diff --git a/i18n/ar/advanced/tor-overview.md b/i18n/ar/advanced/tor-overview.md
index e0c5b08b..3a642929 100644
--- a/i18n/ar/advanced/tor-overview.md
+++ b/i18n/ar/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor is a free to use, decentralized network designed for using the
Tor is a free to use, decentralized network designed for using the internet with as much privacy as possible. If used properly, the network enables private and anonymous browsing and communications.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Path Building to Clearnet Services
"Clearnet services" are websites which you can access with any browser, like [privacyguides.org](https://www.privacyguides.org). Tor lets you connect to these websites anonymously by routing your traffic through a network comprised of thousands of volunteer-run servers called nodes (or relays).
@@ -76,13 +156,34 @@ Tor allows us to connect to a server without any single party knowing the entire
Though Tor does provide strong privacy guarantees, one must be aware that Tor is not perfect:
-- Well-funded adversaries with the capability to passively watch most network traffic over the globe have a chance of deanonymizing Tor users by means of advanced traffic analysis. Nor does Tor protect you from exposing yourself by mistake, such as if you share too much information about your real identity.
-- Tor exit nodes can also monitor traffic that passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be recorded and monitored. If such traffic contains personally identifiable information, then it can deanonymize you to that exit node. Thus, we recommend using HTTPS over Tor where possible.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Tor exit nodes can also monitor traffic that passes through them. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
If you wish to use Tor for browsing the web, we only recommend the **official** Tor Browser—it is designed to prevent fingerprinting.
- [Tor Browser :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Additional Resources
- [Tor Browser User Manual](https://tb-manual.torproject.org)
diff --git a/i18n/ar/android.md b/i18n/ar/android.md
index 010f15b7..38f4a98b 100644
--- a/i18n/ar/android.md
+++ b/i18n/ar/android.md
@@ -215,39 +215,6 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
-
- ??? downloads
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor performs attestation and intrusion detection by:
-
-- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
-- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
-- The *auditor* records the current state and configuration of the *auditee*.
-- Should tampering with the operating system of the *auditee* happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
-- You will be alerted to the change.
-
-No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
-
-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
-
### Secure Camera
!!! recommendation
@@ -347,7 +314,7 @@ Aurora Store does not allow you to download paid apps with their anonymous accou
### Manually with RSS Notifications
-For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](/news-aggregators) that will help you keep track of new releases.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/ar/basics/common-threats.md b/i18n/ar/basics/common-threats.md
index e278c0cb..9776a47b 100644
--- a/i18n/ar/basics/common-threats.md
+++ b/i18n/ar/basics/common-threats.md
@@ -39,7 +39,7 @@ To minimize the damage that a malicious piece of software *could* do, you should
Mobile operating systems generally have better application sandboxing than desktop operating systems: Apps can't obtain root access, and require permission for access to system resources.
- Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../../desktop/#qubes-os).
+ Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Targeted Attacks
diff --git a/i18n/ar/basics/vpn-overview.md b/i18n/ar/basics/vpn-overview.md
index d057a1ae..2f34dd6e 100644
--- a/i18n/ar/basics/vpn-overview.md
+++ b/i18n/ar/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Virtual Private Networks shift risk away from your ISP to a third-party you trust. You should keep these things in mind.
---
-Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world. An ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-A VPN can help as it can shift trust to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing into it.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## Should I use a VPN?
-**Yes**, unless you are already using Tor. A VPN does two things: shifting the risks from your Internet Service Provider to itself and hiding your IP from a third-party service.
-
-VPNs cannot encrypt data outside of the connection between your device and the VPN server. VPN providers can see and modify your traffic the same way your ISP could. And there is no way to verify a VPN provider's "no logging" policies in any way.
-
-However, they do hide your actual IP from a third-party service, provided that there are no IP leaks. They help you blend in with others and mitigate IP based tracking.
-
-## When shouldn't I use a VPN?
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
-
-## What about encryption?
-
-Encryption offered by VPN providers are between your devices and their servers. It guarantees that this specific link is secure. This is a step up from using unencrypted proxies where an adversary on the network can intercept the communications between your devices and said proxies and modify them. However, encryption between your apps or browsers with the service providers are not handled by this encryption.
-
-In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider. Consider enabling "HTTPS everywhere" in your browser to mitigate downgrade attacks like [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Should I use encrypted DNS with a VPN?
-
-Unless your VPN provider hosts the encrypted DNS servers, **no**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust and does **absolutely nothing** to improve your privacy/security. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. Instead of just trusting your VPN provider, you are now trusting both the VPN provider and the DNS provider.
-
-A common reason to recommend encrypted DNS is that it helps against DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
-
-Needless to say, **you shouldn't use encrypted DNS with Tor**. This would direct all of your DNS requests through a single circuit and would allow the encrypted DNS provider to deanonymize you.
-
-## Should I use Tor *and* a VPN?
-
-By using a VPN with Tor, you're creating essentially a permanent entry node, often with a money trail attached. This provides zero additional benefits to you, while increasing the attack surface of your connection dramatically. If you wish to hide your Tor usage from your ISP or your government, Tor has a built-in solution for that: Tor bridges. [Read more about Tor bridges and why using a VPN is not necessary](../advanced/tor-overview.md).
-
-## What if I need anonymity?
-
-VPNs cannot provide anonymity. Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data. Use [Tor](https://www.torproject.org/) instead.
-
-## What about VPN providers that provide Tor nodes?
-
-Do not use that feature. The point of using Tor is that you do not trust your VPN provider. Currently Tor only supports the [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
-
-The feature should be viewed as a convenient way to access the Tor Network, not to stay anonymous. For proper anonymity, use the Tor Browser, TorSocks, or a Tor gateway.
-
-## When are VPNs useful?
-
-A VPN may still be useful to you in a variety of scenarios, such as:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Hiding your traffic from **only** your Internet Service Provider.
1. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
-1. Hiding your IP from third-party websites and services, preventing IP based tracking.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-For situations like these, or if you have another compelling reason, the VPN providers we listed above are who we think are the most trustworthy. However, using a VPN provider still means you're *trusting* the provider. In pretty much any other scenario you should be using a secure**-by-design** tool such as Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Sources and Further Reading
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. And there is no way to verify a VPN provider's "no logging" policies in any way.
-1. [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
-1. [Tor Network Overview](../advanced/tor-overview.md)
-1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-1. ["Do I need a VPN?"](https://www.doineedavpn.com), a tool developed by IVPN to challenge aggressive VPN marketing by helping individuals decide if a VPN is right for them.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Should I use encrypted DNS with a VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
+
+## Should I use Tor *and* a VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Related VPN Information
@@ -76,3 +112,4 @@ For situations like these, or if you have another compelling reason, the VPN pro
- [Free VPN App Investigation](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Hidden VPN owners unveiled: 101 VPN products run by just 23 companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [This Chinese company is secretly behind 24 popular apps seeking dangerous permissions](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
diff --git a/i18n/ar/desktop.md b/i18n/ar/desktop.md
index c2b5515a..5f937ed1 100644
--- a/i18n/ar/desktop.md
+++ b/i18n/ar/desktop.md
@@ -120,11 +120,9 @@ Nix is a source-based package manager; if there’s no pre-built available in th
Whonix is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden.
-Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-
-Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix has various [disadvantages](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) when compared to other hypervisors.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/ar/device-integrity.md b/i18n/ar/device-integrity.md
new file mode 100644
index 00000000..76da114e
--- /dev/null
+++ b/i18n/ar/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/ar/os/qubes-overview.md b/i18n/ar/os/qubes-overview.md
index a255bd21..0a3a095a 100644
--- a/i18n/ar/os/qubes-overview.md
+++ b/i18n/ar/os/qubes-overview.md
@@ -49,6 +49,22 @@ To copy and paste files and directories (folders) from one *qube* to another, yo
The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Qubes which allows communication between domains. It is built on top of the Xen library *vchan*, which facilitates [isolation through policies](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Additional Resources
For additional information we encourage you to consult the extensive Qubes OS documentation pages located on the [Qubes OS Website](https://www.qubes-os.org/doc/). Offline copies can be downloaded from the Qubes OS [documentation repository](https://github.com/QubesOS/qubes-doc).
diff --git a/i18n/ar/tools.md b/i18n/ar/tools.md
index 3603abf6..cac9bc4c 100644
--- a/i18n/ar/tools.md
+++ b/i18n/ar/tools.md
@@ -157,6 +157,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[Learn more :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
[Learn more :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[Learn more :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/ar/tor.md b/i18n/ar/tor.md
index 8898cf83..03456518 100644
--- a/i18n/ar/tor.md
+++ b/i18n/ar/tor.md
@@ -39,7 +39,15 @@ schema:
## الاتصال بتور
-عندك الكثير من السُّبُل للتتَّصل بشبكة تور من جهازك، وأشيعها **متصفِّح تور**، وهو تشعُّب من فيرفكس مصمَّم للتصفُّح المستور، ويُتاح في أجهزة سطح المكتب ونظام أندرويد. وزيادةً على التطبيقات المذكورة أدناه فهناك أنظمة تشغيل مصمَّمة للتتَّصل بشبكة تور، مثل [وونكس](desktop.md#whonix) في [كيوبس أوإس](desktop.md#qubes-os)، وأمانه أأمن متصفِّح تور العاديِّ.
