- { .twemoji loading=lazy } [Cryptomator](encryption.md#cryptomator-cloud)
@@ -418,7 +420,7 @@ For encrypting your operating system drive, we typically recommend using whichev
[Saiba mais :material-arrow-right-drop-circle:](encryption.md)
-#### Clientes OpenPGP
+#### OpenPGP Clients
@@ -605,7 +607,7 @@ For encrypting your operating system drive, we typically recommend using whichev
[Saiba mais :material-arrow-right-drop-circle:](android/distributions.md)
-#### Aplicativos Android
+#### Android Apps
diff --git a/i18n/pt/encryption.md b/i18n/pt/encryption.md
index d33c7d29..c78c82d3 100644
--- a/i18n/pt/encryption.md
+++ b/i18n/pt/encryption.md
@@ -10,7 +10,7 @@ cover: encryption.webp
## Multi-plataforma
-As opções listadas aqui são multi-plataforma e excelentes para criar backups criptografados dos seus dados.
+The options listed here are available on multiple platforms and great for creating encrypted backups of your data.
### VeraCrypt
@@ -124,21 +124,21 @@ When encrypting with VeraCrypt, you have the option to select from different [ha
Truecrypt has been [audited a number of times](https://en.wikipedia.org/wiki/TrueCrypt#Security_audits), and VeraCrypt has also been [audited separately](https://en.wikipedia.org/wiki/VeraCrypt#VeraCrypt_audit).
-## Sistema operacional incluído Criptografia de disco completo (FDE)
+## Operating System Encryption
Protects against the following threat(s):
- [:material-target-account: Ataques direcionados](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
-For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
+Built-in OS encryption solutions generally leverage hardware security features such as a [secure cryptoprocessor](basics/hardware.md#tpmsecure-cryptoprocessor). Therefore, we recommend using the built-in encryption solutions for your operating system. For cross-platform encryption, we still recommend [cross-platform tools](#multi-platform) for additional flexibility and to avoid vendor lock-in.
### BitLocker
-{ align=right }
+{ align=right }
-**BitLocker** é a solução de encriptação de volume completo, em conjunto com o Microsoft Windows. The main reason we recommend it for encrypting your boot drive is because of its [use of TPM](https://learn.microsoft.com/windows/security/information-protection/tpm/how-windows-uses-the-tpm). ElcomSoft, a forensics company, has written about this feature in [Understanding BitLocker TPM Protection](https://blog.elcomsoft.com/2021/01/understanding-BitLocker-tpm-protection).
+**BitLocker** is the full volume encryption solution bundled with Microsoft Windows that uses the Trusted Platform Module ([TPM](https://learn.microsoft.com/windows/security/information-protection/tpm/how-windows-uses-the-tpm)) for hardware-based security.
[:octicons-info-16:](https://learn.microsoft.com/windows/security/information-protection/BitLocker/BitLocker-overview){ .card-link title="Documentation" }
@@ -146,7 +146,7 @@ For encrypting the drive your operating system boots from, we generally recommen
-BitLocker is [only supported](https://support.microsoft.com/windows/turn-on-device-encryption-0c453637-bc88-5f74-5105-741561aae838) on Pro, Enterprise and Education editions of Windows. It can be enabled on Home editions provided that they meet the prerequisites.
+BitLocker is [officially supported](https://support.microsoft.com/windows/turn-on-device-encryption-0c453637-bc88-5f74-5105-741561aae838) on the Pro, Enterprise, and Education editions of Windows. It can be enabled on Home editions provided that they meet the following prerequisites.
Enabling BitLocker on Windows Home
@@ -196,7 +196,7 @@ Backup `BitLocker-Recovery-Key.txt` on your Desktop to a separate storage device
{ align=right }
-**FileVault** é a solução de encriptação de volume on-the-fly integrada em macOS. FileVault é recomendado porque [leverages](https://support.apple.com/guide/security/volume-encryption-with-filevault-sec4c6dc1b6e/web) recursos de segurança de hardware presentes em um SoC de silício Apple ou Chip de Segurança T2.
+**FileVault** é a solução de encriptação de volume on-the-fly integrada em macOS. FileVault takes advantage of the [hardware security capabilities](os/macos-overview.md#hardware-security) present on an Apple silicon SoC or T2 Security Chip.
[:octicons-info-16:](https://support.apple.com/guide/mac-help/encrypt-mac-data-with-filevault-mh11785/mac){ .card-link title="Documentation" }
@@ -204,7 +204,7 @@ Backup `BitLocker-Recovery-Key.txt` on your Desktop to a separate storage device
-We recommend storing a local recovery key in a secure place as opposed to using your iCloud account for recovery.
+We advise against using your iCloud account for recovery; instead, you should securely store a local recovery key on a separate storage device.
### Configuração da Chave Unificada Linux (LUKS)
@@ -386,7 +386,7 @@ We suggest [Canary Mail](email-clients.md#canary-mail-ios) for using PGP with em
{ align=right }
-**GPG Suite** provides OpenPGP support for [Apple Mail](email-clients.md#apple-mail-macos) and macOS.
+**GPG Suite** provides OpenPGP support for [Apple Mail](email-clients.md#apple-mail-macos) and other email clients on macOS.
We recommend taking a look at their [First steps](https://gpgtools.tenderapp.com/kb/how-to/first-steps-where-do-i-start-where-do-i-begin-setup-gpgtools-create-a-new-key-your-first-encrypted-email) and [Knowledge Base](https://gpgtools.tenderapp.com/kb) for support.
@@ -404,15 +404,15 @@ We recommend taking a look at their [First steps](https://gpgtools.tenderapp.com
-Currently, GPG Suite does [not yet](https://gpgtools.com/sonoma) have a stable release for macOS Sonoma.
