. diff --git a/i18n/sv/os/linux-overview.md b/i18n/sv/os/linux-overview.md index 748e4bb1..4d492dd4 100644 --- a/i18n/sv/os/linux-overview.md +++ b/i18n/sv/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux is an open-source, privacy-focused desktop operating system alternative, but not all distribitions are created equal. --- -**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, Linux desktop has remained the clear choice for people looking for total control over their computers from the ground up. +**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Our website generally uses the term “Linux” to describe **desktop** Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed on this page. @@ -16,7 +16,7 @@ There are some notable privacy concerns with Linux which you should be aware of. - Undvik telemetri som ofta kommer med egna operativsystem - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ Inte alla Linux-distributioner är skapade lika. Our [Linux recommendation page] Vi rekommenderar starkt att du väljer distributioner som ligger nära de stabila uppströmsutgåvorna, ofta kallade rullande utgåvor. Detta beror på att frysta utgåvor ofta inte uppdaterar paketversioner och hamnar bakom säkerhetsuppdateringar. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. Som ett resultat hålls mindre säkerhetskorrigeringar ibland tillbaka till nästa stora utgåva. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result, minor security fixes are sometimes held back until the next major release. Vi tror inte att hålla paket tillbaka och tillämpa tillfälliga patchar är en bra idé, eftersom det skiljer sig från hur utvecklaren kan ha avsett att programvaran ska fungera. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ If you require suspend-to-disk (hibernation) functionality, you will still need We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Its predecessor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) does not support GUI isolation, which allows any window to [record, log, and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). Om du använder en av dessa miljöer är det lika enkelt som att välja "Wayland"-sessionen i skrivbordsdisplayhanteraren ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). Om du använder en av dessa miljöer är det lika enkelt som att välja "Wayland"-sessionen i skrivbordsdisplayhanteraren ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). Vi rekommenderar **mot** om du använder skrivbordsmiljöer eller fönsterhanterare som inte har stöd för Wayland, till exempel Cinnamon (standard i Linux Mint), Pantheon (standard i Elementary OS), MATE, Xfce och i3. @@ -123,7 +123,7 @@ De flesta Linuxdistributioner installerar automatiskt uppdateringar eller påmin Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). Dessa kräver att du kör "pakethanteraren" (`apt`, `pacman`, `dnf`, etc.) manuellt för att få viktiga säkerhetsuppdateringar. -Dessutom hämtar vissa distributioner inte uppdateringar av den fasta programvaran automatiskt. För detta måste du installera [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Dessutom hämtar vissa distributioner inte uppdateringar av den fasta programvaran automatiskt. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Verktyg för integritet @@ -145,7 +145,7 @@ Det finns andra systemidentifierare som du bör vara försiktig med. Du bör fun - **Värdnamn:** Systemets värdnamn delas med de nätverk du ansluter till. Du bör undvika att inkludera identifierande termer som ditt namn eller operativsystem i ditt värdnamn och i stället hålla dig till generiska termer eller slumpmässiga strängar. - **Användarnamn:** På samma sätt används ditt användarnamn på olika sätt i systemet. Överväg att använda generiska termer som "användare" snarare än ditt faktiska namn. -- **Machine ID:**: During installation a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### System Counting @@ -153,4 +153,4 @@ The Fedora Project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Co This [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) is currently off by default. We recommend adding `countme=false` to `/etc/dnf/dnf.conf` just in case it is enabled in the future. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by deleting the `/var/lib/zypp/AnonymousUniqueId` file. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/sv/search-engines.md b/i18n/sv/search-engines.md index e86594a2..0c610ff8 100644 --- a/i18n/sv/search-engines.md +++ b/i18n/sv/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. The index is optimized against Google Search and therefore may provide more contextually accurate results compared to other alternatives. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ When you are using a SearXNG instance, be sure to go read their privacy policy. ### Minimikrav - Must not collect PII per their privacy policy. -- Must not allow users to create an account with them. +- Must not require users to create an account with them. ### Bästa fall diff --git a/i18n/tr/desktop-browsers.md b/i18n/tr/desktop-browsers.md index fdfb1cb6..4e341e13 100644 --- a/i18n/tr/desktop-browsers.md +++ b/i18n/tr/desktop-browsers.md @@ -346,7 +346,7 @@ Brave's Web3 features can potentially add to your browser fingerprint and attack #### Brave Rewards and Wallet -**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#other-coins-bitcoin-ethereum-etc), so we would discourage using this feature. +**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave Wallet** operates locally on your computer, but does not support any private cryptocurrencies, so we would discourage using