diff --git a/i18n/cs/about/donation-acceptance-policy.md b/i18n/cs/about/donation-acceptance-policy.md index c3ec73d3..0e2410ed 100644 --- a/i18n/cs/about/donation-acceptance-policy.md +++ b/i18n/cs/about/donation-acceptance-policy.md @@ -11,26 +11,26 @@ Privacy Guides aspires to obtain funding from a wide variety of sources to reduc In the course of our regular fundraising activities... -- Donations and other forms of support will generally be accepted from individuals, corporations, foundations, or other entities, without limitations. - - This includes cash, cash equivalents (checks, money orders, credit/debit card payments), and cryptocurrency. -- Gifts of Real Property, Personal Property, or Securities may only be accepted upon approval of the MAGIC Grants board of directors. + - Donations and other forms of support will generally be accepted from individuals, corporations, foundations, or other entities, without limitations. + - This includes cash, cash equivalents (checks, money orders, credit/debit card payments), and cryptocurrency. + - Gifts of Real Property, Personal Property, or Securities may only be accepted upon approval of the MAGIC Grants board of directors. Privacy Guides will only accept such gifts that are legal and consistent with our policies. Gifts must not interfere with Privacy Guides' mission, purpose, and procedures. ## Things we do **not** do -- Accept sponsorships. -- Offer to recommend a product or service in exchange for a donation or other incentive. -- Threaten to remove a recommendation for a product or service unless we receive a donation or other incentive. -- Offer to expedite a review of a product or service in exchange for a donation or other incentive. -- Write sponsored content or feature sponsored components in our content. + - Accept sponsorships. + - Offer to recommend a product or service in exchange for a donation or other incentive. + - Threaten to remove a recommendation for a product or service unless we receive a donation or other incentive. + - Offer to expedite a review of a product or service in exchange for a donation or other incentive. + - Write sponsored content or feature sponsored components in our content. ## Things we **may** do -- Accept donations from privacy-related companies and non-profits. -- Apply for grant programs. -- Accept free versions of software or hardware to test and review, while being mindful of possible differences in versions that could differ from a regular customer experience. ([More details](executive-policy.md#ep1-freely-provided-product-samples)) -- Accept discounted versions of software or hardware that assist our operations (for example, discounted software costs made available to non-profits). + - Accept donations from privacy-related companies and non-profits. + - Apply for grant programs. + - Accept free versions of software or hardware to test and review, while being mindful of possible differences in versions that could differ from a regular customer experience. ([More details](executive-policy.md#ep1-freely-provided-product-samples)) + - Accept discounted versions of software or hardware that assist our operations (for example, discounted software costs made available to non-profits). ## Restrictions on gifts @@ -40,10 +40,10 @@ We also accept and appreciate gifts for specified programs or purposes, provided Examples of gifts which are too restrictive include: -- Those which fund the research and review of a specific product category or specific product. -- Those which violate our existing policies. -- Those which are too difficult for us to administer. -- Those that are for purposes outside our general mission. + - Those which fund the research and review of a specific product category or specific product. + - Those which violate our existing policies. + - Those which are too difficult for us to administer. + - Those that are for purposes outside our general mission. An example of an acceptable restriction could be a gift towards funding our [video](https://www.privacyguides.org/videos) production, or hosting our website and forum. diff --git a/i18n/cs/ai-chat.md b/i18n/cs/ai-chat.md index 618d5bb3..ac553e4b 100644 --- a/i18n/cs/ai-chat.md +++ b/i18n/cs/ai-chat.md @@ -8,9 +8,9 @@ cover: ai-chatbots.webp Protects against the following threat(s): -- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal } -- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown } -- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } + - [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal } + - [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown } + - [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } The use of **AI chat**, also known as Large Language Models (LLMs), has become increasingly common since the release of ChatGPT in 2022. LLMs can help us write better, understand unfamiliar subjects, or answer a wide range of questions. They work by statistically predicting the next word in their responses based on a vast amount of data scraped from the web. @@ -75,9 +75,9 @@ In addition to supporting a large range of text models, Kobold.cpp also supports
Downloads -- [:fontawesome-brands-windows: Windows](https://github.com/LostRuins/koboldcpp/releases) -- [:simple-apple: macOS](https://github.com/LostRuins/koboldcpp/releases) -- [:simple-linux: Linux](https://github.com/LostRuins/koboldcpp/releases) + - [:fontawesome-brands-windows: Windows](https://github.com/LostRuins/koboldcpp/releases) + - [:simple-apple: macOS](https://github.com/LostRuins/koboldcpp/releases) + - [:simple-linux: Linux](https://github.com/LostRuins/koboldcpp/releases)
@@ -110,9 +110,9 @@ In addition to supporting a wide range of text models, Ollama also supports [LLa
Downloads -- [:fontawesome-brands-windows: Windows](https://ollama.com/download/windows) -- [:simple-apple: macOS](https://ollama.com/download/mac) -- [:simple-linux: Linux](https://ollama.com/download/linux) + - [:fontawesome-brands-windows: Windows](https://ollama.com/download/windows) + - [:simple-apple: macOS](https://ollama.com/download/mac) + - [:simple-linux: Linux](https://ollama.com/download/linux)
@@ -138,9 +138,9 @@ Llamafile also supports LLaVA. However, it doesn't support speech recognition or
Downloads -- [:fontawesome-brands-windows: Windows](https://github.com/Mozilla-Ocho/llamafile#quickstart) -- [:simple-apple: macOS](https://github.com/Mozilla-Ocho/llamafile#quickstart) -- [:simple-linux: Linux](https://github.com/Mozilla-Ocho/llamafile#quickstart) + - [:fontawesome-brands-windows: Windows](https://github.com/Mozilla-Ocho/llamafile#quickstart) + - [:simple-apple: macOS](https://github.com/Mozilla-Ocho/llamafile#quickstart) + - [:simple-linux: Linux](https://github.com/Mozilla-Ocho/llamafile#quickstart)