+Currently, GPG Suite does [not yet](https://gpgtools.com/sequoia) have a stable release for macOS Sonoma and later.
### OpenKeychain
-{ align=right }
+{ align=right }
-**OpenKeychain** é uma implementação Android do GnuPG. It's commonly required by mail clients such as [Thunderbird](email-clients.md#thunderbird) and [FairEmail](email-clients.md#fairemail-android) and other Android apps to provide encryption support. Cure53 completed a [security audit](https://openkeychain.org/openkeychain-3-6) of OpenKeychain 3.6 in October 2015. Detalhes técnicos sobre a auditoria e as soluções OpenKeychain podem ser encontrados [here](https://github.com/open-keychain/open-keychain/wiki/cure53-Security-Audit-2015).
+**OpenKeychain** is an implementation of GnuPG for Android. It's commonly required by mail clients such as [Thunderbird](email-clients.md#thunderbird), [FairEmail](email-clients.md#fairemail-android), and other Android apps to provide encryption support.
[:octicons-home-16: Homepage](https://openkeychain.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://openkeychain.org/help/privacy-policy){ .card-link title="Privacy Policy" }
@@ -428,6 +428,8 @@ Currently, GPG Suite does [not yet](https://gpgtools.com/sonoma) have a stable r
+Cure53 completed a [security audit](https://openkeychain.org/openkeychain-3-6) of OpenKeychain 3.6 in October 2015. The published audit and OpenKeychain's solutions to the issues raised in the audit can be found [here](https://github.com/open-keychain/open-keychain/wiki/cure53-Security-Audit-2015).
+
## Framadate
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
diff --git a/i18n/pt/os/macos-overview.md b/i18n/pt/os/macos-overview.md
index 1ebc2fa9..6af93239 100644
--- a/i18n/pt/os/macos-overview.md
+++ b/i18n/pt/os/macos-overview.md
@@ -122,7 +122,7 @@ Decide whether you want personalized ads based on your usage.
##### FileVault
-On modern devices with a Secure Enclave (Apple T2 Security Chip, Apple silicon), your data is always encrypted, but is decrypted automatically by a hardware key if your device doesn't detect it's been tampered with. Enabling FileVault additionally requires your password to decrypt your data, greatly improving security, especially when powered off or before the first login after powering on.
+On modern devices with a Secure Enclave (Apple T2 Security Chip, Apple silicon), your data is always encrypted, but is decrypted automatically by a hardware key if your device doesn't detect it's been tampered with. Enabling [FileVault](../encryption.md#filevault) additionally requires your password to decrypt your data, greatly improving security, especially when powered off or before the first login after powering on.
On older Intel-based Mac computers, FileVault is the only form of disk encryption available by default, and should always be enabled.
@@ -234,7 +234,7 @@ We recommend against installing third-party antivirus software as they typically
##### Cópias de segurança
-macOS comes with automatic backup software called [Time Machine](https://support.apple.com/HT201250), so you can create encrypted backups to an external or network drive in the event of corrupted/deleted files.
+macOS comes with automatic backup software called [Time Machine](https://support.apple.com/HT201250), so you can create encrypted backups to an external drive or a network drive in the event of corrupted/deleted files.
### Hardware Security
diff --git a/i18n/pt/tools.md b/i18n/pt/tools.md
index e23c0b45..74b8d33e 100644
--- a/i18n/pt/tools.md
+++ b/i18n/pt/tools.md
@@ -398,14 +398,16 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
### Software de encriptação
- { .twemoji loading=lazy } [Cryptomator](encryption.md#cryptomator-cloud)
@@ -418,7 +420,7 @@ For encrypting your operating system drive, we typically recommend using whichev
[Saiba mais :material-arrow-right-drop-circle:](encryption.md)
-#### Clientes OpenPGP
+#### OpenPGP Clients
@@ -605,7 +607,7 @@ For encrypting your operating system drive, we typically recommend using whichev
[Saiba mais :material-arrow-right-drop-circle:](android/distributions.md)
-#### Aplicações Android
+#### Android Apps
diff --git a/i18n/ru/encryption.md b/i18n/ru/encryption.md
index 8df10ee8..03f9e983 100644
--- a/i18n/ru/encryption.md
+++ b/i18n/ru/encryption.md
@@ -10,7 +10,7 @@ cover: encryption.webp
## Мультиплатформенные приложения
-Перечисленные здесь программы являются многоплатформенными и отлично подходят для создания зашифрованных резервных копий ваших данных.
+The options listed here are available on multiple platforms and great for creating encrypted backups of your data.
### Cryptomator (Облако)
@@ -115,21 +115,21 @@ VeraCrypt - это форк, прекратившего свое существ
Аудит Truecrypt проводился [несколько раз](https://en.wikipedia.org/wiki/TrueCrypt#Security_audits). Veracrypt [проходил](https://en.wikipedia.org/wiki/VeraCrypt#VeraCrypt_audit) аудит уже отдельно.
-## Шифрование всего диска
+## Operating System Encryption
Protects against the following threat(s):
- [:material-target-account: Целевые атаки](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
-For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
+Built-in OS encryption solutions generally leverage hardware security features such as a [secure cryptoprocessor](basics/hardware.md#tpmsecure-cryptoprocessor). Therefore, we recommend using the built-in encryption solutions for your operating system. For cross-platform encryption, we still recommend [cross-platform tools](#multi-platform) for additional flexibility and to avoid vendor lock-in.
### BitLocker
-{ align=right }
+{ align=right }
-**BitLocker** - решение для полного шифрования диска в Microsoft Windows. The main reason we recommend it for encrypting your boot drive is because of its [use of TPM](https://learn.microsoft.com/windows/security/information-protection/tpm/how-windows-uses-the-tpm). ElcomSoft, a forensics company, has written about this feature in [Understanding BitLocker TPM Protection](https://blog.elcomsoft.com/2021/01/understanding-BitLocker-tpm-protection).