+!!! tip
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+عندك الكثير من السُّبُل للتتَّصل بشبكة تور من جهازك، وأشيعها **متصفِّح تور**، وهو تشعُّب من فيرفكس مصمَّم للتصفُّح المستور، ويُتاح في أجهزة سطح المكتب ونظام أندرويد.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### متصفِّح تور
@@ -69,6 +77,8 @@ schema:
صمِّم متصفِّح تور لمكافحة التبصيم، أو كشف هويَّتك حسب ضبط متصفِّحك. وزبدة القول أنه عليك **ألا** تعدِّل المتصفِّح خلا [مستويات الأمن](https://tb-manual.torproject.org/security-settings/) المبدئية.
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### أُربوت
!!! recommendation
diff --git a/i18n/bn-IN/advanced/tor-overview.md b/i18n/bn-IN/advanced/tor-overview.md
index e0c5b08b..3a642929 100644
--- a/i18n/bn-IN/advanced/tor-overview.md
+++ b/i18n/bn-IN/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor is a free to use, decentralized network designed for using the
Tor is a free to use, decentralized network designed for using the internet with as much privacy as possible. If used properly, the network enables private and anonymous browsing and communications.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Path Building to Clearnet Services
"Clearnet services" are websites which you can access with any browser, like [privacyguides.org](https://www.privacyguides.org). Tor lets you connect to these websites anonymously by routing your traffic through a network comprised of thousands of volunteer-run servers called nodes (or relays).
@@ -76,13 +156,34 @@ Tor allows us to connect to a server without any single party knowing the entire
Though Tor does provide strong privacy guarantees, one must be aware that Tor is not perfect:
-- Well-funded adversaries with the capability to passively watch most network traffic over the globe have a chance of deanonymizing Tor users by means of advanced traffic analysis. Nor does Tor protect you from exposing yourself by mistake, such as if you share too much information about your real identity.
-- Tor exit nodes can also monitor traffic that passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be recorded and monitored. If such traffic contains personally identifiable information, then it can deanonymize you to that exit node. Thus, we recommend using HTTPS over Tor where possible.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Tor exit nodes can also monitor traffic that passes through them. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
If you wish to use Tor for browsing the web, we only recommend the **official** Tor Browser—it is designed to prevent fingerprinting.
- [Tor Browser :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Additional Resources
- [Tor Browser User Manual](https://tb-manual.torproject.org)
diff --git a/i18n/bn-IN/android.md b/i18n/bn-IN/android.md
index 1f47206b..8faac901 100644
--- a/i18n/bn-IN/android.md
+++ b/i18n/bn-IN/android.md
@@ -215,39 +215,6 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
-
- ??? downloads
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor performs attestation and intrusion detection by:
-
-- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
-- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
-- The *auditor* records the current state and configuration of the *auditee*.
-- Should tampering with the operating system of the *auditee* happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
-- You will be alerted to the change.
-
-No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
-
-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
-
### Secure Camera
!!! recommendation
@@ -347,7 +314,7 @@ Aurora Store does not allow you to download paid apps with their anonymous accou
### Manually with RSS Notifications
-For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](/news-aggregators) that will help you keep track of new releases.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/bn-IN/basics/common-threats.md b/i18n/bn-IN/basics/common-threats.md
index e278c0cb..9776a47b 100644
--- a/i18n/bn-IN/basics/common-threats.md
+++ b/i18n/bn-IN/basics/common-threats.md
@@ -39,7 +39,7 @@ To minimize the damage that a malicious piece of software *could* do, you should
Mobile operating systems generally have better application sandboxing than desktop operating systems: Apps can't obtain root access, and require permission for access to system resources.
- Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../../desktop/#qubes-os).
+ Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Targeted Attacks
diff --git a/i18n/bn-IN/basics/vpn-overview.md b/i18n/bn-IN/basics/vpn-overview.md
index d057a1ae..2f34dd6e 100644
--- a/i18n/bn-IN/basics/vpn-overview.md
+++ b/i18n/bn-IN/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Virtual Private Networks shift risk away from your ISP to a third-party you trust. You should keep these things in mind.
---
-Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world. An ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-A VPN can help as it can shift trust to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing into it.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## Should I use a VPN?
-**Yes**, unless you are already using Tor. A VPN does two things: shifting the risks from your Internet Service Provider to itself and hiding your IP from a third-party service.
-
-VPNs cannot encrypt data outside of the connection between your device and the VPN server. VPN providers can see and modify your traffic the same way your ISP could. And there is no way to verify a VPN provider's "no logging" policies in any way.
-
-However, they do hide your actual IP from a third-party service, provided that there are no IP leaks. They help you blend in with others and mitigate IP based tracking.
-
-## When shouldn't I use a VPN?
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
-
-## What about encryption?
-
-Encryption offered by VPN providers are between your devices and their servers. It guarantees that this specific link is secure. This is a step up from using unencrypted proxies where an adversary on the network can intercept the communications between your devices and said proxies and modify them. However, encryption between your apps or browsers with the service providers are not handled by this encryption.
-
-In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider. Consider enabling "HTTPS everywhere" in your browser to mitigate downgrade attacks like [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Should I use encrypted DNS with a VPN?
-
-Unless your VPN provider hosts the encrypted DNS servers, **no**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust and does **absolutely nothing** to improve your privacy/security. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. Instead of just trusting your VPN provider, you are now trusting both the VPN provider and the DNS provider.
-
-A common reason to recommend encrypted DNS is that it helps against DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
-
-Needless to say, **you shouldn't use encrypted DNS with Tor**. This would direct all of your DNS requests through a single circuit and would allow the encrypted DNS provider to deanonymize you.
-
-## Should I use Tor *and* a VPN?
-
-By using a VPN with Tor, you're creating essentially a permanent entry node, often with a money trail attached. This provides zero additional benefits to you, while increasing the attack surface of your connection dramatically. If you wish to hide your Tor usage from your ISP or your government, Tor has a built-in solution for that: Tor bridges. [Read more about Tor bridges and why using a VPN is not necessary](../advanced/tor-overview.md).
-
-## What if I need anonymity?
-
-VPNs cannot provide anonymity. Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data. Use [Tor](https://www.torproject.org/) instead.
-
-## What about VPN providers that provide Tor nodes?
-
-Do not use that feature. The point of using Tor is that you do not trust your VPN provider. Currently Tor only supports the [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
-
-The feature should be viewed as a convenient way to access the Tor Network, not to stay anonymous. For proper anonymity, use the Tor Browser, TorSocks, or a Tor gateway.
-
-## When are VPNs useful?
-
-A VPN may still be useful to you in a variety of scenarios, such as:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Hiding your traffic from **only** your Internet Service Provider.
1. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
-1. Hiding your IP from third-party websites and services, preventing IP based tracking.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-For situations like these, or if you have another compelling reason, the VPN providers we listed above are who we think are the most trustworthy. However, using a VPN provider still means you're *trusting* the provider. In pretty much any other scenario you should be using a secure**-by-design** tool such as Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Sources and Further Reading
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. And there is no way to verify a VPN provider's "no logging" policies in any way.
-1. [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
-1. [Tor Network Overview](../advanced/tor-overview.md)
-1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-1. ["Do I need a VPN?"](https://www.doineedavpn.com), a tool developed by IVPN to challenge aggressive VPN marketing by helping individuals decide if a VPN is right for them.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Should I use encrypted DNS with a VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
+
+## Should I use Tor *and* a VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Related VPN Information
@@ -76,3 +112,4 @@ For situations like these, or if you have another compelling reason, the VPN pro
- [Free VPN App Investigation](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Hidden VPN owners unveiled: 101 VPN products run by just 23 companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [This Chinese company is secretly behind 24 popular apps seeking dangerous permissions](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
diff --git a/i18n/bn-IN/desktop.md b/i18n/bn-IN/desktop.md
index c2b5515a..5f937ed1 100644
--- a/i18n/bn-IN/desktop.md
+++ b/i18n/bn-IN/desktop.md
@@ -120,11 +120,9 @@ Nix is a source-based package manager; if there’s no pre-built available in th
Whonix is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden.
-Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-
-Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix has various [disadvantages](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) when compared to other hypervisors.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/bn-IN/device-integrity.md b/i18n/bn-IN/device-integrity.md
new file mode 100644
index 00000000..76da114e
--- /dev/null
+++ b/i18n/bn-IN/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/bn-IN/os/qubes-overview.md b/i18n/bn-IN/os/qubes-overview.md
index a255bd21..0a3a095a 100644
--- a/i18n/bn-IN/os/qubes-overview.md
+++ b/i18n/bn-IN/os/qubes-overview.md
@@ -49,6 +49,22 @@ To copy and paste files and directories (folders) from one *qube* to another, yo
The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Qubes which allows communication between domains. It is built on top of the Xen library *vchan*, which facilitates [isolation through policies](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Additional Resources
For additional information we encourage you to consult the extensive Qubes OS documentation pages located on the [Qubes OS Website](https://www.qubes-os.org/doc/). Offline copies can be downloaded from the Qubes OS [documentation repository](https://github.com/QubesOS/qubes-doc).
diff --git a/i18n/bn-IN/tools.md b/i18n/bn-IN/tools.md
index 3603abf6..cac9bc4c 100644
--- a/i18n/bn-IN/tools.md
+++ b/i18n/bn-IN/tools.md
@@ -157,6 +157,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[Learn more :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
[Learn more :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[Learn more :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/bn-IN/tor.md b/i18n/bn-IN/tor.md
index c9fe2403..6cc662bd 100644
--- a/i18n/bn-IN/tor.md
+++ b/i18n/bn-IN/tor.md
@@ -39,7 +39,15 @@ Tor works by routing your internet traffic through those volunteer-operated serv
## Connecting to Tor
-There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android. In addition to the apps listed below, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser.
+!!! tip
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor Browser
@@ -69,6 +77,8 @@ There are a variety of ways to connect to the Tor network from your device, the
The Tor Browser is designed to prevent fingerprinting, or identifying you based on your browser configuration. Therefore, it is imperative that you do **not** modify the browser beyond the default [security levels](https://tb-manual.torproject.org/security-settings/).
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! recommendation
diff --git a/i18n/bn/advanced/tor-overview.md b/i18n/bn/advanced/tor-overview.md
index e0c5b08b..3a642929 100644
--- a/i18n/bn/advanced/tor-overview.md
+++ b/i18n/bn/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor is a free to use, decentralized network designed for using the
Tor is a free to use, decentralized network designed for using the internet with as much privacy as possible. If used properly, the network enables private and anonymous browsing and communications.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Path Building to Clearnet Services
"Clearnet services" are websites which you can access with any browser, like [privacyguides.org](https://www.privacyguides.org). Tor lets you connect to these websites anonymously by routing your traffic through a network comprised of thousands of volunteer-run servers called nodes (or relays).
@@ -76,13 +156,34 @@ Tor allows us to connect to a server without any single party knowing the entire
Though Tor does provide strong privacy guarantees, one must be aware that Tor is not perfect:
-- Well-funded adversaries with the capability to passively watch most network traffic over the globe have a chance of deanonymizing Tor users by means of advanced traffic analysis. Nor does Tor protect you from exposing yourself by mistake, such as if you share too much information about your real identity.
-- Tor exit nodes can also monitor traffic that passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be recorded and monitored. If such traffic contains personally identifiable information, then it can deanonymize you to that exit node. Thus, we recommend using HTTPS over Tor where possible.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Tor exit nodes can also monitor traffic that passes through them. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
If you wish to use Tor for browsing the web, we only recommend the **official** Tor Browser—it is designed to prevent fingerprinting.
- [Tor Browser :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Additional Resources
- [Tor Browser User Manual](https://tb-manual.torproject.org)
diff --git a/i18n/bn/android.md b/i18n/bn/android.md
index 010f15b7..38f4a98b 100644
--- a/i18n/bn/android.md
+++ b/i18n/bn/android.md
@@ -215,39 +215,6 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
-
- ??? downloads
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor performs attestation and intrusion detection by:
-
-- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
-- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
-- The *auditor* records the current state and configuration of the *auditee*.
-- Should tampering with the operating system of the *auditee* happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
-- You will be alerted to the change.
-
-No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
-
-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
-
### Secure Camera
!!! recommendation
@@ -347,7 +314,7 @@ Aurora Store does not allow you to download paid apps with their anonymous accou
### Manually with RSS Notifications
-For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](/news-aggregators) that will help you keep track of new releases.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/bn/basics/common-threats.md b/i18n/bn/basics/common-threats.md
index e278c0cb..9776a47b 100644
--- a/i18n/bn/basics/common-threats.md
+++ b/i18n/bn/basics/common-threats.md
@@ -39,7 +39,7 @@ To minimize the damage that a malicious piece of software *could* do, you should
Mobile operating systems generally have better application sandboxing than desktop operating systems: Apps can't obtain root access, and require permission for access to system resources.
- Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../../desktop/#qubes-os).
+ Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Targeted Attacks
diff --git a/i18n/bn/basics/vpn-overview.md b/i18n/bn/basics/vpn-overview.md
index d057a1ae..2f34dd6e 100644
--- a/i18n/bn/basics/vpn-overview.md
+++ b/i18n/bn/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Virtual Private Networks shift risk away from your ISP to a third-party you trust. You should keep these things in mind.
---
-Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world. An ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-A VPN can help as it can shift trust to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing into it.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## Should I use a VPN?
-**Yes**, unless you are already using Tor. A VPN does two things: shifting the risks from your Internet Service Provider to itself and hiding your IP from a third-party service.
-
-VPNs cannot encrypt data outside of the connection between your device and the VPN server. VPN providers can see and modify your traffic the same way your ISP could. And there is no way to verify a VPN provider's "no logging" policies in any way.
-
-However, they do hide your actual IP from a third-party service, provided that there are no IP leaks. They help you blend in with others and mitigate IP based tracking.
-
-## When shouldn't I use a VPN?
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
-
-## What about encryption?
-
-Encryption offered by VPN providers are between your devices and their servers. It guarantees that this specific link is secure. This is a step up from using unencrypted proxies where an adversary on the network can intercept the communications between your devices and said proxies and modify them. However, encryption between your apps or browsers with the service providers are not handled by this encryption.
-
-In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider. Consider enabling "HTTPS everywhere" in your browser to mitigate downgrade attacks like [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Should I use encrypted DNS with a VPN?
-
-Unless your VPN provider hosts the encrypted DNS servers, **no**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust and does **absolutely nothing** to improve your privacy/security. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. Instead of just trusting your VPN provider, you are now trusting both the VPN provider and the DNS provider.
-
-A common reason to recommend encrypted DNS is that it helps against DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
-
-Needless to say, **you shouldn't use encrypted DNS with Tor**. This would direct all of your DNS requests through a single circuit and would allow the encrypted DNS provider to deanonymize you.
-
-## Should I use Tor *and* a VPN?
-
-By using a VPN with Tor, you're creating essentially a permanent entry node, often with a money trail attached. This provides zero additional benefits to you, while increasing the attack surface of your connection dramatically. If you wish to hide your Tor usage from your ISP or your government, Tor has a built-in solution for that: Tor bridges. [Read more about Tor bridges and why using a VPN is not necessary](../advanced/tor-overview.md).
-
-## What if I need anonymity?
-
-VPNs cannot provide anonymity. Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data. Use [Tor](https://www.torproject.org/) instead.
-
-## What about VPN providers that provide Tor nodes?
-
-Do not use that feature. The point of using Tor is that you do not trust your VPN provider. Currently Tor only supports the [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
-
-The feature should be viewed as a convenient way to access the Tor Network, not to stay anonymous. For proper anonymity, use the Tor Browser, TorSocks, or a Tor gateway.
-
-## When are VPNs useful?
-
-A VPN may still be useful to you in a variety of scenarios, such as:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Hiding your traffic from **only** your Internet Service Provider.
1. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
-1. Hiding your IP from third-party websites and services, preventing IP based tracking.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-For situations like these, or if you have another compelling reason, the VPN providers we listed above are who we think are the most trustworthy. However, using a VPN provider still means you're *trusting* the provider. In pretty much any other scenario you should be using a secure**-by-design** tool such as Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Sources and Further Reading
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. And there is no way to verify a VPN provider's "no logging" policies in any way.
-1. [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
-1. [Tor Network Overview](../advanced/tor-overview.md)
-1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-1. ["Do I need a VPN?"](https://www.doineedavpn.com), a tool developed by IVPN to challenge aggressive VPN marketing by helping individuals decide if a VPN is right for them.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Should I use encrypted DNS with a VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
+
+## Should I use Tor *and* a VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Related VPN Information
@@ -76,3 +112,4 @@ For situations like these, or if you have another compelling reason, the VPN pro
- [Free VPN App Investigation](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Hidden VPN owners unveiled: 101 VPN products run by just 23 companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [This Chinese company is secretly behind 24 popular apps seeking dangerous permissions](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
diff --git a/i18n/bn/desktop.md b/i18n/bn/desktop.md
index c2b5515a..5f937ed1 100644
--- a/i18n/bn/desktop.md
+++ b/i18n/bn/desktop.md
@@ -120,11 +120,9 @@ Nix is a source-based package manager; if there’s no pre-built available in th
Whonix is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden.
-Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-
-Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix has various [disadvantages](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) when compared to other hypervisors.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/bn/device-integrity.md b/i18n/bn/device-integrity.md
new file mode 100644
index 00000000..76da114e
--- /dev/null
+++ b/i18n/bn/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/bn/os/qubes-overview.md b/i18n/bn/os/qubes-overview.md
index a255bd21..0a3a095a 100644
--- a/i18n/bn/os/qubes-overview.md
+++ b/i18n/bn/os/qubes-overview.md
@@ -49,6 +49,22 @@ To copy and paste files and directories (folders) from one *qube* to another, yo
The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Qubes which allows communication between domains. It is built on top of the Xen library *vchan*, which facilitates [isolation through policies](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Additional Resources
For additional information we encourage you to consult the extensive Qubes OS documentation pages located on the [Qubes OS Website](https://www.qubes-os.org/doc/). Offline copies can be downloaded from the Qubes OS [documentation repository](https://github.com/QubesOS/qubes-doc).
diff --git a/i18n/bn/tools.md b/i18n/bn/tools.md
index 3603abf6..cac9bc4c 100644
--- a/i18n/bn/tools.md
+++ b/i18n/bn/tools.md
@@ -157,6 +157,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[Learn more :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
[Learn more :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[Learn more :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/bn/tor.md b/i18n/bn/tor.md
index b8769060..333f183d 100644
--- a/i18n/bn/tor.md
+++ b/i18n/bn/tor.md
@@ -39,7 +39,15 @@ Tor works by routing your internet traffic through those volunteer-operated serv
## Connecting to Tor
-There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android. In addition to the apps listed below, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser.
+!!! tip
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor Browser
@@ -69,6 +77,8 @@ There are a variety of ways to connect to the Tor network from your device, the
The Tor Browser is designed to prevent fingerprinting, or identifying you based on your browser configuration. Therefore, it is imperative that you do **not** modify the browser beyond the default [security levels](https://tb-manual.torproject.org/security-settings/).
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! recommendation
diff --git a/i18n/cs/advanced/tor-overview.md b/i18n/cs/advanced/tor-overview.md
index e0c5b08b..3a642929 100644
--- a/i18n/cs/advanced/tor-overview.md
+++ b/i18n/cs/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor is a free to use, decentralized network designed for using the
Tor is a free to use, decentralized network designed for using the internet with as much privacy as possible. If used properly, the network enables private and anonymous browsing and communications.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Path Building to Clearnet Services
"Clearnet services" are websites which you can access with any browser, like [privacyguides.org](https://www.privacyguides.org). Tor lets you connect to these websites anonymously by routing your traffic through a network comprised of thousands of volunteer-run servers called nodes (or relays).
@@ -76,13 +156,34 @@ Tor allows us to connect to a server without any single party knowing the entire
Though Tor does provide strong privacy guarantees, one must be aware that Tor is not perfect:
-- Well-funded adversaries with the capability to passively watch most network traffic over the globe have a chance of deanonymizing Tor users by means of advanced traffic analysis. Nor does Tor protect you from exposing yourself by mistake, such as if you share too much information about your real identity.
-- Tor exit nodes can also monitor traffic that passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be recorded and monitored. If such traffic contains personally identifiable information, then it can deanonymize you to that exit node. Thus, we recommend using HTTPS over Tor where possible.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Tor exit nodes can also monitor traffic that passes through them. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
If you wish to use Tor for browsing the web, we only recommend the **official** Tor Browser—it is designed to prevent fingerprinting.
- [Tor Browser :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Additional Resources
- [Tor Browser User Manual](https://tb-manual.torproject.org)
diff --git a/i18n/cs/android.md b/i18n/cs/android.md
index 010f15b7..38f4a98b 100644
--- a/i18n/cs/android.md
+++ b/i18n/cs/android.md
@@ -215,39 +215,6 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
-
- ??? downloads
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor performs attestation and intrusion detection by:
-
-- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
-- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
-- The *auditor* records the current state and configuration of the *auditee*.
-- Should tampering with the operating system of the *auditee* happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
-- You will be alerted to the change.
-
-No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
-
-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
-
### Secure Camera
!!! recommendation
@@ -347,7 +314,7 @@ Aurora Store does not allow you to download paid apps with their anonymous accou
### Manually with RSS Notifications
-For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](/news-aggregators) that will help you keep track of new releases.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/cs/basics/common-threats.md b/i18n/cs/basics/common-threats.md
index e278c0cb..9776a47b 100644
--- a/i18n/cs/basics/common-threats.md
+++ b/i18n/cs/basics/common-threats.md
@@ -39,7 +39,7 @@ To minimize the damage that a malicious piece of software *could* do, you should
Mobile operating systems generally have better application sandboxing than desktop operating systems: Apps can't obtain root access, and require permission for access to system resources.
- Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../../desktop/#qubes-os).
+ Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Targeted Attacks
diff --git a/i18n/cs/basics/vpn-overview.md b/i18n/cs/basics/vpn-overview.md
index d057a1ae..2f34dd6e 100644
--- a/i18n/cs/basics/vpn-overview.md
+++ b/i18n/cs/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Virtual Private Networks shift risk away from your ISP to a third-party you trust. You should keep these things in mind.
---
-Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world. An ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-A VPN can help as it can shift trust to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing into it.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## Should I use a VPN?
-**Yes**, unless you are already using Tor. A VPN does two things: shifting the risks from your Internet Service Provider to itself and hiding your IP from a third-party service.
-
-VPNs cannot encrypt data outside of the connection between your device and the VPN server. VPN providers can see and modify your traffic the same way your ISP could. And there is no way to verify a VPN provider's "no logging" policies in any way.
-
-However, they do hide your actual IP from a third-party service, provided that there are no IP leaks. They help you blend in with others and mitigate IP based tracking.
-
-## When shouldn't I use a VPN?
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
-
-## What about encryption?
-
-Encryption offered by VPN providers are between your devices and their servers. It guarantees that this specific link is secure. This is a step up from using unencrypted proxies where an adversary on the network can intercept the communications between your devices and said proxies and modify them. However, encryption between your apps or browsers with the service providers are not handled by this encryption.
-
-In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider. Consider enabling "HTTPS everywhere" in your browser to mitigate downgrade attacks like [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Should I use encrypted DNS with a VPN?
-
-Unless your VPN provider hosts the encrypted DNS servers, **no**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust and does **absolutely nothing** to improve your privacy/security. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. Instead of just trusting your VPN provider, you are now trusting both the VPN provider and the DNS provider.
-
-A common reason to recommend encrypted DNS is that it helps against DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
-
-Needless to say, **you shouldn't use encrypted DNS with Tor**. This would direct all of your DNS requests through a single circuit and would allow the encrypted DNS provider to deanonymize you.
-
-## Should I use Tor *and* a VPN?
-
-By using a VPN with Tor, you're creating essentially a permanent entry node, often with a money trail attached. This provides zero additional benefits to you, while increasing the attack surface of your connection dramatically. If you wish to hide your Tor usage from your ISP or your government, Tor has a built-in solution for that: Tor bridges. [Read more about Tor bridges and why using a VPN is not necessary](../advanced/tor-overview.md).
-
-## What if I need anonymity?
-
-VPNs cannot provide anonymity. Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data. Use [Tor](https://www.torproject.org/) instead.
-
-## What about VPN providers that provide Tor nodes?
-
-Do not use that feature. The point of using Tor is that you do not trust your VPN provider. Currently Tor only supports the [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
-
-The feature should be viewed as a convenient way to access the Tor Network, not to stay anonymous. For proper anonymity, use the Tor Browser, TorSocks, or a Tor gateway.
-
-## When are VPNs useful?
-
-A VPN may still be useful to you in a variety of scenarios, such as:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Hiding your traffic from **only** your Internet Service Provider.
1. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
-1. Hiding your IP from third-party websites and services, preventing IP based tracking.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-For situations like these, or if you have another compelling reason, the VPN providers we listed above are who we think are the most trustworthy. However, using a VPN provider still means you're *trusting* the provider. In pretty much any other scenario you should be using a secure**-by-design** tool such as Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Sources and Further Reading
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. And there is no way to verify a VPN provider's "no logging" policies in any way.
-1. [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
-1. [Tor Network Overview](../advanced/tor-overview.md)
-1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-1. ["Do I need a VPN?"](https://www.doineedavpn.com), a tool developed by IVPN to challenge aggressive VPN marketing by helping individuals decide if a VPN is right for them.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Should I use encrypted DNS with a VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
+
+## Should I use Tor *and* a VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Related VPN Information
@@ -76,3 +112,4 @@ For situations like these, or if you have another compelling reason, the VPN pro
- [Free VPN App Investigation](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Hidden VPN owners unveiled: 101 VPN products run by just 23 companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [This Chinese company is secretly behind 24 popular apps seeking dangerous permissions](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
diff --git a/i18n/cs/desktop.md b/i18n/cs/desktop.md
index c2b5515a..5f937ed1 100644
--- a/i18n/cs/desktop.md
+++ b/i18n/cs/desktop.md
@@ -120,11 +120,9 @@ Nix is a source-based package manager; if there’s no pre-built available in th
Whonix is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden.
-Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-
-Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix has various [disadvantages](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) when compared to other hypervisors.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/cs/device-integrity.md b/i18n/cs/device-integrity.md
new file mode 100644
index 00000000..76da114e
--- /dev/null
+++ b/i18n/cs/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/cs/os/qubes-overview.md b/i18n/cs/os/qubes-overview.md
index a255bd21..0a3a095a 100644
--- a/i18n/cs/os/qubes-overview.md
+++ b/i18n/cs/os/qubes-overview.md
@@ -49,6 +49,22 @@ To copy and paste files and directories (folders) from one *qube* to another, yo
The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Qubes which allows communication between domains. It is built on top of the Xen library *vchan*, which facilitates [isolation through policies](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Additional Resources
For additional information we encourage you to consult the extensive Qubes OS documentation pages located on the [Qubes OS Website](https://www.qubes-os.org/doc/). Offline copies can be downloaded from the Qubes OS [documentation repository](https://github.com/QubesOS/qubes-doc).
diff --git a/i18n/cs/tools.md b/i18n/cs/tools.md
index 3603abf6..cac9bc4c 100644
--- a/i18n/cs/tools.md
+++ b/i18n/cs/tools.md
@@ -157,6 +157,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[Learn more :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
[Learn more :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[Learn more :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/cs/tor.md b/i18n/cs/tor.md
index d4293334..49b297da 100644
--- a/i18n/cs/tor.md
+++ b/i18n/cs/tor.md
@@ -39,7 +39,15 @@ Tor works by routing your internet traffic through those volunteer-operated serv
## Connecting to Tor
-There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android. In addition to the apps listed below, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser.
+!!! tip
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor Browser
@@ -69,6 +77,8 @@ There are a variety of ways to connect to the Tor network from your device, the
The Tor Browser is designed to prevent fingerprinting, or identifying you based on your browser configuration. Therefore, it is imperative that you do **not** modify the browser beyond the default [security levels](https://tb-manual.torproject.org/security-settings/).
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! recommendation
diff --git a/i18n/de/advanced/tor-overview.md b/i18n/de/advanced/tor-overview.md
index e0c5b08b..3a642929 100644
--- a/i18n/de/advanced/tor-overview.md
+++ b/i18n/de/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor is a free to use, decentralized network designed for using the
Tor is a free to use, decentralized network designed for using the internet with as much privacy as possible. If used properly, the network enables private and anonymous browsing and communications.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Path Building to Clearnet Services
"Clearnet services" are websites which you can access with any browser, like [privacyguides.org](https://www.privacyguides.org). Tor lets you connect to these websites anonymously by routing your traffic through a network comprised of thousands of volunteer-run servers called nodes (or relays).
@@ -76,13 +156,34 @@ Tor allows us to connect to a server without any single party knowing the entire
Though Tor does provide strong privacy guarantees, one must be aware that Tor is not perfect:
-- Well-funded adversaries with the capability to passively watch most network traffic over the globe have a chance of deanonymizing Tor users by means of advanced traffic analysis. Nor does Tor protect you from exposing yourself by mistake, such as if you share too much information about your real identity.
-- Tor exit nodes can also monitor traffic that passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be recorded and monitored. If such traffic contains personally identifiable information, then it can deanonymize you to that exit node. Thus, we recommend using HTTPS over Tor where possible.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Tor exit nodes can also monitor traffic that passes through them. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
If you wish to use Tor for browsing the web, we only recommend the **official** Tor Browser—it is designed to prevent fingerprinting.
- [Tor Browser :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Additional Resources
- [Tor Browser User Manual](https://tb-manual.torproject.org)
diff --git a/i18n/de/android.md b/i18n/de/android.md
index 811b2b97..f6060163 100644
--- a/i18n/de/android.md
+++ b/i18n/de/android.md
@@ -215,39 +215,6 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
-
- ??? downloads
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor performs attestation and intrusion detection by:
-
-- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
-- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
-- The *auditor* records the current state and configuration of the *auditee*.
-- Should tampering with the operating system of the *auditee* happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
-- You will be alerted to the change.
-
-No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
-
-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
-
### Sichere Kamera
!!! recommendation
@@ -347,7 +314,7 @@ Aurora Store does not allow you to download paid apps with their anonymous accou
### Manually with RSS Notifications
-For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](/news-aggregators) that will help you keep track of new releases.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/de/basics/common-threats.md b/i18n/de/basics/common-threats.md
index 7fdb4aa1..22297c00 100644
--- a/i18n/de/basics/common-threats.md
+++ b/i18n/de/basics/common-threats.md
@@ -39,7 +39,7 @@ To minimize the damage that a malicious piece of software *could* do, you should
Mobile operating systems generally have better application sandboxing than desktop operating systems: Apps can't obtain root access, and require permission for access to system resources.
- Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../../desktop/#qubes-os).
+ Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Targeted Attacks
diff --git a/i18n/de/basics/vpn-overview.md b/i18n/de/basics/vpn-overview.md
index d057a1ae..2f34dd6e 100644
--- a/i18n/de/basics/vpn-overview.md
+++ b/i18n/de/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Virtual Private Networks shift risk away from your ISP to a third-party you trust. You should keep these things in mind.
---
-Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world. An ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-A VPN can help as it can shift trust to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing into it.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## Should I use a VPN?
-**Yes**, unless you are already using Tor. A VPN does two things: shifting the risks from your Internet Service Provider to itself and hiding your IP from a third-party service.
-
-VPNs cannot encrypt data outside of the connection between your device and the VPN server. VPN providers can see and modify your traffic the same way your ISP could. And there is no way to verify a VPN provider's "no logging" policies in any way.
-
-However, they do hide your actual IP from a third-party service, provided that there are no IP leaks. They help you blend in with others and mitigate IP based tracking.
-
-## When shouldn't I use a VPN?
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
-
-## What about encryption?
-
-Encryption offered by VPN providers are between your devices and their servers. It guarantees that this specific link is secure. This is a step up from using unencrypted proxies where an adversary on the network can intercept the communications between your devices and said proxies and modify them. However, encryption between your apps or browsers with the service providers are not handled by this encryption.
-
-In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider. Consider enabling "HTTPS everywhere" in your browser to mitigate downgrade attacks like [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Should I use encrypted DNS with a VPN?
-
-Unless your VPN provider hosts the encrypted DNS servers, **no**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust and does **absolutely nothing** to improve your privacy/security. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. Instead of just trusting your VPN provider, you are now trusting both the VPN provider and the DNS provider.
-
-A common reason to recommend encrypted DNS is that it helps against DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
-
-Needless to say, **you shouldn't use encrypted DNS with Tor**. This would direct all of your DNS requests through a single circuit and would allow the encrypted DNS provider to deanonymize you.
-
-## Should I use Tor *and* a VPN?
-
-By using a VPN with Tor, you're creating essentially a permanent entry node, often with a money trail attached. This provides zero additional benefits to you, while increasing the attack surface of your connection dramatically. If you wish to hide your Tor usage from your ISP or your government, Tor has a built-in solution for that: Tor bridges. [Read more about Tor bridges and why using a VPN is not necessary](../advanced/tor-overview.md).
-
-## What if I need anonymity?
-
-VPNs cannot provide anonymity. Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data. Use [Tor](https://www.torproject.org/) instead.
-
-## What about VPN providers that provide Tor nodes?
-
-Do not use that feature. The point of using Tor is that you do not trust your VPN provider. Currently Tor only supports the [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
-
-The feature should be viewed as a convenient way to access the Tor Network, not to stay anonymous. For proper anonymity, use the Tor Browser, TorSocks, or a Tor gateway.
-
-## When are VPNs useful?
-
-A VPN may still be useful to you in a variety of scenarios, such as:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Hiding your traffic from **only** your Internet Service Provider.
1. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
-1. Hiding your IP from third-party websites and services, preventing IP based tracking.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-For situations like these, or if you have another compelling reason, the VPN providers we listed above are who we think are the most trustworthy. However, using a VPN provider still means you're *trusting* the provider. In pretty much any other scenario you should be using a secure**-by-design** tool such as Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Sources and Further Reading
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. And there is no way to verify a VPN provider's "no logging" policies in any way.
-1. [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
-1. [Tor Network Overview](../advanced/tor-overview.md)
-1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-1. ["Do I need a VPN?"](https://www.doineedavpn.com), a tool developed by IVPN to challenge aggressive VPN marketing by helping individuals decide if a VPN is right for them.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Should I use encrypted DNS with a VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
+
+## Should I use Tor *and* a VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Related VPN Information
@@ -76,3 +112,4 @@ For situations like these, or if you have another compelling reason, the VPN pro
- [Free VPN App Investigation](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Hidden VPN owners unveiled: 101 VPN products run by just 23 companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [This Chinese company is secretly behind 24 popular apps seeking dangerous permissions](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
diff --git a/i18n/de/desktop.md b/i18n/de/desktop.md
index c2b5515a..5f937ed1 100644
--- a/i18n/de/desktop.md
+++ b/i18n/de/desktop.md
@@ -120,11 +120,9 @@ Nix is a source-based package manager; if there’s no pre-built available in th
Whonix is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden.
-Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-
-Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix has various [disadvantages](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) when compared to other hypervisors.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/de/device-integrity.md b/i18n/de/device-integrity.md
new file mode 100644
index 00000000..76da114e
--- /dev/null
+++ b/i18n/de/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/de/os/qubes-overview.md b/i18n/de/os/qubes-overview.md
index a255bd21..0a3a095a 100644
--- a/i18n/de/os/qubes-overview.md
+++ b/i18n/de/os/qubes-overview.md
@@ -49,6 +49,22 @@ To copy and paste files and directories (folders) from one *qube* to another, yo
The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Qubes which allows communication between domains. It is built on top of the Xen library *vchan*, which facilitates [isolation through policies](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Additional Resources
For additional information we encourage you to consult the extensive Qubes OS documentation pages located on the [Qubes OS Website](https://www.qubes-os.org/doc/). Offline copies can be downloaded from the Qubes OS [documentation repository](https://github.com/QubesOS/qubes-doc).
diff --git a/i18n/de/tools.md b/i18n/de/tools.md
index 148d5a5c..b0332df8 100644
--- a/i18n/de/tools.md
+++ b/i18n/de/tools.md
@@ -157,6 +157,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[Learn more :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
[Learn more :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[Learn more :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/de/tor.md b/i18n/de/tor.md
index 6e2c8d9c..55ddb68a 100644
--- a/i18n/de/tor.md
+++ b/i18n/de/tor.md
@@ -39,7 +39,15 @@ Tor funktioniert, indem es deinen Internetverkehr über diese von Freiwilligen b
## Verbinden mit Tor
-Es gibt eine Vielzahl von Möglichkeiten, sich von deinem Gerät aus mit dem Tor-Netzwerk zu verbinden. Die am häufigsten genutzte ist der **Tor Browser**, ein Fork (Abwandlung) von Firefox, der für anonymes Surfen für Desktop-Computer und Android entwickelt wurde. Zusätzlich zu den unten aufgeführten Apps gibt es auch Betriebssysteme, die speziell für die Verbindung mit dem Tor-Netzwerk entwickelt wurden, wie [Whonix](desktop.md#whonix) oder [Qubes OS](desktop.md#qubes-os), die noch mehr Sicherheit und Schutz bieten als der Standard-Tor-Browser.
+!!! tip
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+Es gibt eine Vielzahl von Möglichkeiten, sich von deinem Gerät aus mit dem Tor-Netzwerk zu verbinden. Die am häufigsten genutzte ist der **Tor Browser**, ein Fork (Abwandlung) von Firefox, der für anonymes Surfen für Desktop-Computer und Android entwickelt wurde.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor Browser
@@ -69,6 +77,8 @@ Es gibt eine Vielzahl von Möglichkeiten, sich von deinem Gerät aus mit dem Tor
Der Tor-Browser wurde entwickelt, um Fingerprinting zu verhindern, oder um dich anhand deiner Browserkonfiguration zu identifizieren. Daher ist es zwingend erforderlich, dass du den Browser in **keiner Weise**veränderst, abgesehen von der Anpassung der [Standard-Sicherheitsstufen](https://tb-manual.torproject.org/security-settings/).
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! recommendation
diff --git a/i18n/el/advanced/tor-overview.md b/i18n/el/advanced/tor-overview.md
index e0c5b08b..3a642929 100644
--- a/i18n/el/advanced/tor-overview.md
+++ b/i18n/el/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor is a free to use, decentralized network designed for using the
Tor is a free to use, decentralized network designed for using the internet with as much privacy as possible. If used properly, the network enables private and anonymous browsing and communications.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Path Building to Clearnet Services
"Clearnet services" are websites which you can access with any browser, like [privacyguides.org](https://www.privacyguides.org). Tor lets you connect to these websites anonymously by routing your traffic through a network comprised of thousands of volunteer-run servers called nodes (or relays).
@@ -76,13 +156,34 @@ Tor allows us to connect to a server without any single party knowing the entire
Though Tor does provide strong privacy guarantees, one must be aware that Tor is not perfect:
-- Well-funded adversaries with the capability to passively watch most network traffic over the globe have a chance of deanonymizing Tor users by means of advanced traffic analysis. Nor does Tor protect you from exposing yourself by mistake, such as if you share too much information about your real identity.
-- Tor exit nodes can also monitor traffic that passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be recorded and monitored. If such traffic contains personally identifiable information, then it can deanonymize you to that exit node. Thus, we recommend using HTTPS over Tor where possible.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Tor exit nodes can also monitor traffic that passes through them. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
If you wish to use Tor for browsing the web, we only recommend the **official** Tor Browser—it is designed to prevent fingerprinting.
- [Tor Browser :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Additional Resources
- [Tor Browser User Manual](https://tb-manual.torproject.org)
diff --git a/i18n/el/android.md b/i18n/el/android.md
index 010f15b7..38f4a98b 100644
--- a/i18n/el/android.md
+++ b/i18n/el/android.md
@@ -215,39 +215,6 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
-
- ??? downloads
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor performs attestation and intrusion detection by:
-
-- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
-- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
-- The *auditor* records the current state and configuration of the *auditee*.
-- Should tampering with the operating system of the *auditee* happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
-- You will be alerted to the change.
-
-No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
-
-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
-
### Secure Camera
!!! recommendation
@@ -347,7 +314,7 @@ Aurora Store does not allow you to download paid apps with their anonymous accou
### Manually with RSS Notifications
-For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](/news-aggregators) that will help you keep track of new releases.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/el/basics/common-threats.md b/i18n/el/basics/common-threats.md
index e278c0cb..9776a47b 100644
--- a/i18n/el/basics/common-threats.md
+++ b/i18n/el/basics/common-threats.md
@@ -39,7 +39,7 @@ To minimize the damage that a malicious piece of software *could* do, you should
Mobile operating systems generally have better application sandboxing than desktop operating systems: Apps can't obtain root access, and require permission for access to system resources.
- Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../../desktop/#qubes-os).
+ Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Targeted Attacks
diff --git a/i18n/el/basics/vpn-overview.md b/i18n/el/basics/vpn-overview.md
index d057a1ae..2f34dd6e 100644
--- a/i18n/el/basics/vpn-overview.md
+++ b/i18n/el/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Virtual Private Networks shift risk away from your ISP to a third-party you trust. You should keep these things in mind.
---
-Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world. An ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-A VPN can help as it can shift trust to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing into it.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## Should I use a VPN?
-**Yes**, unless you are already using Tor. A VPN does two things: shifting the risks from your Internet Service Provider to itself and hiding your IP from a third-party service.
-
-VPNs cannot encrypt data outside of the connection between your device and the VPN server. VPN providers can see and modify your traffic the same way your ISP could. And there is no way to verify a VPN provider's "no logging" policies in any way.
-
-However, they do hide your actual IP from a third-party service, provided that there are no IP leaks. They help you blend in with others and mitigate IP based tracking.
-
-## When shouldn't I use a VPN?
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
-
-## What about encryption?
-
-Encryption offered by VPN providers are between your devices and their servers. It guarantees that this specific link is secure. This is a step up from using unencrypted proxies where an adversary on the network can intercept the communications between your devices and said proxies and modify them. However, encryption between your apps or browsers with the service providers are not handled by this encryption.
-
-In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider. Consider enabling "HTTPS everywhere" in your browser to mitigate downgrade attacks like [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Should I use encrypted DNS with a VPN?
-
-Unless your VPN provider hosts the encrypted DNS servers, **no**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust and does **absolutely nothing** to improve your privacy/security. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. Instead of just trusting your VPN provider, you are now trusting both the VPN provider and the DNS provider.
-
-A common reason to recommend encrypted DNS is that it helps against DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
-
-Needless to say, **you shouldn't use encrypted DNS with Tor**. This would direct all of your DNS requests through a single circuit and would allow the encrypted DNS provider to deanonymize you.
-
-## Should I use Tor *and* a VPN?
-
-By using a VPN with Tor, you're creating essentially a permanent entry node, often with a money trail attached. This provides zero additional benefits to you, while increasing the attack surface of your connection dramatically. If you wish to hide your Tor usage from your ISP or your government, Tor has a built-in solution for that: Tor bridges. [Read more about Tor bridges and why using a VPN is not necessary](../advanced/tor-overview.md).
-
-## What if I need anonymity?
-
-VPNs cannot provide anonymity. Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data. Use [Tor](https://www.torproject.org/) instead.
-
-## What about VPN providers that provide Tor nodes?