@@ -158,12 +158,12 @@ We recommend downloading model files from Hugging Face since it provides several To check the authenticity and safety of the model, look for: -- Model cards with clear documentation -- A verified organization badge -- Community reviews and usage statistics -- A "Safe" badge next to the model file (Hugging Face only) -- Matching checksums[^1] - - On Hugging Face, you can find the hash by clicking on a model file and looking for the **Copy SHA256** button below it. You should compare this checksum with the one from the model file you downloaded. + - Model cards with clear documentation + - A verified organization badge + - Community reviews and usage statistics + - A "Safe" badge next to the model file (Hugging Face only) + - Matching checksums[^1] + - On Hugging Face, you can find the hash by clicking on a model file and looking for the **Copy SHA256** button below it. You should compare this checksum with the one from the model file you downloaded. A downloaded model is generally safe if it satisfies all the above checks. @@ -173,20 +173,20 @@ Please note we are not affiliated with any of the projects we recommend. In addi ### Minimum Requirements -- Must be open source. -- Must not transmit personal data, including chat data. -- Must be multi-platform. -- Must not require a GPU. -- Must support GPU-powered, fast inference. -- Must not require an internet connection. + - Must be open source. + - Must not transmit personal data, including chat data. + - Must be multi-platform. + - Must not require a GPU. + - Must support GPU-powered, fast inference. + - Must not require an internet connection. ### Best-Case Our best-case criteria represent what we _would_ like to see from the perfect project in this category. Our recommendations may not include any or all of this functionality, but those which do may rank higher than others on this page. -- Should be easy to download and set up, e.g. with a one-click installation process. -- Should have a built-in model downloader option. -- The user should be able to modify the LLM parameters, such as its system prompt or temperature. + - Should be easy to download and set up, e.g. with a one-click installation process. + - Should have a built-in model downloader option. + - The user should be able to modify the LLM parameters, such as its system prompt or temperature. \*[LLaVA]: Large Language and Vision Assistant (multimodal AI model) \*[LLM]: Large Language Model (AI model such as ChatGPT) diff --git a/i18n/cs/alternative-networks.md b/i18n/cs/alternative-networks.md index 7c646ae0..5e24aa42 100644 --- a/i18n/cs/alternative-networks.md +++ b/i18n/cs/alternative-networks.md @@ -7,9 +7,9 @@ cover: alternative-networks.webp Protects against the following threat(s): -- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal } -- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue } -- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown } + - [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal } + - [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue } + - [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown } ## Anonymizing Networks @@ -61,10 +61,10 @@ You can try connecting to _Privacy Guides_ via Tor at [xoe4vn5uwdztif6goazfbmogh
Downloads -- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=org.torproject.android) -- [:simple-appstore: App Store](https://apps.apple.com/app/id1609461599) -- [:simple-github: GitHub](https://github.com/guardianproject/orbot/releases) -- [:simple-fdroid: F-Droid](https://guardianproject.info/fdroid) + - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=org.torproject.android) + - [:simple-appstore: App Store](https://apps.apple.com/app/id1609461599) + - [:simple-github: GitHub](https://github.com/guardianproject/orbot/releases) + - [:simple-fdroid: F-Droid](https://guardianproject.info/fdroid)
@@ -131,11 +131,11 @@ Running a Snowflake proxy is low-risk, even more so than running a Tor relay or
Downloads -- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=net.i2p.android) -- [:simple-android: Android](https://geti2p.net/en/download#android) -- [:fontawesome-brands-windows: Windows](https://geti2p.net/en/download#windows) -- [:simple-apple: macOS](https://geti2p.net/en/download#mac) -- [:simple-linux: Linux](https://geti2p.net/en/download#unix) + - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=net.i2p.android) + - [:simple-android: Android](https://geti2p.net/en/download#android) + - [:fontawesome-brands-windows: Windows](https://geti2p.net/en/download#windows) + - [:simple-apple: macOS](https://geti2p.net/en/download#mac) + - [:simple-linux: Linux](https://geti2p.net/en/download#unix)
diff --git a/i18n/cs/android/obtaining-apps.md b/i18n/cs/android/obtaining-apps.md index 0a0b83cd..c938478b 100644 --- a/i18n/cs/android/obtaining-apps.md +++ b/i18n/cs/android/obtaining-apps.md @@ -21,7 +21,7 @@ There are many ways to obtain Android apps privately, even from the Play Store,
Downloads -- [:simple-github: GitHub](https://github.com/ImranR98/Obtainium/releases) + - [:simple-github: GitHub](https://github.com/ImranR98/Obtainium/releases)
@@ -50,7 +50,7 @@ The Google Play Store requires a Google account to log in, which is not great fo
Downloads -- [:simple-gitlab: GitLab](https://gitlab.com/AuroraOSS/AuroraStore/-/releases) + - [:simple-gitlab: GitLab](https://gitlab.com/AuroraOSS/AuroraStore/-/releases)
@@ -86,26 +86,26 @@ If you download APK files to install manually, you can verify their signature wi 3. Extract the downloaded archive: - ```bash - unzip commandlinetools-*.zip - cd cmdline-tools - ./bin/sdkmanager --sdk_root=./ "build-tools;29.0.3" - ``` + ```bash + unzip commandlinetools-*.zip + cd cmdline-tools + ./bin/sdkmanager --sdk_root=./ "build-tools;29.0.3" + ``` 4. Run the signature verification command: - ```bash - ./build-tools/29.0.3/apksigner verify --print-certs ../Camera-37.apk - ``` + ```bash + ./build-tools/29.0.3/apksigner verify --print-certs ../Camera-37.apk + ``` 5. The resulting hashes can then be compared with another source. Some developers such as Signal [show the fingerprints](https://signal.org/android/apk) on their website. - ```bash - Signer #1 certificate DN: CN=GrapheneOS - Signer #1 certificate SHA-256 digest: 6436b155b917c2f9a9ed1d15c4993a5968ffabc94947c13f2aeee14b7b27ed59 - Signer #1 certificate SHA-1 digest: 23e108677a2e1b1d6e6b056f3bb951df7ad5570c - Signer #1 certificate MD5 digest: dbbcd0cac71bd6fa2102a0297c6e0dd3 - ``` + ```bash + Signer #1 certificate DN: CN=GrapheneOS + Signer #1 certificate SHA-256 digest: 6436b155b917c2f9a9ed1d15c4993a5968ffabc94947c13f2aeee14b7b27ed59 + Signer #1 certificate SHA-1 digest: 23e108677a2e1b1d6e6b056f3bb951df7ad5570c + Signer #1 certificate MD5 digest: dbbcd0cac71bd6fa2102a0297c6e0dd3 + ``` ## F-Droid diff --git a/i18n/cs/desktop-browsers.md b/i18n/cs/desktop-browsers.md index 58a7c22d..79af4dfe 100644 --- a/i18n/cs/desktop-browsers.md +++ b/i18n/cs/desktop-browsers.md @@ -245,16 +245,16 @@ Arkenfox se zaměřuje pouze na zabránění běžným nebo naivním sledovacím **Brave Browser** obsahuje vestavěný blokátor obsahu a [funkce pro ochranu soukromí](https://brave.com/privacy-features), z nichž mnohé jsou předem povolené. -Brave is built upon the Chromium web browser project, so it should feel familiar and have minimal website compatibility issues. +Brave je postavený na prohlížeči Chromium, takže by vám měl připadat známý a měli byste s ním mít minimální problémy s kompatibilitou. -[:octicons-home-16: Homepage](https://brave.com){ .md-button .md-button--primary } -[:simple-torbrowser:](https://brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } -[:octicons-eye-16:](https://brave.com/privacy/browser){ .card-link title="Privacy Policy" } -[:octicons-info-16:](https://support.brave.com){ .card-link title="Documentation" } -[:octicons-code-16:](https://github.com/brave/brave-browser){ .card-link title="Source Code" } +[:octicons-home-16: Domovská stránka](https://brave.com/cs/){ .md-button .md-button--primary } +[:simple-torbrowser:](https://brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion/cs/){ .card-link title="Onion odkaz" } +[:octicons-eye-16:](https://brave.com/privacy/browser){ .card-link title="Zásady ochrany osobních údajů" } +[:octicons-info-16:](https://support.brave.com){ .card-link title="Dokumentace" } +[:octicons-code-16:](https://github.com/brave/brave-browser){ .card-link title="Zdrojový kód" }
-Downloads +Ke stažení - [:simple-github: GitHub](https://github.com/brave/brave-browser/releases) - [:fontawesome-brands-windows: Windows](https://brave.com/download) @@ -267,19 +267,19 @@ Brave is built upon the Chromium web browser project, so it should feel familiar
-

Warning

+

Varování

-Brave adds a "[referral code](https://github.com/brave/brave-browser/wiki/Brave%E2%80%99s-Use-of-Referral-Codes)" to the file name in downloads from the Brave website, which is used to track which source the browser was downloaded from, for example `BRV002` in a download named `Brave-Browser-BRV002.pkg`. The installer will then ping Brave's server with the referral code at the end of the installation process. If you're concerned about this, you can rename the installer file before opening it. +Brave přidává „[referral kód](https://github.com/brave/brave-browser/wiki/Brave%E2%80%99s-Use-of-Referral-Codes)“ k názvům souborů, které stáhnete z webu Brave, který umožňuje vysledovat, odkud byl prohlížeč stáhnutý, např. `BRV002` v souboru s názvem `Brave-Browser-BRV002.pkg`. Instalátor poté pingne Brave server s tímto referral kódem na konci instalace. Pokud ale máte obavy, můžete soubor přejmenovat předtím, než instalátor otevřete.
-### Recommended Brave Configuration +### Doporučená konfigurace Braveu Tyto nastavení najdete v :material-menu: → **Nastavení**. #### Shields -Brave includes some anti-fingerprinting measures in its [Shields](https://support.brave.com/hc/articles/360022973471-What-is-Shields) feature. We suggest configuring these options [globally](https://support.brave.com/hc/articles/360023646212-How-do-I-configure-global-and-site-specific-Shields-settings) across all pages that you visit. +Brave implementuje některá opatření proti zanechávání otisku ve své funkci [Shields](https://support.brave.com/hc/articles/360022973471-What-is-Shields). We suggest configuring these options [globally](https://support.brave.com/hc/articles/360023646212-How-do-I-configure-global-and-site-specific-Shields-settings) across all pages that you visit. Shields' options can be downgraded on a per-site basis as needed, but by default we recommend setting the following: @@ -369,9 +369,9 @@ We recommend disabling search suggestions in Brave for the same reason we recomm **Brave Wallet** operates locally on your computer, but does not support any private cryptocurrencies, so we would discourage using this feature as well. -## Criteria +## Kritéria -**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you. +**Upozorňujeme, že nespolupracujeme s žádným z projektů, které doporučujeme.** Kromě [našich standardních kritérií](about/criteria.md) jsme vypracovali jasný seznam požadavků, který nám umožňuje poskytovat objektivní doporučení. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you. ### Minimum Requirements diff --git a/i18n/cs/device-integrity.md b/i18n/cs/device-integrity.md index 5efaadc4..d771d202 100644 --- a/i18n/cs/device-integrity.md +++ b/i18n/cs/device-integrity.md @@ -27,17 +27,17 @@ This means an attacker would have to regularly re-infect your device to retain a If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact: -- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us) -- If a business or government device is compromised: the appropriate security liaison at your enterprise, department, or agency -- Local law enforcement + - If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us) + - If a business or government device is compromised: the appropriate security liaison at your enterprise, department, or agency + - Local law enforcement **We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page. The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you: -- Consider replacing the device completely -- Consider changing your SIM/eSIM number -- Not restore from a backup, because that backup may be compromised + - Consider replacing the device completely + - Consider changing your SIM/eSIM number + - Not restore from a backup, because that backup may be compromised These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things: @@ -48,7 +48,7 @@ These tools provide analysis based on the information they have the ability to a Protects against the following threat(s): -- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } + - [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise. @@ -80,8 +80,8 @@ These tools can trigger false-positives. If any of these tools finds indicators
Downloads -- [:simple-apple: macOS](https://docs.mvt.re/en/latest/install) -- [:simple-linux: Linux](https://docs.mvt.re/en/latest/install) + - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install) + - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install)
@@ -102,7 +102,7 @@ If you use iOS and are at high-risk, we have three additional suggestions for yo 2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be. - The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**. + The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**. 3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode). @@ -123,8 +123,8 @@ MVT allows you to perform deeper scans/analysis if your device is jailbroken. Un