this feature as well. diff --git a/i18n/tr/os/linux-overview.md b/i18n/tr/os/linux-overview.md index 489fcfd8..908f8799 100644 --- a/i18n/tr/os/linux-overview.md +++ b/i18n/tr/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux is an open-source, privacy-focused desktop operating system alternative, but not all distribitions are created equal. --- -**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, Linux desktop has remained the clear choice for people looking for total control over their computers from the ground up. +**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Our website generally uses the term “Linux” to describe **desktop** Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed on this page. @@ -16,7 +16,7 @@ There are some notable privacy concerns with Linux which you should be aware of. - Avoid telemetry that often comes with proprietary operating systems - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ Not all Linux distributions are created equal. Our [Linux recommendation page](. We highly recommend that you choose distributions which stay close to the stable upstream software releases, often referred to as rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result minor security fixes are sometimes held back until the next major release. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result, minor security fixes are sometimes held back until the next major release. We don’t believe holding packages back and applying interim patches is a good idea, as it diverges from the way the developer might have intended the software to work. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ If you require suspend-to-disk (hibernation) functionality, you will still need We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Its predecessor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) does not support GUI isolation, which allows any window to [record, log, and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). We recommend **against** using desktop environments or window managers that do not have Wayland support, such as Cinnamon (default on Linux Mint), Pantheon (default on Elementary OS), MATE, Xfce, and i3. @@ -123,7 +123,7 @@ Most Linux distributions will automatically install updates or remind you to do Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). These will require running the "package manager" (`apt`, `pacman`, `dnf`, etc.) manually in order to receive important security updates. -Additionally, some distributions will not download firmware updates automatically. For that you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Additionally, some distributions will not download firmware updates automatically. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Privacy Tweaks @@ -145,7 +145,7 @@ There are other system identifiers which you may wish to be careful about. You s - **Hostnames:** Your system's hostname is shared with the networks you connect to. You should avoid including identifying terms like your name or operating system in your hostname, instead sticking to generic terms or random strings. - **Usernames:** Similarly, your username is used in a variety of ways across your system. Consider using generic terms like "user" rather than your actual name. -- **Machine ID:**: During installation a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### System Counting @@ -153,4 +153,4 @@ The Fedora Project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Co This [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) is currently off by default. We recommend adding `countme=false` to `/etc/dnf/dnf.conf` just in case it is enabled in the future. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by deleting the `/var/lib/zypp/AnonymousUniqueId` file. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/tr/search-engines.md b/i18n/tr/search-engines.md index b895b686..194d2c2f 100644 --- a/i18n/tr/search-engines.md +++ b/i18n/tr/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. The index is optimized against Google Search and therefore may provide more contextually accurate results compared to other alternatives. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ When you are using a SearXNG instance, be sure to go read their privacy policy. ### Minimum Requirements - Must not collect PII per their privacy policy. -- Must not allow users to create an account with them. +- Must not require users to create an account with them. ### Best-Case diff --git a/i18n/uk/desktop-browsers.md b/i18n/uk/desktop-browsers.md index 47ba23ae..5a0dc225 100644 --- a/i18n/uk/desktop-browsers.md +++ b/i18n/uk/desktop-browsers.md @@ -346,7 +346,7 @@ Brave's Web3 features can potentially add to your browser fingerprint and attack #### Brave Rewards and Wallet -**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#other-coins-bitcoin-ethereum-etc), so we would discourage using this feature. +**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave Wallet** operates locally on your computer, but does not support any private cryptocurrencies, so we would discourage using this feature as well. diff --git a/i18n/uk/os/linux-overview.md b/i18n/uk/os/linux-overview.md index 56db7195..1e8a0dbc 100644 --- a/i18n/uk/os/linux-overview.md +++ b/i18n/uk/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux is an open-source, privacy-focused desktop operating system alternative, but not all distribitions are created equal. --- -**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, Linux desktop has remained the clear choice for people looking for total control over their computers from the ground up. +**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Our website generally uses the term “Linux” to describe **desktop** Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed on this page. @@ -16,7 +16,7 @@ There are some notable privacy concerns with Linux which you should be aware of. - Avoid telemetry that often comes with proprietary operating systems - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ Not all Linux distributions are created equal. Our [Linux recommendation page](. We highly recommend that you choose distributions which stay close to the stable upstream software releases, often referred to as rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result minor security fixes are sometimes held back until the next major release. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result, minor security fixes are sometimes held back until the next major release. We don’t believe holding packages back and applying interim patches is a good idea, as it diverges from the way the developer might have intended the software to work. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ If you require suspend-to-disk (hibernation) functionality, you will still need We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Its predecessor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) does not support GUI isolation, which allows any window to [record, log, and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). We recommend **against** using desktop environments or window managers that do not have Wayland support, such as Cinnamon (default on Linux Mint), Pantheon (default on Elementary OS), MATE, Xfce, and i3. @@ -123,7 +123,7 @@ Most Linux distributions will automatically install updates or remind you to do Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). These will require running the "package manager" (`apt`, `pacman`, `dnf`, etc.) manually in order to receive important security updates. -Additionally, some distributions will not download firmware updates automatically. For that you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Additionally, some distributions will not download firmware updates automatically. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Privacy Tweaks @@ -145,7 +145,7 @@ There are other system identifiers which you may wish to be careful about. You s - **Hostnames:** Your system's hostname is shared with the networks you connect to. You should avoid including identifying terms like your name or operating system in your hostname, instead sticking to generic terms or random strings. - **Usernames:** Similarly, your username is used in a variety of ways across your system. Consider using generic terms like "user" rather than your actual name. -- **Machine ID:**: During installation a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### System Counting @@ -153,4 +153,4 @@ The Fedora Project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Co This [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) is currently off by default. We recommend adding `countme=false` to `/etc/dnf/dnf.conf` just in case it is enabled in the future. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by deleting the `/var/lib/zypp/AnonymousUniqueId` file. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/uk/search-engines.md b/i18n/uk/search-engines.md index 67145f66..c091c95d 100644 --- a/i18n/uk/search-engines.md +++ b/i18n/uk/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. The index is optimized against Google Search and therefore may provide more contextually accurate results compared to other alternatives. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ When you are using a SearXNG instance, be sure to go read their privacy policy. ### Minimum Requirements - Must not collect PII per their privacy policy. -- Must not allow users to create an account with them. +- Must not require users to create an account with them. ### Best-Case diff --git a/i18n/vi/desktop-browsers.md b/i18n/vi/desktop-browsers.md index dd6ac892..9adb9786 100644 --- a/i18n/vi/desktop-browsers.md +++ b/i18n/vi/desktop-browsers.md @@ -346,7 +346,7 @@ Brave's Web3 features can potentially add to your browser fingerprint and attack #### Brave Rewards and Wallet -**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#other-coins-bitcoin-ethereum-etc), so we would discourage using this feature. +**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave Wallet** operates locally on your computer, but does not support any private cryptocurrencies, so we would discourage using this feature as well. diff --git a/i18n/vi/os/linux-overview.md b/i18n/vi/os/linux-overview.md index 56db7195..1e8a0dbc 100644 --- a/i18n/vi/os/linux-overview.md +++ b/i18n/vi/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux is an open-source, privacy-focused desktop operating system alternative, but not all distribitions are created equal. --- -**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, Linux desktop has remained the clear choice for people looking for total control over their computers from the ground up. +**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Our website generally uses the term “Linux” to describe **desktop** Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed on this page. @@ -16,7 +16,7 @@ There are some notable privacy concerns with Linux which you should be aware of. - Avoid telemetry that often comes with proprietary operating systems - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ Not all Linux distributions are created equal. Our [Linux recommendation