+**BitLocker** is the full volume encryption solution bundled with Microsoft Windows that uses the Trusted Platform Module ([TPM](https://learn.microsoft.com/windows/security/information-protection/tpm/how-windows-uses-the-tpm)) for hardware-based security.
[:octicons-info-16:](https://learn.microsoft.com/windows/security/information-protection/BitLocker/BitLocker-overview){ .card-link title="Documentation" }
@@ -137,7 +137,7 @@ For encrypting the drive your operating system boots from, we generally recommen
-BitLocker is [only supported](https://support.microsoft.com/windows/turn-on-device-encryption-0c453637-bc88-5f74-5105-741561aae838) on Pro, Enterprise and Education editions of Windows. Эту функцию можно включить и в Home версии при соответствии условиям.
+BitLocker is [officially supported](https://support.microsoft.com/windows/turn-on-device-encryption-0c453637-bc88-5f74-5105-741561aae838) on the Pro, Enterprise, and Education editions of Windows. It can be enabled on Home editions provided that they meet the following prerequisites.
Enabling BitLocker on Windows Home
@@ -187,7 +187,7 @@ To enable BitLocker on "Home" editions of Windows, you must have partitions form
{ align=right }
-**FileVault** - это решение для шифрования томов "на лету", встроенное в macOS. FileVault рекомендуется, поскольку он [использует](https://support.apple.com/guide/security/volume-encryption-with-filevault-sec4c6dc1b6e/web) аппаратные возможности безопасности, представленные в SoC процессорах Apple или чипе безопасности T2.
+**FileVault** - это решение для шифрования томов "на лету", встроенное в macOS. FileVault takes advantage of the [hardware security capabilities](os/macos-overview.md#hardware-security) present on an Apple silicon SoC or T2 Security Chip.
[:octicons-info-16:](https://support.apple.com/guide/mac-help/encrypt-mac-data-with-filevault-mh11785/mac){ .card-link title="Documentation" }
@@ -195,7 +195,7 @@ To enable BitLocker on "Home" editions of Windows, you must have partitions form
-Мы рекомендуем хранить локальный ключ восстановления в надежном месте, а не использовать для восстановления учетную запись iCloud.
+We advise against using your iCloud account for recovery; instead, you should securely store a local recovery key on a separate storage device.
### Linux Unified Key Setup (LUKS)
@@ -377,7 +377,7 @@ We suggest [Canary Mail](email-clients.md#canary-mail-ios) for using PGP with em
{ align=right }
-**GPG Suite** provides OpenPGP support for [Apple Mail](email-clients.md#apple-mail-macos) and macOS.
+**GPG Suite** provides OpenPGP support for [Apple Mail](email-clients.md#apple-mail-macos) and other email clients on macOS.
We recommend taking a look at their [First steps](https://gpgtools.tenderapp.com/kb/how-to/first-steps-where-do-i-start-where-do-i-begin-setup-gpgtools-create-a-new-key-your-first-encrypted-email) and [Knowledge Base](https://gpgtools.tenderapp.com/kb) for support.
@@ -395,15 +395,15 @@ We recommend taking a look at their [First steps](https://gpgtools.tenderapp.com
-Currently, GPG Suite does [not yet](https://gpgtools.com/sonoma) have a stable release for macOS Sonoma.
+Currently, GPG Suite does [not yet](https://gpgtools.com/sequoia) have a stable release for macOS Sonoma and later.
### OpenKeychain
-{ align=right }
+{ align=right }
-**OpenKeychain** - это Android-реализация GnuPG. It's commonly required by mail clients such as [Thunderbird](email-clients.md#thunderbird) and [FairEmail](email-clients.md#fairemail-android) and other Android apps to provide encryption support. Cure53 completed a [security audit](https://openkeychain.org/openkeychain-3-6) of OpenKeychain 3.6 in October 2015. Технические подробности об аудите и решениях OpenKeychain можно найти на сайте [здесь](https://github.com/open-keychain/open-keychain/wiki/cure53-Security-Audit-2015).
+**OpenKeychain** is an implementation of GnuPG for Android. It's commonly required by mail clients such as [Thunderbird](email-clients.md#thunderbird), [FairEmail](email-clients.md#fairemail-android), and other Android apps to provide encryption support.
[:octicons-home-16: Homepage](https://openkeychain.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://openkeychain.org/help/privacy-policy){ .card-link title="Privacy Policy" }
@@ -419,6 +419,8 @@ Currently, GPG Suite does [not yet](https://gpgtools.com/sonoma) have a stable r
+Cure53 completed a [security audit](https://openkeychain.org/openkeychain-3-6) of OpenKeychain 3.6 in October 2015. The published audit and OpenKeychain's solutions to the issues raised in the audit can be found [here](https://github.com/open-keychain/open-keychain/wiki/cure53-Security-Audit-2015).
+
## Критерии
**Обрати внимание, что у нас нет связей ни с одним проектом, который мы рекомендуем.** В дополнение к [нашим стандартным критериям](about/criteria.md) мы разработали четкий набор требований, позволяющий давать объективные рекомендации. Перед тем, как вы решите выбрать какой-либо проект, мы рекомендуем вам ознакомиться со списком критериев и провести собственное исследование, чтобы убедиться в правильности своего выбора.
diff --git a/i18n/ru/os/macos-overview.md b/i18n/ru/os/macos-overview.md
index ddb22a72..f8a8dcdf 100644
--- a/i18n/ru/os/macos-overview.md
+++ b/i18n/ru/os/macos-overview.md
@@ -122,7 +122,7 @@ Decide whether you want personalized ads based on your usage.