Downloads -- [:fontawesome-brands-windows: Windows](https://imazing.com/download) -- [:simple-apple: macOS](https://imazing.com/download) + - [:fontawesome-brands-windows: Windows](https://imazing.com/download) + - [:simple-apple: macOS](https://imazing.com/download)
@@ -136,8 +136,8 @@ iMazing automates and interactively guides you through the process of using [MVT Protects against the following threat(s): -- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } -- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } + - [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } + - [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device. @@ -166,9 +166,9 @@ Using these apps is insufficient to determine that a device is "clean", and not
Downloads -- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play) -- [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases) -- [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases) + - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play) + - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases) + - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
@@ -178,11 +178,11 @@ Auditor is not a scanning/analysis tool like some other tools on this page. Rath Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android/distributions.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by: -- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore) of the _Auditor_. -- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app). -- The _auditor_ records the current state and configuration of the _auditee_. -- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations. -- You will be alerted to the change. + - Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore) of the _Auditor_. + - The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app). + - The _auditor_ records the current state and configuration of the _auditee_. + - Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations. + - You will be alerted to the change. It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection. diff --git a/i18n/cs/meta/admonitions.md b/i18n/cs/meta/admonitions.md index 80b860cc..e006b874 100644 --- a/i18n/cs/meta/admonitions.md +++ b/i18n/cs/meta/admonitions.md @@ -199,7 +199,7 @@ This format is used to generate recommendation cards. Notably it is missing the
Downloads -- [:simple-github: GitHub](https://github.com/photoprism) + - [:simple-github: GitHub](https://github.com/photoprism)
@@ -231,13 +231,13 @@ This is a special type of collapsible admonition which is used to generate secti
Downloads -- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=ch.protonmail.android) -- [:simple-appstore: App Store](https://apps.apple.com/app/id979659905) -- [:simple-github: GitHub](https://github.com/ProtonMail/android-mail/releases) -- [:fontawesome-brands-windows: Windows](https://proton.me/mail/bridge#download) -- [:simple-apple: macOS](https://proton.me/mail/bridge#download) -- [:simple-linux: Linux](https://proton.me/mail/bridge#download) -- [:octicons-browser-16: Web](https://mail.proton.me) + - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=ch.protonmail.android) + - [:simple-appstore: App Store](https://apps.apple.com/app/id979659905) + - [:simple-github: GitHub](https://github.com/ProtonMail/android-mail/releases) + - [:fontawesome-brands-windows: Windows](https://proton.me/mail/bridge#download) + - [:simple-apple: macOS](https://proton.me/mail/bridge#download) + - [:simple-linux: Linux](https://proton.me/mail/bridge#download) + - [:octicons-browser-16: Web](https://mail.proton.me)
diff --git a/i18n/cs/mobile-browsers.md b/i18n/cs/mobile-browsers.md index 1f6cba7d..73122377 100644 --- a/i18n/cs/mobile-browsers.md +++ b/i18n/cs/mobile-browsers.md @@ -66,11 +66,11 @@ These are our currently recommended **mobile web browsers** and configurations f Brave is built upon the Chromium web browser project, so it should feel familiar and have minimal website compatibility issues. -[:octicons-home-16: Homepage](https://brave.com){ .md-button .md-button--primary } -[:simple-torbrowser:](https://brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" } -[:octicons-eye-16:](https://brave.com/privacy/browser){ .card-link title="Privacy Policy" } -[:octicons-info-16:](https://support.brave.com){ .card-link title="Documentation" } -[:octicons-code-16:](https://github.com/brave/brave-browser){ .card-link title="Source Code" } +[:octicons-home-16: Domovská stránka](https://brave.com/cs/){ .md-button .md-button--primary } +[:simple-torbrowser:](https://brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion/cs/){ .card-link title="Onion odkaz" } +[:octicons-eye-16:](https://brave.com/privacy/browser){ .card-link title="Zásady ochrany osobních údajů" } +[:octicons-info-16:](https://support.brave.com){ .card-link title="Dokumentace" } +[:octicons-code-16:](https://github.com/brave/brave-browser){ .card-link title="Zdrojový kód" }
Ke stažení @@ -84,7 +84,7 @@ Brave is built upon the Chromium web browser project, so it should feel familiar -### Recommended Brave Configuration +### Doporučená konfigurace Braveu Tor Browser is the only way to truly browse the internet anonymously. When you use Brave, we recommend changing the following settings to protect your privacy from certain parties, but all browsers other than the [Tor Browser](tor.md#tor-browser) will be traceable by *somebody* in some regard or another. @@ -98,7 +98,7 @@ Tor Browser is the only way to truly browse the internet anonymously. When you u #### Brave shields global defaults -Brave includes some anti-fingerprinting measures in its [Shields](https://support.brave.com/hc/articles/360022973471-What-is-Shields) feature. We suggest configuring these options [globally](https://support.brave.com/hc/articles/360023646212-How-do-I-configure-global-and-site-specific-Shields-settings) across all pages that you visit. +Brave implementuje některá opatření proti zanechávání otisku ve své funkci [Shields](https://support.brave.com/hc/articles/360022973471-What-is-Shields). We suggest configuring these options [globally](https://support.brave.com/hc/articles/360023646212-How-do-I-configure-global-and-site-specific-Shields-settings) across all pages that you visit. Shields' options can be downgraded on a per-site basis as needed, but by default we recommend setting the following: diff --git a/i18n/cs/os/windows/group-policies.md b/i18n/cs/os/windows/group-policies.md index 3a93a2e1..ee618f7a 100644 --- a/i18n/cs/os/windows/group-policies.md +++ b/i18n/cs/os/windows/group-policies.md @@ -19,29 +19,29 @@ To change any group policy, double click it and select Enabled or Disabled at th #### Device Guard -- Turn On Virtualization Based Security: **Enabled** - - Platform Security Level: **Secure Boot and DMA Protection** - - Secure Launch Configuration: **Enabled** + - Turn On Virtualization Based Security: **Enabled** + - Platform Security Level: **Secure Boot and DMA Protection** + - Secure Launch Configuration: **Enabled** #### Internet Communication Management -- Turn off Windows Customer Experience Improvement Program: **Enabled** -- Turn off Windows Error Reporting: **Enabled** -- Turn off the Windows Messenger Customer Experience Improvement Program: **Enabled** + - Turn off Windows Customer Experience Improvement Program: **Enabled** + - Turn off Windows Error Reporting: **Enabled** + - Turn off the Windows Messenger Customer Experience Improvement Program: **Enabled** Note that disabling the Windows Customer Experience Improvement Program also disables some other tracking features that can be individually controlled with Group Policy as well. We don't list them all here or disable them because this setting covers that. #### OS Policies -- Allow Clipboard History: **Disabled** -- Allow Clipboard synchronization across devices: **Disabled** -- Enables Activity Feed: **Disabled** -- Allow publishing of User Activities: **Disabled** -- Allow upload of User Activities: **Disabled** + - Allow Clipboard History: **Disabled** + - Allow Clipboard synchronization across devices: **Disabled** + - Enables Activity Feed: **Disabled** + - Allow publishing of User Activities: **Disabled** + - Allow upload of User Activities: **Disabled** #### User Profiles -- Turn off the advertising ID: **Enabled** + - Turn off the advertising ID: **Enabled** ### Windows Components @@ -49,87 +49,87 @@ Note that disabling the Windows Customer Experience Improvement Program also dis AutoRun and AutoPlay are features which allow Windows to run a script or perform some other task when a device is connected, sometimes avoiding security measures that involve user consent. This could allow untrusted devices to run malicious code without your knowledge. It's a security best practice to disable these features, and simply open files on your external disks manually. -- Turn off AutoPlay: **Enabled** -- Disallow Autoplay for nonvolume devices: **Enabled** -- Set the default behavior for AutoRun: **Enabled** - - Default AutoRun Behavior: **Do not execute any AutoRun commands** + - Turn off AutoPlay: **Enabled** + - Disallow Autoplay for nonvolume devices: **Enabled** + - Set the default behavior for AutoRun: **Enabled** + - Default AutoRun Behavior: **Do not execute any AutoRun commands** #### BitLocker Drive Encryption You may wish to re-encrypt your operating system drive after changing these settings. -- Choose drive encryption method and cipher strength (Windows Vista, Windows Server 2008, Windows 7): **Enabled** - - Select the encryption method: **AES-256** + - Choose drive encryption method and cipher strength (Windows Vista, Windows Server 2008, Windows 7): **Enabled** + - Select the encryption method: **AES-256** Setting the cipher strength for the Windows 7 policy still applies that strength to newer versions of Windows. ##### Operating System Drives -- Require additional authentication at startup: **Enabled** -- Allow enhanced PINs for startup: **Enabled** + - Require additional authentication at startup: **Enabled** + - Allow enhanced PINs for startup: **Enabled** Despite the names of these policies, this doesn't _require_ you to do anything by default, but it will unlock the _option_ to have a more complex setup (such as requiring a PIN at startup in addition to the TPM) in the BitLocker setup wizard. #### Cloud Content -- Turn off cloud optimized content: **Enabled** -- Turn off cloud consumer account state content: **Enabled** -- Do not show Windows tips: **Enabled** -- Turn off Microsoft consumer experiences: **Enabled** + - Turn off cloud optimized content: **Enabled** + - Turn off cloud consumer account state content: **Enabled** + - Do not show Windows tips: **Enabled** + - Turn off Microsoft consumer experiences: **Enabled** #### Credential User Interface -- Require trusted path for credential entry: **Enabled** -- Prevent the use of security questions for local accounts: **Enabled** + - Require trusted path for credential entry: **Enabled** + - Prevent the use of security questions for local accounts: **Enabled** #### Data Collection and Preview Builds -- Allow Diagnostic Data: **Enabled** - - Options: **Send required diagnostic data** (Pro Edition); or - - Options: **Diagnostic data off** (Enterprise or Education Edition) -- Limit Diagnostic Log Collection: **Enabled** -- Limit Dump Collection: **Enabled** -- Limit optional diagnostic data for Desktop Analytics: **Enabled** - - Options: **Disable Desktop Analytics collection** -- Do not show feedback notifications: **Enabled** + - Allow Diagnostic Data: **Enabled** + - Options: **Send required diagnostic data** (Pro Edition); or + - Options: **Diagnostic data off** (Enterprise or Education Edition) + - Limit Diagnostic Log Collection: **Enabled** + - Limit Dump Collection: **Enabled** + - Limit optional diagnostic data for Desktop Analytics: **Enabled** + - Options: **Disable Desktop Analytics collection** + - Do not show feedback notifications: **Enabled** #### File Explorer -- Turn off account-based insights, recent, favorite, and recommended files in File Explorer: **Enabled** + - Turn off account-based insights, recent, favorite, and recommended files in File Explorer: **Enabled** #### MDM -- Disable MDM Enrollment: **Enabled** + - Disable MDM Enrollment: **Enabled** #### OneDrive -- Save documents to OneDrive by default: **Disabled** -- Prevent OneDrive from generating network traffic until the user signs in to OneDrive: **Enabled** -- Prevent the usage of OneDrive for file storage: **Enabled** + - Save documents to OneDrive by default: **Disabled** + - Prevent OneDrive from generating network traffic until the user signs in to OneDrive: **Enabled** + - Prevent the usage of OneDrive for file storage: **Enabled** This last setting disables OneDrive on your system; make sure to change it to **Disabled** if you use OneDrive. #### Push To Install -- Turn off Push To Install service: **Enabled** + - Turn off Push To Install service: **Enabled** #### Vyhledávání -- Allow Cortana: **Disabled** -- Don't search the web or display web results in Search: **Enabled** -- Set what information is shared in Search: **Enabled** - - Type of information: **Anonymous info** + - Allow Cortana: **Disabled** + - Don't search the web or display web results in Search: **Enabled** + - Set