page](. We highly recommend that you choose distributions which stay close to the stable upstream software releases, often referred to as rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates. -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result minor security fixes are sometimes held back until the next major release. +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result, minor security fixes are sometimes held back until the next major release. We don’t believe holding packages back and applying interim patches is a good idea, as it diverges from the way the developer might have intended the software to work. [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ If you require suspend-to-disk (hibernation) functionality, you will still need We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Its predecessor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) does not support GUI isolation, which allows any window to [record, log, and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). If you’re using one of those environments it is as easy as selecting the “Wayland” session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)). We recommend **against** using desktop environments or window managers that do not have Wayland support, such as Cinnamon (default on Linux Mint), Pantheon (default on Elementary OS), MATE, Xfce, and i3. @@ -123,7 +123,7 @@ Most Linux distributions will automatically install updates or remind you to do Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). These will require running the "package manager" (`apt`, `pacman`, `dnf`, etc.) manually in order to receive important security updates. -Additionally, some distributions will not download firmware updates automatically. For that you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). +Additionally, some distributions will not download firmware updates automatically. For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## Privacy Tweaks @@ -145,7 +145,7 @@ There are other system identifiers which you may wish to be careful about. You s - **Hostnames:** Your system's hostname is shared with the networks you connect to. You should avoid including identifying terms like your name or operating system in your hostname, instead sticking to generic terms or random strings. - **Usernames:** Similarly, your username is used in a variety of ways across your system. Consider using generic terms like "user" rather than your actual name. -- **Machine ID:**: During installation a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). ### System Counting @@ -153,4 +153,4 @@ The Fedora Project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Co This [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) is currently off by default. We recommend adding `countme=false` to `/etc/dnf/dnf.conf` just in case it is enabled in the future. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by deleting the `/var/lib/zypp/AnonymousUniqueId` file. +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/vi/search-engines.md b/i18n/vi/search-engines.md index 5cb45f54..812d771d 100644 --- a/i18n/vi/search-engines.md +++ b/i18n/vi/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. The index is optimized against Google Search and therefore may provide more contextually accurate results compared to other alternatives. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ When you are using a SearXNG instance, be sure to go read their privacy policy. ### Minimum Requirements - Must not collect PII per their privacy policy. -- Must not allow users to create an account with them. +- Must not require users to create an account with them. ### Best-Case diff --git a/i18n/zh-Hant/desktop-browsers.md b/i18n/zh-Hant/desktop-browsers.md index 78f31469..cfadffe7 100644 --- a/i18n/zh-Hant/desktop-browsers.md +++ b/i18n/zh-Hant/desktop-browsers.md @@ -347,7 +347,7 @@ Brave 的 Web3 功能可能會增加您的瀏覽器指紋和攻擊面。 除非 #### Brave 獎勵與錢包 -** Brave 獎勵** 可讓您在 Brave 執行某些動作時獲得Basic Attention Token (BAT) 加密貨幣。 它依賴於由少數提供商的託管帳號和 KYC。 我們不建議使用 BAT 作為[私密加密貨幣](cryptocurrency.md),也不建議使用[托管錢包](advanced/payments.md#other-coins-bitcoin-ethereum-etc),因此我們不建議使用此功能。 +** Brave 獎勵** 可讓您在 Brave 執行某些動作時獲得Basic Attention Token (BAT) 加密貨幣。 它依賴於由少數提供商的託管帳號和 KYC。 We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave 錢包** 在您的電腦上本地運行,但不支援任何私密加密貨幣,因此我們也不建議使用此功能。 diff --git a/i18n/zh-Hant/os/linux-overview.md b/i18n/zh-Hant/os/linux-overview.md index dd94bfdb..b3e4bcec 100644 --- a/i18n/zh-Hant/os/linux-overview.md +++ b/i18n/zh-Hant/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux 為開源、以隱私為中心的桌面作業系統替代選項,但並非所有發行版都一模一樣。 --- -**Linux** 是開源、注重隱私的桌面作業系統替代方案。 面對主流作業系統中普遍存在的遙測和其他侵犯隱私的技術,Linux 桌面仍是那些用戶希望能完全控制電腦的明智選擇。 +**Linux** 是開源、注重隱私的桌面作業系統替代方案。 In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. 我們網站通常使用術語 "Linux "來講述桌面Linux 發行版。 其它也使用Linux內核的作業系統,如 ChromeOS、Android 和Qubes OS,此處不作討論。 @@ -16,7 +16,7 @@ description: Linux 為開源、以隱私為中心的桌面作業系統替代選 - 避免商業作業系統經常出現的遙測現象 - 維護 [軟體自由](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- 使用專注隱私的系統如: [Whonix](https://whonix.org) 或 [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### 開源安全 @@ -44,7 +44,7 @@ description: Linux 為開源、以隱私為中心的桌面作業系統替代選 像 [Debian](https://debian.org/security/faq#handling)這樣的凍結發行版,套件維護人員預計會回移補丁修復漏洞,而不是將軟體提昇到上遊開發人員發布的“下一個版本”。 某些安全修復 -根本没收到 [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (特别是不流行的軟體),在此種補丁模式不會放入發行版。 因此小型安全修復有時候要等到下次主要發佈時才一起進行。

+根本没收到 [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (特别是不流行的軟體),在此種補丁模式不會放入發行版。 As a result, minor security fixes are sometimes held back until the next major release.