##### FileVault
-On modern devices with a Secure Enclave (Apple T2 Security Chip, Apple silicon), your data is always encrypted, but is decrypted automatically by a hardware key if your device doesn't detect it's been tampered with. Enabling FileVault additionally requires your password to decrypt your data, greatly improving security, especially when powered off or before the first login after powering on.
+On modern devices with a Secure Enclave (Apple T2 Security Chip, Apple silicon), your data is always encrypted, but is decrypted automatically by a hardware key if your device doesn't detect it's been tampered with. Enabling [FileVault](../encryption.md#filevault) additionally requires your password to decrypt your data, greatly improving security, especially when powered off or before the first login after powering on.
On older Intel-based Mac computers, FileVault is the only form of disk encryption available by default, and should always be enabled.
@@ -234,7 +234,7 @@ We recommend against installing third-party antivirus software as they typically
##### Резервное копирование
-macOS comes with automatic backup software called [Time Machine](https://support.apple.com/HT201250), so you can create encrypted backups to an external or network drive in the event of corrupted/deleted files.
+macOS comes with automatic backup software called [Time Machine](https://support.apple.com/HT201250), so you can create encrypted backups to an external drive or a network drive in the event of corrupted/deleted files.
### Hardware Security
diff --git a/i18n/ru/tools.md b/i18n/ru/tools.md
index 668c6bd0..b2a245f1 100644
--- a/i18n/ru/tools.md
+++ b/i18n/ru/tools.md
@@ -398,14 +398,16 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
### Инструменты для шифрования
-Operating System Disk Encryption
+Operating System Encryption
-For encrypting your operating system drive, we typically recommend using whichever encryption tool your operating system provides, whether that is **BitLocker** on Windows, **FileVault** on macOS, or **LUKS** on Linux. Эти инструменты доступны "из коробки" и обычно используют аппаратные элементы шифрования, такие как TPM, чего не делают другие программы для шифрования диска, такие как VeraCrypt. Однако VeraCrypt по-прежнему подходит для дисков, не относящихся к операционной системе (внешние диски), и к таким дискам, доступ к которым может осуществляться из нескольких операционных систем.
+For encrypting your OS drive, we typically recommend using the encryption tool your operating system provides, whether that is **BitLocker** on Windows, **FileVault** on macOS, or **LUKS** on Linux. These tools are included with the operating system and take advantage of hardware encryption elements such as a [secure cryptoprocessor](basics/hardware.md/#tpmsecure-cryptoprocessor).
-[Узнать больше :material-arrow-right-drop-circle:](encryption.md#os-full-disk-encryption)
+[Узнать больше :material-arrow-right-drop-circle:](encryption.md#operating-system-encryption)
+#### Cross-platform Tools
+
- { .twemoji loading=lazy } [Cryptomator](encryption.md#cryptomator-cloud)
@@ -418,7 +420,7 @@ For encrypting your operating system drive, we typically recommend using whichev
[Узнать больше :material-arrow-right-drop-circle:](encryption.md)
-#### Клиенты OpenPGP
+#### OpenPGP Clients
@@ -605,7 +607,7 @@ For encrypting your operating system drive, we typically recommend using whichev
[Узнать больше :material-arrow-right-drop-circle:](android/distributions.md)
-#### Приложения для Android
+#### Android Apps
diff --git a/i18n/sv/encryption.md b/i18n/sv/encryption.md
index bd48e8a9..b1236494 100644
--- a/i18n/sv/encryption.md
+++ b/i18n/sv/encryption.md
@@ -10,7 +10,7 @@ cover: encryption.webp
## Multiplattform
-De alternativ som anges här är flera plattformar och bra för att skapa krypterade säkerhetskopior av dina data.
+The options listed here are available on multiple platforms and great for creating encrypted backups of your data.
### Cryptomator (moln)
@@ -115,21 +115,21 @@ När du krypterar med VeraCrypt kan du välja mellan olika hashfunktioner [](htt
Truecrypt har granskats [ett antal gånger](https://en.wikipedia.org/wiki/TrueCrypt#Security_audits), och VeraCrypt har också granskats [separat](https://en.wikipedia.org/wiki/VeraCrypt#VeraCrypt_audit).
-## Fullständig diskkryptering
+## Operating System Encryption
Protects against the following threat(s):
- [:material-target-account: Riktade attacker](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
-For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
+Built-in OS encryption solutions generally leverage hardware security features such as a [secure cryptoprocessor](basics/hardware.md#tpmsecure-cryptoprocessor). Therefore, we recommend using the built-in encryption solutions for your operating system. For cross-platform encryption, we still recommend [cross-platform tools](#multi-platform) for additional flexibility and to avoid vendor lock-in.
### BitLocker
-{ align=right }
+{ align=right }
-**BitLocker** är den lösning för fullständig volymkryptering som ingår i Microsoft Windows. The main reason we recommend it for encrypting your boot drive is because of its [use of TPM](https://learn.microsoft.com/windows/security/information-protection/tpm/how-windows-uses-the-tpm). ElcomSoft, a forensics company, has written about this feature in [Understanding BitLocker TPM Protection](https://blog.elcomsoft.com/2021/01/understanding-BitLocker-tpm-protection).
+**BitLocker** is the full volume encryption solution bundled with Microsoft Windows that uses the Trusted Platform Module ([TPM](https://learn.microsoft.com/windows/security/information-protection/tpm/how-windows-uses-the-tpm)) for hardware-based security.
[:octicons-info-16:](https://learn.microsoft.com/windows/security/information-protection/BitLocker/BitLocker-overview){ .card-link title="Documentation" }
@@ -137,7 +137,7 @@ For encrypting the drive your operating system boots from, we generally recommen
-BitLocker is [only supported](https://support.microsoft.com/windows/turn-on-device-encryption-0c453637-bc88-5f74-5105-741561aae838) on Pro, Enterprise and Education editions of Windows. Den kan aktiveras i Home-utgåvorna om de uppfyller förutsättningarna.