what information is shared in Search: **Enabled** + - Type of information: **Anonymous info** #### Sync your settings -- Do not sync: **Enabled** + - Do not sync: **Enabled** #### Text input -- Improve inking and typing recognition: **Disabled** + - Improve inking and typing recognition: **Disabled** #### Windows Error Reporting -- Do not send additional data: **Enabled** -- Consent > Configure Default consent: **Enabled** - - Consent level: **Always ask before sending data** + - Do not send additional data: **Enabled** + - Consent > Configure Default consent: **Enabled** + - Consent level: **Always ask before sending data** diff --git a/i18n/cs/self-hosting/index.md b/i18n/cs/self-hosting/index.md index fda8adcc..64706f44 100644 --- a/i18n/cs/self-hosting/index.md +++ b/i18n/cs/self-hosting/index.md @@ -7,7 +7,7 @@ cover: router.webp Protects against the following threat(s): -- [:material-server-network: Service Providers](../basics/common-threats.md#privacy-from-service-providers){ .pg-teal } + - [:material-server-network: Service Providers](../basics/common-threats.md#privacy-from-service-providers){ .pg-teal } Using **self-hosted software and services** can be a way to achieve a higher level of privacy through digital sovereignty, particularly independence from cloud servers controlled by product developers or vendors. By self-hosting, we mean hosting applications and data on your own hardware. @@ -17,9 +17,9 @@ Self-hosting your own solutions requires advanced technical knowledge and a deep
-- ![Stalwart logo](../assets/img/self-hosting/stalwart.svg){ .twemoji loading=lazy } [Stalwart](email-servers.md#stalwart) -- ![Mailcow logo](../assets/img/self-hosting/mailcow.svg){ .twemoji loading=lazy } [Mailcow](email-servers.md#mailcow) -- ![Mail-in-a-Box logo](../assets/img/self-hosting/mail-in-a-box.svg){ .twemoji loading=lazy } [Mail-in-a-Box](email-servers.md#mail-in-a-box) + - ![Stalwart logo](../assets/img/self-hosting/stalwart.svg){ .twemoji loading=lazy } [Stalwart](email-servers.md#stalwart) + - ![Mailcow logo](../assets/img/self-hosting/mailcow.svg){ .twemoji loading=lazy } [Mailcow](email-servers.md#mailcow) + - ![Mail-in-a-Box logo](../assets/img/self-hosting/mail-in-a-box.svg){ .twemoji loading=lazy } [Mail-in-a-Box](email-servers.md#mail-in-a-box)
@@ -66,21 +66,21 @@ Self-hosting your own instance of a web-based frontend can help you circumvent r
-- ![Redlib logo](../assets/img/frontends/redlib.svg){ .lg .middle .twemoji } [**Redlib (Reddit)**](../frontends.md#redlib) + - ![Redlib logo](../assets/img/frontends/redlib.svg){ .lg .middle .twemoji } [**Redlib (Reddit)**](../frontends.md#redlib) --- [:octicons-info-16:](https://github.com/redlib-org/redlib#deployment){ .card-link title="Admin Documentation" } [:octicons-code-16:](https://github.com/redlib-org/redlib){ .card-link title="Source Code" } -- ![ProxiTok logo](../assets/img/frontends/proxitok.svg){ .lg .middle .twemoji } [**ProxiTok (TikTok)**](../frontends.md#proxitok) + - ![ProxiTok logo](../assets/img/frontends/proxitok.svg){ .lg .middle .twemoji } [**ProxiTok (TikTok)**](../frontends.md#proxitok) --- [:octicons-info-16:](https://github.com/pablouser1/ProxiTok/wiki/Self-hosting){ .card-link title="Admin Documentation" } [:octicons-code-16:](https://github.com/pablouser1/ProxiTok){ .card-link title="Source Code" } -- ![Invidious logo](../assets/img/frontends/invidious.svg#only-light){ .twemoji }![Invidious logo](../assets/img/frontends/invidious-dark.svg#only-dark){ .twemoji } [**Invidious (YouTube)**](../frontends.md#invidious) + - ![Invidious logo](../assets/img/frontends/invidious.svg#only-light){ .twemoji }![Invidious logo](../assets/img/frontends/invidious-dark.svg#only-dark){ .twemoji } [**Invidious (YouTube)**](../frontends.md#invidious) --- @@ -88,7 +88,7 @@ Self-hosting your own instance of a web-based frontend can help you circumvent r [:octicons-info-16:](https://docs.invidious.io/installation){ .card-link title="Admin Documentation" } [:octicons-code-16:](https://github.com/iv-org/invidious){ .card-link title="Source Code" } -- ![Piped logo](../assets/img/frontends/piped.svg){ .twemoji } [**Piped (YouTube)**](../frontends.md#piped) + - ![Piped logo](../assets/img/frontends/piped.svg){ .twemoji } [**Piped (YouTube)**](../frontends.md#piped) --- @@ -103,7 +103,7 @@ Tool recommendations in other categories of the website also provide a self-host
-- ![Addy.io logo](../assets/img/email-aliasing/addy.svg){ .twemoji } [**Addy.io**](../email-aliasing.md#addyio) + - ![Addy.io logo](../assets/img/email-aliasing/addy.svg){ .twemoji } [**Addy.io**](../email-aliasing.md#addyio) --- @@ -111,7 +111,7 @@ Tool recommendations in other categories of the website also provide a self-host [:octicons-info-16:](https://addy.io/self-hosting){ .card-link title="Admin Documentation" } [:octicons-code-16:](https://github.com/anonaddy){ .card-link title="Source Code" } -- ![SimpleLogin logo](../assets/img/email-aliasing/simplelogin.svg){ .twemoji } [**SimpleLogin**](../email-aliasing.md#simplelogin) + - ![SimpleLogin logo](../assets/img/email-aliasing/simplelogin.svg){ .twemoji } [**SimpleLogin**](../email-aliasing.md#simplelogin) --- @@ -119,7 +119,7 @@ Tool recommendations in other categories of the website also provide a self-host [:octicons-info-16:](https://github.com/simple-login/app#prerequisites){ .card-link title="Admin Documentation" } [:octicons-code-16:](https://github.com/simple-login){ .card-link title="Source Code" } -- ![CryptPad logo](../assets/img/document-collaboration/cryptpad.svg){ .twemoji } [**CryptPad**](../document-collaboration.md#cryptpad) + - ![CryptPad logo](../assets/img/document-collaboration/cryptpad.svg){ .twemoji } [**CryptPad**](../document-collaboration.md#cryptpad) --- @@ -127,7 +127,7 @@ Tool recommendations in other categories of the website also provide a self-host [:octicons-info-16:](https://docs.cryptpad.org/en/admin_guide/index.html){ .card-link title="Admin Documentation" } [:octicons-code-16:](https://github.com/xwiki-labs/cryptpad){ .card-link title="Source Code" } -- ![Miniflux logo](../assets/img/news-aggregators/miniflux.svg#only-light){ .twemoji }![Miniflux logo](../assets/img/news-aggregators/miniflux-dark.svg#only-dark){ .twemoji } [**Miniflux**](../news-aggregators.md#miniflux) + - ![Miniflux logo](../assets/img/news-aggregators/miniflux.svg#only-light){ .twemoji }![Miniflux logo](../assets/img/news-aggregators/miniflux-dark.svg#only-dark){ .twemoji } [**Miniflux**](../news-aggregators.md#miniflux) --- @@ -135,7 +135,7 @@ Tool recommendations in other categories of the website also provide a self-host [:octicons-info-16:](https://miniflux.app/docs/index.html#administration-guide){ .card-link title="Admin