我們不認為保留軟體套件和應用臨時補丁是好主意,因為它偏離了開發者計畫讓軟體工作的方式。 [Richard Brown](https://rootco.de/aboutme) 對此有一份簡報: @@ -121,7 +121,7 @@ description: Linux 為開源、以隱私為中心的桌面作業系統替代選 建議使用支持 [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) 顯示協議的桌面環境,因為它的開發 [考慮到了安全](https://lwn.net/Articles/589147)。 其前身( [X11](https://en.wikipedia.org/wiki/X_Window_System)),不支持GUI 隔離,允許所有視窗[記錄畫面、日誌和注入其他視窗的輸入](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html),使任何沙盒嘗試都是徒勞。 雖然有一些選項可以做嵌套 X11,比如 [Xpra](https://en.wikipedia.org/wiki/Xpra) 或 [Xephyr](https://en.wikipedia.org/wiki/Xephyr),但它們往往會帶來負面性能,設置也不方便,不如 Wayland 可取。 -幸好 [wayland 組成](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) 例如包括在[GNOME](https://gnome.org) 與[KDE Plasma](https://kde.org) 可以妥善支援 Wayland 與其它使用[wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots)的組件 (例如 [Sway](https://swaywm.org)). 某些發佈版本如 Fedora 和 Tumbleweed 預設使用它,有些則可能在未來也會這樣作在 X11 成為 [硬性維護模式](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly)後。 如果使用以下的桌面環境,就像在桌面顯示管理器中選擇 "Wayland "一樣簡單([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)) 。 +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). 某些發佈版本如 Fedora 和 Tumbleweed 預設使用它,有些則可能在未來也會這樣作在 X11 成為 [硬性維護模式](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly)後。 如果使用以下的桌面環境,就像在桌面顯示管理器中選擇 "Wayland "一樣簡單([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)) 。 我們**反對**使用不支援 Wayland 的桌面環境或視窗管理器,如Cinnamon(Linux Mint)、Pantheon(Elementary OS)、MATE、Xfce 和 i3。 @@ -141,7 +141,7 @@ Linux 發行版,如 [Linux-libre](https://en.wikipedia.org/wiki/Linux-libre) 一些發行版(尤其是那些針對進階用戶)更加簡陋,指望使用者自己能做一些事情(例如 Arch 或 Debian) 例如需要手動運行 "軟體套件管理器" (`apt`, `pacman`, `dnf`等等),以便接收重要的安全更新。 -此外,一些發行版不會自動下載靭體更新。 为此,你将需要安装 [`fwupd`](https://wiki.archlinux.org/title/Fwupd)。 +此外,一些發行版不會自動下載靭體更新。 For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). @@ -169,7 +169,7 @@ MAC 地址隨機化主要有利於 Wi-Fi 連接。 對以太網連接,隨機 - **主機名稱 **,系統的主機名稱會分享到所連接的網路。 應避免主機名稱像你的名字或作業系統等具識別度的術語,最好用一般術語或隨機字符串。 - **用戶名稱 ** 。同樣地,用戶名稱會在系統中以各種方式使用。 考慮用 "用戶 "這樣一般常見字,而不是您的真實姓名。 -- **機器 ID:**:在安裝過程中,會生成一個獨特的機器ID 並存儲在您的設備上。 考慮 [將它設置為一個通用 ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id)。 +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. 考慮 [將它設置為一個通用 ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id)。 @@ -179,4 +179,4 @@ Fedora 專案使用[`countme`](https://fedoraproject.org/wiki/Changes/DNF_Better 這個 [選項](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) ,目前預設為關閉。 我們建議將 `countme=false` 添加到 `/etc/dnf/dnf.conf` ,以備將來啟用。 使用 `rpm-ostree` 的系統,如 Silverblue,通過遮蔽 [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) 計時器來禁用 countme 選項。 -openSUSE 還使用[唯一的 ID](https://en.opensuse.org/openSUSE:Statistics) 來計算系統,可以通過刪除 `/var/lib/zypp/AnonymousUniqueId` 檔來禁用它。 +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/zh-Hant/search-engines.md b/i18n/zh-Hant/search-engines.md index 2db8c768..3948c16f 100644 --- a/i18n/zh-Hant/search-engines.md +++ b/i18n/zh-Hant/search-engines.md @@ -32,7 +32,7 @@ The recommendations here do not collect personally identifying information (PII) **Brave Search** is a search engine developed by Brave. 該索引是針對 Google 搜索進行優化,因此與其他替代方案相比,可以提供更具上下文準確性的結果。 -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ SearXNG 是您和它所聚合的搜尋引擎之間的代理。 您的搜尋查 ### 最低合格要求 - Must not collect PII per their privacy policy. -- 不得要求使用者建立帳戶。 +- Must not require users to create an account with them. ### 最佳案例 diff --git a/i18n/zh/desktop-browsers.md b/i18n/zh/desktop-browsers.md index 3ecd8b7e..913f6322 100644 --- a/i18n/zh/desktop-browsers.md +++ b/i18n/zh/desktop-browsers.md @@ -373,7 +373,7 @@ Brave 的 Web3 功能可能会增加浏览器指纹和攻击面。 