+BitLocker is [officially supported](https://support.microsoft.com/windows/turn-on-device-encryption-0c453637-bc88-5f74-5105-741561aae838) on the Pro, Enterprise, and Education editions of Windows. It can be enabled on Home editions provided that they meet the following prerequisites.
Enabling BitLocker on Windows Home
@@ -187,7 +187,7 @@ Säkerhetskopiera `BitLocker-Recovery-Key.txt` på skrivbordet till en separat l
{ align=right }
-**FileVault** är en lösning för volymkryptering i farten som är inbyggd i macOS. FileVault rekommenderas eftersom det finns [leverages](https://support.apple.com/guide/security/volume-encryption-with-filevault-sec4c6dc1b6e/web) maskinvarusäkerhetsfunktioner på ett Apple Silicon SoC- eller T2-säkerhetschip.
+**FileVault** är en lösning för volymkryptering i farten som är inbyggd i macOS. FileVault takes advantage of the [hardware security capabilities](os/macos-overview.md#hardware-security) present on an Apple silicon SoC or T2 Security Chip.
[:octicons-info-16:](https://support.apple.com/guide/mac-help/encrypt-mac-data-with-filevault-mh11785/mac){ .card-link title="Documentation" }
@@ -195,7 +195,7 @@ Säkerhetskopiera `BitLocker-Recovery-Key.txt` på skrivbordet till en separat l
-Vi rekommenderar att du lagrar en lokal återställningsnyckel på en säker plats i stället för att använda ditt iCloud-konto för återställning.
+We advise against using your iCloud account for recovery; instead, you should securely store a local recovery key on a separate storage device.
### Linux Unified Key Setup
@@ -377,7 +377,7 @@ We suggest [Canary Mail](email-clients.md#canary-mail-ios) for using PGP with em
{ align=right }
-**GPG Suite** provides OpenPGP support for [Apple Mail](email-clients.md#apple-mail-macos) and macOS.
+**GPG Suite** provides OpenPGP support for [Apple Mail](email-clients.md#apple-mail-macos) and other email clients on macOS.
We recommend taking a look at their [First steps](https://gpgtools.tenderapp.com/kb/how-to/first-steps-where-do-i-start-where-do-i-begin-setup-gpgtools-create-a-new-key-your-first-encrypted-email) and [Knowledge Base](https://gpgtools.tenderapp.com/kb) for support.
@@ -395,15 +395,15 @@ We recommend taking a look at their [First steps](https://gpgtools.tenderapp.com
-Currently, GPG Suite does [not yet](https://gpgtools.com/sonoma) have a stable release for macOS Sonoma.
+Currently, GPG Suite does [not yet](https://gpgtools.com/sequoia) have a stable release for macOS Sonoma and later.
### OpenKeychain
-{ align=right }
+{ align=right }
-**OpenKeychain** är en Android-implementering av GnuPG. It's commonly required by mail clients such as [Thunderbird](email-clients.md#thunderbird) and [FairEmail](email-clients.md#fairemail-android) and other Android apps to provide encryption support. Cure53 completed a [security audit](https://openkeychain.org/openkeychain-3-6) of OpenKeychain 3.6 in October 2015. Tekniska detaljer om granskningen och OpenKeychains lösningar finns på [here](https://github.com/open-keychain/open-keychain/wiki/cure53-Security-Audit-2015).
+**OpenKeychain** is an implementation of GnuPG for Android. It's commonly required by mail clients such as [Thunderbird](email-clients.md#thunderbird), [FairEmail](email-clients.md#fairemail-android), and other Android apps to provide encryption support.
[:octicons-home-16: Homepage](https://openkeychain.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://openkeychain.org/help/privacy-policy){ .card-link title="Privacy Policy" }
@@ -419,6 +419,8 @@ Currently, GPG Suite does [not yet](https://gpgtools.com/sonoma) have a stable r
+Cure53 completed a [security audit](https://openkeychain.org/openkeychain-3-6) of OpenKeychain 3.6 in October 2015. The published audit and OpenKeychain's solutions to the issues raised in the audit can be found [here](https://github.com/open-keychain/open-keychain/wiki/cure53-Security-Audit-2015).
+
## Kriterier
**Observera att vi inte är knutna till något av de projekt som vi rekommenderar.** Förutom [våra standardkriterier](about/criteria.md)har vi utvecklat en tydlig uppsättning krav som gör det möjligt för oss att ge objektiva rekommendationer. Vi föreslår att du bekantar dig med den här listan innan du väljer att använda ett projekt, och att du gör din egen forskning för att se till att det är rätt val för dig.
diff --git a/i18n/sv/os/macos-overview.md b/i18n/sv/os/macos-overview.md
index 6c147ae2..31315479 100644
--- a/i18n/sv/os/macos-overview.md
+++ b/i18n/sv/os/macos-overview.md
@@ -122,7 +122,7 @@ Decide whether you want personalized ads based on your usage.
##### FileVault
-On modern devices with a Secure Enclave (Apple T2 Security Chip, Apple silicon), your data is always encrypted, but is decrypted automatically by a hardware key if your device doesn't detect it's been tampered with. Enabling FileVault additionally requires your password to decrypt your data, greatly improving security, especially when powered off or before the first login after powering on.
+On modern devices with a Secure Enclave (Apple T2 Security Chip, Apple silicon), your data is always encrypted, but is decrypted automatically by a hardware key if your device doesn't detect it's been tampered with. Enabling [FileVault](../encryption.md#filevault) additionally requires your password to decrypt your data, greatly improving security, especially when powered off or before the first login after powering on.