Documentation" } [:octicons-code-16:](https://github.com/miniflux/v2){ .card-link title="Source Code" } -- ![Standard Notes logo](../assets/img/notebooks/standard-notes.svg){ .twemoji } [**Standard Notes**](../notebooks.md#standard-notes) + - ![Standard Notes logo](../assets/img/notebooks/standard-notes.svg){ .twemoji } [**Standard Notes**](../notebooks.md#standard-notes) --- @@ -143,7 +143,7 @@ Tool recommendations in other categories of the website also provide a self-host [:octicons-info-16:](https://standardnotes.com/help/47/can-i-self-host-standard-notes){ .card-link title="Admin Documentation" } [:octicons-code-16:](https://github.com/standardnotes){ .card-link title="Source Code" } -- ![PrivateBin logo](../assets/img/pastebins/privatebin.svg){ .twemoji } [**PrivateBin**](../pastebins.md#privatebin) + - ![PrivateBin logo](../assets/img/pastebins/privatebin.svg){ .twemoji } [**PrivateBin**](../pastebins.md#privatebin) --- @@ -151,7 +151,7 @@ Tool recommendations in other categories of the website also provide a self-host [:octicons-info-16:](https://github.com/PrivateBin/PrivateBin/blob/master/doc/Installation.md){ .card-link title="Admin Documentation" } [:octicons-code-16:](https://github.com/PrivateBin/PrivateBin){ .card-link title="Source Code" } -- ![Paaster logo](../assets/img/pastebins/paaster.svg){ .twemoji } [**Paaster**](../pastebins.md#paaster) + - ![Paaster logo](../assets/img/pastebins/paaster.svg){ .twemoji } [**Paaster**](../pastebins.md#paaster) --- @@ -159,7 +159,7 @@ Tool recommendations in other categories of the website also provide a self-host [:octicons-info-16:](https://github.com/WardPearce/paaster#deployment){ .card-link title="Admin Documentation" } [:octicons-code-16:](https://github.com/WardPearce/paaster){ .card-link title="Source Code" } -- ![SimpleX Chat logo](../assets/img/messengers/simplex.svg){ .twemoji } [**SimpleX Chat**](../real-time-communication.md#simplex-chat) + - ![SimpleX Chat logo](../assets/img/messengers/simplex.svg){ .twemoji } [**SimpleX Chat**](../real-time-communication.md#simplex-chat) --- diff --git a/i18n/cs/social-networks.md b/i18n/cs/social-networks.md index def5299a..375385ae 100644 --- a/i18n/cs/social-networks.md +++ b/i18n/cs/social-networks.md @@ -7,8 +7,8 @@ cover: social-networks.webp Protects against the following threat(s): -- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } -- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown } + - [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } + - [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown } These privacy-respecting **social networks** allow you to participate in online communities without giving up your personal information like your full name, phone number, and other data commonly requested by tech companies. @@ -36,9 +36,9 @@ If you are greatly concerned about an existing server censoring your content, th 2. **Use a managed hosting service.** We don't have any specific recommendations, but there are a variety of hosting services which will create a brand-new server on your own domain (or occasionally a subdomain of their domain, but we recommend against this unless registering your own domain presents too much of a burden to your privacy). - Typically, hosting providers will handle the _technical_ side of your server, but completely leave the _moderation_ side up to you. This often represents a better approach than self-hosting for most people because you can benefit from greater control over your own server without worrying about technical problems or unpatched security vulnerabilities. + Typically, hosting providers will handle the _technical_ side of your server, but completely leave the _moderation_ side up to you. This often represents a better approach than self-hosting for most people because you can benefit from greater control over your own server without worrying about technical problems or unpatched security vulnerabilities. - You should look closely at your hosting provider's terms of service and acceptable use policies before registering. These are often far more broad than typical hosted server rules, and they are far less likely to be enforced without recourse, but they can still be restrictive in undesirable ways. + You should look closely at your hosting provider's terms of service and acceptable use policies before registering. These are often far more broad than typical hosted server rules, and they are far less likely to be enforced without recourse, but they can still be restrictive in undesirable ways. ## Mastodon @@ -75,13 +75,13 @@ From Mastodon's web interface, click the **Administration** link in the right si There are a number of privacy controls under the **privacy and reach** tab here. Most notably, pay attention to these: -- [ ] **Automatically accept new followers**: You should consider unchecking this box to have a private profile. This will allow you to review who can follow your account before accepting them. + - **Automatically accept new followers**: You should consider unchecking this box to have a private profile. This will allow you to review who can follow your account before accepting them. In contrast to most social media platforms, if you have a private profile you still have the _option_ to publish posts which are publicly visible to non-followers and can still be boosted by non-followers. Therefore, unchecking this box is the only way to have the _choice_ to publish to either the entire world or a select group of people. -- [ ] **Show follows and followers on profile**: You should uncheck this box to hide your social graph from the public. It is fairly uncommon for the list of people you follow to have some genuine benefit to others, but that information can present a risk to you. + - **Show follows and followers on profile**: You should uncheck this box to hide your social graph from the public. It is fairly uncommon for the list of people you follow to have some genuine benefit to others, but that information can present a risk to you. -- [ ] **Display from which app you sent a post**: You should uncheck this box to prevent revealing information about your personal computing setup to others unnecessarily. + - **Display from which app you sent a post**: You should uncheck this box to prevent revealing information about your personal computing setup to others unnecessarily. The other privacy controls on this page should be read through, but we would stress that they are **not** technical controls—they are merely requests that you make to others. For example, if you choose to hide your profile from search engines on this page, **nothing** is actually stopping a search engine from reading your profile. You are merely requesting search engine