如果您不 #### Brave Rewards and Wallet -**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#other-coins-bitcoin-ethereum-etc), so we would discourage using this feature. +**Brave Rewards** lets you recieve Basic Attention Token (BAT) cryptocurrency for performing certain actions within Brave. It relies on a custodial account and KYC from a select number of providers. We do not recommend BAT as a [private cryptocurrency](cryptocurrency.md), nor do we recommend using a [custodial wallet](advanced/payments.md#wallet-custody), so we would discourage using this feature. **Brave Wallet** operates locally on your computer, but does not support any private cryptocurrencies, so we would discourage using this feature as well. diff --git a/i18n/zh/os/linux-overview.md b/i18n/zh/os/linux-overview.md index 1878ce8d..6c4ebc1f 100644 --- a/i18n/zh/os/linux-overview.md +++ b/i18n/zh/os/linux-overview.md @@ -4,7 +4,7 @@ icon: simple/linux description: Linux is an open-source, privacy-focused desktop operating system alternative, but not all distribitions are created equal. --- -**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, Linux desktop has remained the clear choice for people looking for total control over their computers from the ground up. +**Linux** is an open-source, privacy-focused desktop operating system alternative. In the face of pervasive telemetry and other privacy-encroaching technologies in mainstream operating systems, desktop Linux has remained the clear choice for people looking for total control over their computers from the ground up. Our website generally uses the term “Linux” to describe **desktop** Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed on this page. @@ -16,7 +16,7 @@ There are some notable privacy concerns with Linux which you should be aware of. - 避免专有操作系统中经常出现的遥测现象 - Maintain [software freedom](https://gnu.org/philosophy/free-sw.en.html#four-freedoms) -- Use privacy focused systems such as [Whonix](https://whonix.org) or [Tails](https://tails.net) +- Use privacy-focused systems such as [Whonix](../desktop.md#whonix) or [Tails](../desktop.md#tails) ### Open-Source Security @@ -42,7 +42,7 @@ Additionally, Linux falls behind in implementing [exploit mitigations](https://m 我们强烈建议你选择与稳定的上游软件版本接近的发行版,通常被称为滚动发行版。 这是因为冻结发布周期的发行版往往不更新软件包版本,并且在安全更新方面落后。 -For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. 因此,小的安全修复有时会被推迟到下一个主要版本。 +For frozen distributions such as [Debian](https://debian.org/security/faq#handling), package maintainers are expected to backport patches to fix vulnerabilities rather than bump the software to the “next version” released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) receive a [CVE ID](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result, minor security fixes are sometimes held back until the next major release. 我们不认为保留软件包和应用临时补丁是一个好主意,因为它偏离了开发者可能打算让软件工作的方式。 [Richard Brown](https://rootco.de/aboutme) has a presentation about this: @@ -107,7 +107,7 @@ If you require suspend-to-disk (hibernation) functionality, you will still need We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol, as it was developed with security [in mind](https://lwn.net/Articles/589147). Its predecessor ([X11](https://en.wikipedia.org/wiki/X_Window_System)) does not support GUI isolation, which allows any window to [record, log, and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences, and are neither convenient to set up nor preferable over Wayland. -Fortunately, [wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). 如果你使用的是这些环境之一,就像在桌面显示管理器中选择 "Wayland "会话一样简单([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)) 。 +Fortunately, [Wayland compositors](https://en.wikipedia.org/wiki/Wayland_(protocol)#Wayland_compositors) such as those included with [GNOME](https://gnome.org) and [KDE Plasma](https://kde.org) now have good support for Wayland along with some other compositors that use [wlroots](https://gitlab.freedesktop.org/wlroots/wlroots/-/wikis/Projects-which-use-wlroots), (e.g. [Sway](https://swaywm.org)). Some distributions like Fedora and Tumbleweed use it by default, and some others may do so in the future as X11 is in [hard maintenance mode](https://phoronix.com/news/X.Org-Maintenance-Mode-Quickly). 