On older Intel-based Mac computers, FileVault is the only form of disk encryption available by default, and should always be enabled.
@@ -234,7 +234,7 @@ We recommend against installing third-party antivirus software as they typically
##### Säkerhetskopior
-macOS comes with automatic backup software called [Time Machine](https://support.apple.com/HT201250), so you can create encrypted backups to an external or network drive in the event of corrupted/deleted files.
+macOS comes with automatic backup software called [Time Machine](https://support.apple.com/HT201250), so you can create encrypted backups to an external drive or a network drive in the event of corrupted/deleted files.
### Hardware Security
diff --git a/i18n/sv/tools.md b/i18n/sv/tools.md
index 359f8c52..eb68b460 100644
--- a/i18n/sv/tools.md
+++ b/i18n/sv/tools.md
@@ -398,14 +398,16 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
### Programvara för kryptering
-Operating System Disk Encryption
+Operating System Encryption
-For encrypting your operating system drive, we typically recommend using whichever encryption tool your operating system provides, whether that is **BitLocker** on Windows, **FileVault** on macOS, or **LUKS** on Linux. Dessa verktyg ingår i operativsystemet och använder vanligtvis hårdvarukrypteringselement, t. ex. en TPM, som andra krypteringsprogram för hela hårddiskar, t. ex. VeraCrypt, inte gör. VeraCrypt lämpar sig fortfarande för diskar som inte är i driftssystemet, t. ex. externa enheter, särskilt enheter som kan nås från flera olika operativsystem.
+For encrypting your OS drive, we typically recommend using the encryption tool your operating system provides, whether that is **BitLocker** on Windows, **FileVault** on macOS, or **LUKS** on Linux. These tools are included with the operating system and take advantage of hardware encryption elements such as a [secure cryptoprocessor](basics/hardware.md/#tpmsecure-cryptoprocessor).
-[Läs mer :material-arrow-right-drop-circle:](encryption.md#os-full-disk-encryption)
+[Läs mer :material-arrow-right-drop-circle:](encryption.md#operating-system-encryption)
+#### Cross-platform Tools
+
- { .twemoji loading=lazy } [Cryptomator](encryption.md#cryptomator-cloud)
@@ -418,7 +420,7 @@ For encrypting your operating system drive, we typically recommend using whichev
[Läs mer :material-arrow-right-drop-circle:](encryption.md)
-#### OpenPGP-klienter
+#### OpenPGP Clients
@@ -605,7 +607,7 @@ For encrypting your operating system drive, we typically recommend using whichev
[Läs mer :material-arrow-right-drop-circle:](android/distributions.md)
-#### Android-app
+#### Android Apps
diff --git a/i18n/tr/encryption.md b/i18n/tr/encryption.md
index 3de78325..b75e2598 100644
--- a/i18n/tr/encryption.md
+++ b/i18n/tr/encryption.md
@@ -10,7 +10,7 @@ cover: encryption.webp
## Multi-platform
-The options listed here are multi-platform and great for creating encrypted backups of your data.
+The options listed here are available on multiple platforms and great for creating encrypted backups of your data.
### Cryptomator (Cloud)
@@ -115,13 +115,13 @@ When encrypting with VeraCrypt, you have the option to select from different [ha
Truecrypt has been [audited a number of times](https://en.wikipedia.org/wiki/TrueCrypt#Security_audits), and VeraCrypt has also been [audited separately](https://en.wikipedia.org/wiki/VeraCrypt#VeraCrypt_audit).
-## OS Full Disk Encryption
+## Operating System Encryption
Protects against the following threat(s):
- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
-For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
+Built-in OS encryption solutions generally leverage hardware security features such as a [secure cryptoprocessor](basics/hardware.md#tpmsecure-cryptoprocessor). Therefore, we recommend using the built-in encryption solutions for your operating system. For cross-platform encryption, we still recommend [cross-platform tools](#multi-platform) for additional flexibility and to avoid vendor lock-in.
### BitLocker
@@ -129,7 +129,7 @@ For encrypting the drive your operating system boots from, we generally recommen
{ align=right }
-**BitLocker** is the full volume encryption solution bundled with Microsoft Windows. The main reason we recommend it for encrypting your boot drive is because of its [use of TPM](https://learn.microsoft.com/windows/security/information-protection/tpm/how-windows-uses-the-tpm). ElcomSoft, a forensics company, has written about this feature in [Understanding BitLocker TPM Protection](https://blog.elcomsoft.com/2021/01/understanding-BitLocker-tpm-protection).
+**BitLocker** is the full volume encryption solution bundled with Microsoft Windows that uses the Trusted Platform Module ([TPM](https://learn.microsoft.com/windows/security/information-protection/tpm/how-windows-uses-the-tpm)) for hardware-based security.
[:octicons-info-16:](https://learn.microsoft.com/windows/security/information-protection/BitLocker/BitLocker-overview){ .card-link title="Documentation" }
@@ -137,7 +137,7 @@ For encrypting the drive your operating system boots from, we generally recommen
-BitLocker is [only supported](https://support.microsoft.com/windows/turn-on-device-encryption-0c453637-bc88-5f74-5105-741561aae838) on Pro, Enterprise and Education editions of Windows. It can be enabled on Home editions provided that they meet the prerequisites.
+BitLocker is [officially supported](https://support.microsoft.com/windows/turn-on-device-encryption-0c453637-bc88-5f74-5105-741561aae838) on the Pro, Enterprise, and Education editions of Windows. It can be enabled on Home editions provided that they meet the following prerequisites.
Enabling BitLocker on Windows Home
@@ -187,7 +187,7 @@ Backup `BitLocker-Recovery-Key.txt` on your Desktop to a separate storage device
{ align=right }
-**FileVault** is the on-the-fly volume encryption solution built into macOS. FileVault is recommended because it [leverages](https://support.apple.com/guide/security/volume-encryption-with-filevault-sec4c6dc1b6e/web) hardware security capabilities present on an Apple silicon SoC or T2 Security Chip.