-
-Do not use that feature. The point of using Tor is that you do not trust your VPN provider. Currently Tor only supports the [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
-
-The feature should be viewed as a convenient way to access the Tor Network, not to stay anonymous. For proper anonymity, use the Tor Browser, TorSocks, or a Tor gateway.
-
-## When are VPNs useful?
-
-A VPN may still be useful to you in a variety of scenarios, such as:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Hiding your traffic from **only** your Internet Service Provider.
1. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
-1. Hiding your IP from third-party websites and services, preventing IP based tracking.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-For situations like these, or if you have another compelling reason, the VPN providers we listed above are who we think are the most trustworthy. However, using a VPN provider still means you're *trusting* the provider. In pretty much any other scenario you should be using a secure**-by-design** tool such as Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Sources and Further Reading
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. And there is no way to verify a VPN provider's "no logging" policies in any way.
-1. [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
-1. [Tor Network Overview](../advanced/tor-overview.md)
-1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-1. ["Do I need a VPN?"](https://www.doineedavpn.com), a tool developed by IVPN to challenge aggressive VPN marketing by helping individuals decide if a VPN is right for them.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Should I use encrypted DNS with a VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
+
+## Should I use Tor *and* a VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Related VPN Information
@@ -76,3 +112,4 @@ For situations like these, or if you have another compelling reason, the VPN pro
- [Free VPN App Investigation](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Hidden VPN owners unveiled: 101 VPN products run by just 23 companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [This Chinese company is secretly behind 24 popular apps seeking dangerous permissions](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
diff --git a/i18n/el/desktop.md b/i18n/el/desktop.md
index c2b5515a..5f937ed1 100644
--- a/i18n/el/desktop.md
+++ b/i18n/el/desktop.md
@@ -120,11 +120,9 @@ Nix is a source-based package manager; if there’s no pre-built available in th
Whonix is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden.
-Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-
-Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix has various [disadvantages](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) when compared to other hypervisors.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/el/device-integrity.md b/i18n/el/device-integrity.md
new file mode 100644
index 00000000..76da114e
--- /dev/null
+++ b/i18n/el/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/el/os/qubes-overview.md b/i18n/el/os/qubes-overview.md
index a255bd21..0a3a095a 100644
--- a/i18n/el/os/qubes-overview.md
+++ b/i18n/el/os/qubes-overview.md
@@ -49,6 +49,22 @@ To copy and paste files and directories (folders) from one *qube* to another, yo
The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Qubes which allows communication between domains. It is built on top of the Xen library *vchan*, which facilitates [isolation through policies](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Additional Resources
For additional information we encourage you to consult the extensive Qubes OS documentation pages located on the [Qubes OS Website](https://www.qubes-os.org/doc/). Offline copies can be downloaded from the Qubes OS [documentation repository](https://github.com/QubesOS/qubes-doc).
diff --git a/i18n/el/tools.md b/i18n/el/tools.md
index 42181a7d..67027cd6 100644
--- a/i18n/el/tools.md
+++ b/i18n/el/tools.md
@@ -157,6 +157,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[Learn more :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
[Learn more :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[Learn more :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/el/tor.md b/i18n/el/tor.md
index d4293334..49b297da 100644
--- a/i18n/el/tor.md
+++ b/i18n/el/tor.md
@@ -39,7 +39,15 @@ Tor works by routing your internet traffic through those volunteer-operated serv
## Connecting to Tor
-There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android. In addition to the apps listed below, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser.
+!!! tip
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor Browser
@@ -69,6 +77,8 @@ There are a variety of ways to connect to the Tor network from your device, the
The Tor Browser is designed to prevent fingerprinting, or identifying you based on your browser configuration. Therefore, it is imperative that you do **not** modify the browser beyond the default [security levels](https://tb-manual.torproject.org/security-settings/).
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! recommendation
diff --git a/i18n/eo/advanced/tor-overview.md b/i18n/eo/advanced/tor-overview.md
index e0c5b08b..3a642929 100644
--- a/i18n/eo/advanced/tor-overview.md
+++ b/i18n/eo/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor is a free to use, decentralized network designed for using the
Tor is a free to use, decentralized network designed for using the internet with as much privacy as possible. If used properly, the network enables private and anonymous browsing and communications.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Path Building to Clearnet Services
"Clearnet services" are websites which you can access with any browser, like [privacyguides.org](https://www.privacyguides.org). Tor lets you connect to these websites anonymously by routing your traffic through a network comprised of thousands of volunteer-run servers called nodes (or relays).
@@ -76,13 +156,34 @@ Tor allows us to connect to a server without any single party knowing the entire
Though Tor does provide strong privacy guarantees, one must be aware that Tor is not perfect:
-- Well-funded adversaries with the capability to passively watch most network traffic over the globe have a chance of deanonymizing Tor users by means of advanced traffic analysis. Nor does Tor protect you from exposing yourself by mistake, such as if you share too much information about your real identity.
-- Tor exit nodes can also monitor traffic that passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be recorded and monitored. If such traffic contains personally identifiable information, then it can deanonymize you to that exit node. Thus, we recommend using HTTPS over Tor where possible.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Tor exit nodes can also monitor traffic that passes through them. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
If you wish to use Tor for browsing the web, we only recommend the **official** Tor Browser—it is designed to prevent fingerprinting.
- [Tor Browser :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Additional Resources
- [Tor Browser User Manual](https://tb-manual.torproject.org)
diff --git a/i18n/eo/android.md b/i18n/eo/android.md
index 010f15b7..38f4a98b 100644
--- a/i18n/eo/android.md
+++ b/i18n/eo/android.md
@@ -215,39 +215,6 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
-
- ??? downloads
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor performs attestation and intrusion detection by:
-
-- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
-- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
-- The *auditor* records the current state and configuration of the *auditee*.
-- Should tampering with the operating system of the *auditee* happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
-- You will be alerted to the change.
-
-No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
-
-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
-
### Secure Camera
!!! recommendation
@@ -347,7 +314,7 @@ Aurora Store does not allow you to download paid apps with their anonymous accou
### Manually with RSS Notifications
-For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](/news-aggregators) that will help you keep track of new releases.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/eo/basics/common-threats.md b/i18n/eo/basics/common-threats.md
index 0f2fb8ca..f55b8361 100644
--- a/i18n/eo/basics/common-threats.md
+++ b/i18n/eo/basics/common-threats.md
@@ -39,7 +39,7 @@ To minimize the damage that a malicious piece of software *could* do, you should
Mobile operating systems generally have better application sandboxing than desktop operating systems: Apps can't obtain root access, and require permission for access to system resources.
- Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../../desktop/#qubes-os).
+ Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Targeted Attacks
diff --git a/i18n/eo/basics/vpn-overview.md b/i18n/eo/basics/vpn-overview.md
index d057a1ae..2f34dd6e 100644
--- a/i18n/eo/basics/vpn-overview.md
+++ b/i18n/eo/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Virtual Private Networks shift risk away from your ISP to a third-party you trust. You should keep these things in mind.
---
-Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world. An ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-A VPN can help as it can shift trust to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing into it.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## Should I use a VPN?
-**Yes**, unless you are already using Tor. A VPN does two things: shifting the risks from your Internet Service Provider to itself and hiding your IP from a third-party service.
-
-VPNs cannot encrypt data outside of the connection between your device and the VPN server. VPN providers can see and modify your traffic the same way your ISP could. And there is no way to verify a VPN provider's "no logging" policies in any way.
-
-However, they do hide your actual IP from a third-party service, provided that there are no IP leaks. They help you blend in with others and mitigate IP based tracking.
-
-## When shouldn't I use a VPN?
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
-
-## What about encryption?
-
-Encryption offered by VPN providers are between your devices and their servers. It guarantees that this specific link is secure. This is a step up from using unencrypted proxies where an adversary on the network can intercept the communications between your devices and said proxies and modify them. However, encryption between your apps or browsers with the service providers are not handled by this encryption.
-
-In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider. Consider enabling "HTTPS everywhere" in your browser to mitigate downgrade attacks like [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Should I use encrypted DNS with a VPN?
-
-Unless your VPN provider hosts the encrypted DNS servers, **no**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust and does **absolutely nothing** to improve your privacy/security. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. Instead of just trusting your VPN provider, you are now trusting both the VPN provider and the DNS provider.
-
-A common reason to recommend encrypted DNS is that it helps against DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
-
-Needless to say, **you shouldn't use encrypted DNS with Tor**. This would direct all of your DNS requests through a single circuit and would allow the encrypted DNS provider to deanonymize you.
-
-## Should I use Tor *and* a VPN?
-
-By using a VPN with Tor, you're creating essentially a permanent entry node, often with a money trail attached. This provides zero additional benefits to you, while increasing the attack surface of your connection dramatically. If you wish to hide your Tor usage from your ISP or your government, Tor has a built-in solution for that: Tor bridges. [Read more about Tor bridges and why using a VPN is not necessary](../advanced/tor-overview.md).