如果你使用的是这些环境之一,就像在桌面显示管理器中选择 "Wayland "会话一样简单([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [SDDM](https://en.wikipedia.org/wiki/Simple_Desktop_Display_Manager)) 。 我们建议 **,反对使用没有Wayland支持的桌面环境或窗口管理器,如Cinnamon(Linux Mint的默认)、Pantheon(Elementary OS的默认)、MATE、Xfce和i3。

@@ -123,7 +123,7 @@ We **highly recommend** that you install microcode updates, as they contain impo Some distributions (particularly those aimed at advanced users) are more bare bones and expect you to do things yourself (e.g. Arch or Debian). 这些将需要手动运行 "软件包管理器" (`apt`, `pacman`, `dnf`, 等等),以便接收重要的安全更新。 -此外,一些发行版将不会自动下载固件更新。 为此,你将需要安装 [`fwupd`](https://wiki.archlinux.org/title/Fwupd)。 +此外,一些发行版将不会自动下载固件更新。 For that, you will need to install [`fwupd`](https://wiki.archlinux.org/title/Fwupd). ## 隐私调整 @@ -145,7 +145,7 @@ MAC address randomization is primarily beneficial for Wi-Fi connections. For Eth - **主机名。** 你的系统的主机名是与你所连接的网络共享的。 你应该避免在你的主机名中包括像你的名字或操作系统这样的识别术语,而是坚持使用通用术语或随机字符串。 - **用户名。** 同样地,你的用户名在你的系统中以各种方式使用。 考虑使用 "用户 "这样的通用术语,而不是你的真实姓名。 -- **机器ID:**:在安装过程中,会生成一个独特的机器ID并存储在你的设备上。 考虑 [,将其设置为一个通用的ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id)。 +- **Machine ID:** During installation, a unique machine ID is generated and stored on your device. 考虑 [,将其设置为一个通用的ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id)。 ### 系统计数 @@ -153,4 +153,4 @@ Fedora 项目 [通过使用一个 [`countme`](https://fedoraproject.org/wiki/Cha 这个 [选项](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) ,目前默认是关闭的。 我们建议将 `countme=false` 添加到 `/etc/dnf/dnf.conf` ,以备将来启用它。 On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems) timer. -openSUSE 还使用一个 [唯一的 ID](https://en.opensuse.org/openSUSE:Statistics) 来计算系统,可以通过删除 `/var/lib/zypp/AnonymousUniqueId` 文件来禁用它。 +openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by emptying the `/var/lib/zypp/AnonymousUniqueId` file. diff --git a/i18n/zh/search-engines.md b/i18n/zh/search-engines.md index fde1f708..3c1427cc 100644 --- a/i18n/zh/search-engines.md +++ b/i18n/zh/search-engines.md @@ -32,7 +32,7 @@ Consider using a [VPN](vpn.md) or [Tor](tor.md) if your threat model requires hi **Brave Search** is a search engine developed by Brave. The index is optimized against Google Search and therefore may provide more contextually accurate results compared to other alternatives. -Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results—such as forum posts. +Brave Search includes unique features such as [Discussions](https://search.brave.com/help/discussions), which highlights conversation-focused results such as forum posts. [:octicons-home-16: Homepage](https://search.brave.com){ .md-button .md-button--primary } [:simple-torbrowser:](https://search.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } @@ -43,6 +43,8 @@ Brave Search includes unique features such as [Discussions](https://search.brave +Note that if you use Brave Search while logged in to a Premium account, it may make it easier for Brave to correlate queries with specific users. + We recommend you disable [Anonymous usage metrics](https://search.brave.com/help/usage-metrics) as it is enabled by default and can be disabled within settings. ### DuckDuckGo @@ -121,7 +123,7 @@ When you are using a SearXNG instance, be sure to go read their privacy policy. ### Minimum Requirements - Must not collect PII per their privacy policy. -- Must not allow users to create an account with them. +- Must not require users to create an account with them. ### Best-Case