+**FileVault** is the on-the-fly volume encryption solution built into macOS. FileVault takes advantage of the [hardware security capabilities](os/macos-overview.md#hardware-security) present on an Apple silicon SoC or T2 Security Chip.
[:octicons-info-16:](https://support.apple.com/guide/mac-help/encrypt-mac-data-with-filevault-mh11785/mac){ .card-link title="Documentation" }
@@ -195,7 +195,7 @@ Backup `BitLocker-Recovery-Key.txt` on your Desktop to a separate storage device
-We recommend storing a local recovery key in a secure place as opposed to using your iCloud account for recovery.
+We advise against using your iCloud account for recovery; instead, you should securely store a local recovery key on a separate storage device.
### Linux Unified Key Setup
@@ -377,7 +377,7 @@ We suggest [Canary Mail](email-clients.md#canary-mail-ios) for using PGP with em
{ align=right }
-**GPG Suite** provides OpenPGP support for [Apple Mail](email-clients.md#apple-mail-macos) and macOS.
+**GPG Suite** provides OpenPGP support for [Apple Mail](email-clients.md#apple-mail-macos) and other email clients on macOS.
We recommend taking a look at their [First steps](https://gpgtools.tenderapp.com/kb/how-to/first-steps-where-do-i-start-where-do-i-begin-setup-gpgtools-create-a-new-key-your-first-encrypted-email) and [Knowledge Base](https://gpgtools.tenderapp.com/kb) for support.
@@ -395,7 +395,7 @@ We recommend taking a look at their [First steps](https://gpgtools.tenderapp.com
-Currently, GPG Suite does [not yet](https://gpgtools.com/sonoma) have a stable release for macOS Sonoma.
+Currently, GPG Suite does [not yet](https://gpgtools.com/sequoia) have a stable release for macOS Sonoma and later.
### OpenKeychain
@@ -403,7 +403,7 @@ Currently, GPG Suite does [not yet](https://gpgtools.com/sonoma) have a stable r
{ align=right }
-**OpenKeychain** is an Android implementation of GnuPG. It's commonly required by mail clients such as [Thunderbird](email-clients.md#thunderbird) and [FairEmail](email-clients.md#fairemail-android) and other Android apps to provide encryption support. Cure53 completed a [security audit](https://openkeychain.org/openkeychain-3-6) of OpenKeychain 3.6 in October 2015. Technical details about the audit and OpenKeychain's solutions can be found [here](https://github.com/open-keychain/open-keychain/wiki/cure53-Security-Audit-2015).
+**OpenKeychain** is an implementation of GnuPG for Android. It's commonly required by mail clients such as [Thunderbird](email-clients.md#thunderbird), [FairEmail](email-clients.md#fairemail-android), and other Android apps to provide encryption support.
[:octicons-home-16: Homepage](https://openkeychain.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://openkeychain.org/help/privacy-policy){ .card-link title="Privacy Policy" }
@@ -419,6 +419,8 @@ Currently, GPG Suite does [not yet](https://gpgtools.com/sonoma) have a stable r
+Cure53 completed a [security audit](https://openkeychain.org/openkeychain-3-6) of OpenKeychain 3.6 in October 2015. The published audit and OpenKeychain's solutions to the issues raised in the audit can be found [here](https://github.com/open-keychain/open-keychain/wiki/cure53-Security-Audit-2015).
+
## Criteria
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
diff --git a/i18n/tr/os/macos-overview.md b/i18n/tr/os/macos-overview.md
index f379c1ac..5838699e 100644
--- a/i18n/tr/os/macos-overview.md
+++ b/i18n/tr/os/macos-overview.md
@@ -122,7 +122,7 @@ Decide whether you want personalized ads based on your usage.
##### FileVault
-On modern devices with a Secure Enclave (Apple T2 Security Chip, Apple silicon), your data is always encrypted, but is decrypted automatically by a hardware key if your device doesn't detect it's been tampered with. Enabling FileVault additionally requires your password to decrypt your data, greatly improving security, especially when powered off or before the first login after powering on.
+On modern devices with a Secure Enclave (Apple T2 Security Chip, Apple silicon), your data is always encrypted, but is decrypted automatically by a hardware key if your device doesn't detect it's been tampered with. Enabling [FileVault](../encryption.md#filevault) additionally requires your password to decrypt your data, greatly improving security, especially when powered off or before the first login after powering on.
On older Intel-based Mac computers, FileVault is the only form of disk encryption available by default, and should always be enabled.
@@ -234,7 +234,7 @@ We recommend against installing third-party antivirus software as they typically
##### Backups
-macOS comes with automatic backup software called [Time Machine](https://support.apple.com/HT201250), so you can create encrypted backups to an external or network drive in the event of corrupted/deleted files.
+macOS comes with automatic backup software called [Time Machine](https://support.apple.com/HT201250), so you can create encrypted backups to an external drive or a network drive in the event of corrupted/deleted files.
### Hardware Security
diff --git a/i18n/tr/tools.md b/i18n/tr/tools.md
index 2cd074ee..06eb850c 100644
--- a/i18n/tr/tools.md
+++ b/i18n/tr/tools.md
@@ -398,14 +398,16 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
### Encryption Software
-Operating System Disk Encryption
+Operating System Encryption
-For encrypting your operating system drive, we typically recommend using whichever encryption tool your operating system provides, whether that is **BitLocker** on Windows, **FileVault** on macOS, or **LUKS** on Linux. These tools are included with the operating system and typically use hardware encryption elements such as a TPM that other full-disk encryption software like VeraCrypt do not. VeraCrypt is still suitable for non-operating system disks such as external drives, especially drives that may be accessed from multiple operating systems.