indexes not publish your content to their users. @@ -95,7 +95,7 @@ Note that this only changes your default settings to prevent accidental over-sha #### Automated post deletion -- [x] Check the **Automatically delete old posts** box. + - Check the **Automatically delete old posts** box. The default settings here are fine, and will delete any posts you make after 2 weeks, unless you favorite (star) them. This gives you an easy way to control which posts stick around forever, and which ones are only ephemeral. Many settings about how long and when posts are kept can be adjusted here to suit your own needs, however. @@ -105,10 +105,10 @@ It is very rare for social media posts older than a few weeks to be read or rele When publishing a new post, you will have the option to choose from one of these visibility settings: -- **Public**, which publishes your content to anyone on the internet. -- **Quiet public**, which you should consider equivalent to publicly posting! This is not a technical guarantee, but merely a request you are making to other servers to hide your post from some feeds. -- **Followers**, which publishes your content only to your followers. If you did not follow our recommendation of restricting your followers, you should consider this equivalent to publicly posting! -- **Specific people**, which only shares the post with people who are specifically mentioned within the post. This is Mastodon's version of direct messages, but should never be relied on for private communications as we covered earlier since Mastodon has no E2EE. + - **Public**, which publishes your content to anyone on the internet. + - **Quiet public**, which you should consider equivalent to publicly posting! This is not a technical guarantee, but merely a request you are making to other servers to hide your post from some feeds. + - **Followers**, which publishes your content only to your followers. If you did not follow our recommendation of restricting your followers, you should consider this equivalent to publicly posting! + - **Specific people**, which only shares the post with people who are specifically mentioned within the post. This is Mastodon's version of direct messages, but should never be relied on for private communications as we covered earlier since Mastodon has no E2EE. If you used our recommended configuration settings above, you should be posting to **Followers** by default, and only posting to **Public** on an intentional and case-by-case basis. @@ -127,13 +127,13 @@ If you used our recommended configuration settings above, you should be posting
Downloads -- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=im.vector.app) -- [:simple-appstore: App Store](https://apps.apple.com/app/id1083446067) -- [:simple-github: GitHub](https://github.com/element-hq/element-android/releases) -- [:fontawesome-brands-windows: Windows](https://element.io/download) -- [:simple-apple: macOS](https://element.io/download) -- [:simple-linux: Linux](https://element.io/download) -- [:octicons-browser-16: Web](https://app.element.io) + - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=im.vector.app) + - [:simple-appstore: App Store](https://apps.apple.com/app/id1083446067) + - [:simple-github: GitHub](https://github.com/element-hq/element-android/releases) + - [:fontawesome-brands-windows: Windows](https://element.io/download) + - [:simple-apple: macOS](https://element.io/download) + - [:simple-linux: Linux](https://element.io/download) + - [:octicons-browser-16: Web](https://app.element.io)
@@ -155,15 +155,15 @@ To prevent revealing information about your personal device to others unnecessar #### Preferences -- [ ] Uncheck **Send read receipts** -- [ ] Uncheck **Send typing notifications** + - Uncheck **Send read receipts** + - Uncheck **Send typing notifications** You should uncheck these options to reduce the exposure of metadata to other users when chatting in a public room. #### Voice & Video -- [ ] Uncheck **Allow Peer-to-Peer for 1:1 calls** -- [ ] Uncheck **Allow fallback call assist server (turn.matrix.org)** + - Uncheck **Allow Peer-to-Peer for 1:1 calls** + - Uncheck **Allow fallback call assist server (turn.matrix.org)** If you do decide to use Element for one-to-one communication, we recommend unchecking these settings to prevent the exposure of your IP address to the other party. @@ -177,13 +177,13 @@ As an end user on a public homeserver, you can consider unchecking the **Enable ##### Sessions -- [ ] (Optional) Uncheck **Record the client name, version, and url to recognize sessions for easily in session manager** + - (Optional) Uncheck **Record the client name, version, and url to recognize sessions for easily in session manager** Unchecking this option may make it more diffcult to discern your active sessions if you logged in to your Matrix account on multiple devices. #### Encryption -- [x] (Optional) Check **In encrypted rooms, only send messages to verified users** + - (Optional) Check **In encrypted rooms, only send messages to verified users** With this setting enabled, unverified users (i.e., those who have not used the **Verify User** function) and unverified devices of verified users will not receive your messages in a room with encryption enabled. This may limit the messages you can view and the people you can interact with. @@ -191,11 +191,11 @@ With this setting enabled, unverified users (i.e., those who have not used the * **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you. -- Must be free and open-source software. -- Must use a federated protocol to communicate with other instances of the social networking software. -- Must not have non-technical restrictions on who can be federated with. -- Must be usable within a standard [web browser](desktop-browsers.md). -- Must make public content accessible to visitors without an account. -- Must allow you to limit who can follow your profile. -- Must allow you to post content visible only to your followers. -- Must support modern web application security standards/features (including [multifactor authentication](multi-factor-authentication.md)). + - Must be free and open-source software. + - Must use a federated protocol to communicate with other instances of the social networking software. + - Must not have non-technical restrictions on who can be federated with. + - Must be usable within a standard [web browser](desktop-browsers.md). + - Must make public content accessible to visitors without an account. + - Must allow you to limit who can follow your profile. + - Must allow you to post content visible only to your followers. + - Must support modern web application security standards/features (including [multifactor authentication](multi-factor-authentication.md)).