+For encrypting your OS drive, we typically recommend using the encryption tool your operating system provides, whether that is **BitLocker** on Windows, **FileVault** on macOS, or **LUKS** on Linux. These tools are included with the operating system and take advantage of hardware encryption elements such as a [secure cryptoprocessor](basics/hardware.md/#tpmsecure-cryptoprocessor).
-[Learn more :material-arrow-right-drop-circle:](encryption.md#os-full-disk-encryption)
+[Learn more :material-arrow-right-drop-circle:](encryption.md#operating-system-encryption)
+#### Cross-platform Tools
+
- { .twemoji loading=lazy } [Cryptomator](encryption.md#cryptomator-cloud)
diff --git a/i18n/uk/encryption.md b/i18n/uk/encryption.md
index 6af6cdc3..26ad1de6 100644
--- a/i18n/uk/encryption.md
+++ b/i18n/uk/encryption.md
@@ -10,7 +10,7 @@ cover: encryption.webp
## Multi-platform
-The options listed here are multi-platform and great for creating encrypted backups of your data.
+The options listed here are available on multiple platforms and great for creating encrypted backups of your data.
### Cryptomator (Cloud)
@@ -115,13 +115,13 @@ When encrypting with VeraCrypt, you have the option to select from different [ha
Truecrypt has been [audited a number of times](https://en.wikipedia.org/wiki/TrueCrypt#Security_audits), and VeraCrypt has also been [audited separately](https://en.wikipedia.org/wiki/VeraCrypt#VeraCrypt_audit).
-## OS Full Disk Encryption
+## Operating System Encryption
Protects against the following threat(s):
- [:material-target-account: Цілеспрямовані атаки](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
-For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
+Built-in OS encryption solutions generally leverage hardware security features such as a [secure cryptoprocessor](basics/hardware.md#tpmsecure-cryptoprocessor). Therefore, we recommend using the built-in encryption solutions for your operating system. For cross-platform encryption, we still recommend [cross-platform tools](#multi-platform) for additional flexibility and to avoid vendor lock-in.
### BitLocker
@@ -129,7 +129,7 @@ For encrypting the drive your operating system boots from, we generally recommen
{ align=right }
-**BitLocker** is the full volume encryption solution bundled with Microsoft Windows. The main reason we recommend it for encrypting your boot drive is because of its [use of TPM](https://learn.microsoft.com/windows/security/information-protection/tpm/how-windows-uses-the-tpm). ElcomSoft, a forensics company, has written about this feature in [Understanding BitLocker TPM Protection](https://blog.elcomsoft.com/2021/01/understanding-BitLocker-tpm-protection).
+**BitLocker** is the full volume encryption solution bundled with Microsoft Windows that uses the Trusted Platform Module ([TPM](https://learn.microsoft.com/windows/security/information-protection/tpm/how-windows-uses-the-tpm)) for hardware-based security.
[:octicons-info-16:](https://learn.microsoft.com/windows/security/information-protection/BitLocker/BitLocker-overview){ .card-link title="Documentation" }
@@ -137,7 +137,7 @@ For encrypting the drive your operating system boots from, we generally recommen
-BitLocker is [only supported](https://support.microsoft.com/windows/turn-on-device-encryption-0c453637-bc88-5f74-5105-741561aae838) on Pro, Enterprise and Education editions of Windows. It can be enabled on Home editions provided that they meet the prerequisites.
+BitLocker is [officially supported](https://support.microsoft.com/windows/turn-on-device-encryption-0c453637-bc88-5f74-5105-741561aae838) on the Pro, Enterprise, and Education editions of Windows. It can be enabled on Home editions provided that they meet the following prerequisites.
Enabling BitLocker on Windows Home
@@ -187,7 +187,7 @@ Backup `BitLocker-Recovery-Key.txt` on your Desktop to a separate storage device
{ align=right }
-**FileVault** is the on-the-fly volume encryption solution built into macOS. FileVault is recommended because it [leverages](https://support.apple.com/guide/security/volume-encryption-with-filevault-sec4c6dc1b6e/web) hardware security capabilities present on an Apple silicon SoC or T2 Security Chip.
+**FileVault** is the on-the-fly volume encryption solution built into macOS. FileVault takes advantage of the [hardware security capabilities](os/macos-overview.md#hardware-security) present on an Apple silicon SoC or T2 Security Chip.
[:octicons-info-16:](https://support.apple.com/guide/mac-help/encrypt-mac-data-with-filevault-mh11785/mac){ .card-link title="Documentation" }
@@ -195,7 +195,7 @@ Backup `BitLocker-Recovery-Key.txt` on your Desktop to a separate storage device
-We recommend storing a local recovery key in a secure place as opposed to using your iCloud account for recovery.
+We advise against using your iCloud account for recovery; instead, you should securely store a local recovery key on a separate storage device.
### Linux Unified Key Setup
@@ -377,7 +377,7 @@ We suggest [Canary Mail](email-clients.md#canary-mail-ios) for using PGP with em
{ align=right }
-**GPG Suite** provides OpenPGP support for [Apple Mail](email-clients.md#apple-mail-macos) and macOS.
+**GPG Suite** provides OpenPGP support for [Apple Mail](email-clients.md#apple-mail-macos) and other email clients on macOS.
We recommend taking a look at their [First steps](https://gpgtools.tenderapp.com/kb/how-to/first-steps-where-do-i-start-where-do-i-begin-setup-gpgtools-create-a-new-key-your-first-encrypted-email) and [Knowledge Base](https://gpgtools.tenderapp.com/kb) for support.
@@ -395,7 +395,7 @@ We recommend taking a look at their [First steps](https://gpgtools.tenderapp.com