-
-## What if I need anonymity?
-
-VPNs cannot provide anonymity. Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data. Use [Tor](https://www.torproject.org/) instead.
-
-## What about VPN providers that provide Tor nodes?
-
-Do not use that feature. The point of using Tor is that you do not trust your VPN provider. Currently Tor only supports the [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
-
-The feature should be viewed as a convenient way to access the Tor Network, not to stay anonymous. For proper anonymity, use the Tor Browser, TorSocks, or a Tor gateway.
-
-## When are VPNs useful?
-
-A VPN may still be useful to you in a variety of scenarios, such as:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Hiding your traffic from **only** your Internet Service Provider.
1. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
-1. Hiding your IP from third-party websites and services, preventing IP based tracking.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-For situations like these, or if you have another compelling reason, the VPN providers we listed above are who we think are the most trustworthy. However, using a VPN provider still means you're *trusting* the provider. In pretty much any other scenario you should be using a secure**-by-design** tool such as Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Sources and Further Reading
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. And there is no way to verify a VPN provider's "no logging" policies in any way.
-1. [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
-1. [Tor Network Overview](../advanced/tor-overview.md)
-1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-1. ["Do I need a VPN?"](https://www.doineedavpn.com), a tool developed by IVPN to challenge aggressive VPN marketing by helping individuals decide if a VPN is right for them.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Should I use encrypted DNS with a VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
+
+## Should I use Tor *and* a VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Related VPN Information
@@ -76,3 +112,4 @@ For situations like these, or if you have another compelling reason, the VPN pro
- [Free VPN App Investigation](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Hidden VPN owners unveiled: 101 VPN products run by just 23 companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [This Chinese company is secretly behind 24 popular apps seeking dangerous permissions](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
diff --git a/i18n/eo/desktop.md b/i18n/eo/desktop.md
index c2b5515a..5f937ed1 100644
--- a/i18n/eo/desktop.md
+++ b/i18n/eo/desktop.md
@@ -120,11 +120,9 @@ Nix is a source-based package manager; if there’s no pre-built available in th
Whonix is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden.
-Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-
-Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix has various [disadvantages](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) when compared to other hypervisors.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/eo/device-integrity.md b/i18n/eo/device-integrity.md
new file mode 100644
index 00000000..76da114e
--- /dev/null
+++ b/i18n/eo/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/eo/os/qubes-overview.md b/i18n/eo/os/qubes-overview.md
index a255bd21..0a3a095a 100644
--- a/i18n/eo/os/qubes-overview.md
+++ b/i18n/eo/os/qubes-overview.md
@@ -49,6 +49,22 @@ To copy and paste files and directories (folders) from one *qube* to another, yo
The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Qubes which allows communication between domains. It is built on top of the Xen library *vchan*, which facilitates [isolation through policies](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Additional Resources
For additional information we encourage you to consult the extensive Qubes OS documentation pages located on the [Qubes OS Website](https://www.qubes-os.org/doc/). Offline copies can be downloaded from the Qubes OS [documentation repository](https://github.com/QubesOS/qubes-doc).
diff --git a/i18n/eo/tools.md b/i18n/eo/tools.md
index 3603abf6..cac9bc4c 100644
--- a/i18n/eo/tools.md
+++ b/i18n/eo/tools.md
@@ -157,6 +157,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[Learn more :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
[Learn more :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[Learn more :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/eo/tor.md b/i18n/eo/tor.md
index d4293334..49b297da 100644
--- a/i18n/eo/tor.md
+++ b/i18n/eo/tor.md
@@ -39,7 +39,15 @@ Tor works by routing your internet traffic through those volunteer-operated serv
## Connecting to Tor
-There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android. In addition to the apps listed below, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser.
+!!! tip
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor Browser
@@ -69,6 +77,8 @@ There are a variety of ways to connect to the Tor network from your device, the
The Tor Browser is designed to prevent fingerprinting, or identifying you based on your browser configuration. Therefore, it is imperative that you do **not** modify the browser beyond the default [security levels](https://tb-manual.torproject.org/security-settings/).
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! recommendation
diff --git a/i18n/es/advanced/tor-overview.md b/i18n/es/advanced/tor-overview.md
index 7d2cd630..ea53744b 100644
--- a/i18n/es/advanced/tor-overview.md
+++ b/i18n/es/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor es una red descentralizada y gratuita diseñada para utilizar I
Tor es una red descentralizada y gratuita diseñada para utilizar Internet con la mayor privacidad posible. Si se utiliza correctamente, la red permite la navegación y las comunicaciones privadas y anónimas.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Creación de Rutas a los Servicios Clearnet
Los "servicios Clearnet" son sitios web a los que puedes acceder con cualquier navegador, como [privacyguides.org](https://www.privacyguides.org). Tor te permite conectarte a estos sitios web de forma anónima enrutando tu tráfico a través de una red compuesta por miles de servidores gestionados por voluntarios llamados nodos (o repetidores).
@@ -76,13 +156,34 @@ Tor nos permite conectarnos a un servidor sin que nadie conozca la ruta completa
Aunque Tor proporciona fuertes garantías de privacidad, uno debe ser consciente de que Tor no es perfecto:
-- Los adversarios bien financiados con la capacidad de observar pasivamente la mayor parte del tráfico de la red en todo el mundo tienen la posibilidad de desanonimizar a los usuarios de Tor mediante el análisis avanzado del tráfico. Tor tampoco te protege de exponerte por error, como por ejemplo si compartes demasiada información sobre tu identidad real.
-- Los nodos de salida de Tor también pueden monitorear el tráfico que pasa a través de ellos. Esto significa que el tráfico que no está encriptado, como el tráfico HTTP simple, puede ser grabado y monitoreado. Si dicho tráfico contiene información personal identificable, entonces puede desanonimizarlo a ese nodo de salida. Por lo tanto, recomendamos utilizar HTTPS sobre Tor siempre que sea posible.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Los nodos de salida de Tor también pueden monitorear el tráfico que pasa a través de ellos. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
Si deseas utilizar Tor para navegar por la web, sólo recomendamos el navegador Tor Browser **oficial**-está diseñado para evitar las huellas digitales.
- [Tor Browser :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Recursos Adicionales
- [Manual del usuario del navegador Tor](https://tb-manual.torproject.org)
diff --git a/i18n/es/android.md b/i18n/es/android.md
index b9ca0c4b..312dbee7 100644
--- a/i18n/es/android.md
+++ b/i18n/es/android.md
@@ -215,39 +215,6 @@ En este sitio recomendamos una amplia variedad de aplicaciones para Android. Las
Al usar Shelter, está depositando toda su confianza en su desarrollador, ya que Shelter actúa como [Administrador de dispositivos](https://developer.android.com/guide/topics/admin/device-admin) para crear el perfil de trabajo, y tiene un amplio acceso a los datos almacenados en él.
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor** es una aplicación que aprovecha las funciones de seguridad del hardware para supervisar la integridad de los dispositivos mediante la validación activa de la identidad de un dispositivo y la integridad de su sistema operativo. Actualmente, sólo funciona con GrapheneOS o con el sistema operativo stock para [dispositivos compatibles](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Página Principal](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Politica de Privacidad" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentación}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Código Fuente" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribuir }
-
- ??? downloads "Descargas"
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor realiza atestación y detección de intrusos por:
-
-- Utilizando un modelo [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) entre un *auditor* y un * auditado *, la pareja establece una clave privada en el [almacén de claves respaldado por hardware ](https://source.android.com/security/keystore/) del *auditor*.
-- El *auditor* puede ser otra instancia de la aplicación Auditor o el [Servicio de atestación remota](https://attestation.app).
-- El *auditor* registra el estado actual y la configuración del *auditado*.
-- En caso de que se produzca una manipulación del sistema operativo del *auditado* una vez finalizado el emparejamiento, el auditor será consciente del cambio en el estado y las configuraciones del dispositivo.
-- Se te avisará del cambio.
-
-No se envía información personal identificable al servicio de certificación. Recomendamos que te registres con una cuenta anónima y actives la atestación remota para una supervisión continua.
-
-Si tu [modelo de amenaza](basics/threat-modeling.md) requiere privacidad, podrías considerar el uso de [Orbot](tor.md#orbot) o una VPN para ocultar tu dirección IP del servicio de atestación. Para asegurarte de que el hardware y el sistema operativo son auténticos, [realiza una atestación local](https://grapheneos.org/install/web#verifying-installation) inmediatamente después de instalar el dispositivo y antes de cualquier conexión a Internet.
-
### Cámara de Seguridad
!!! recommendation
@@ -328,7 +295,7 @@ La tienda de aplicaciones de GrapheneOS está disponible en [GitHub](https://git
La tienda de Google Play requiere una cuenta de Google para iniciar sesión, lo que no es ideal para la privacidad. Eso se puede evitar utilizando un cliente alternativo, como Aurora Store.
-!!! recommendation "recomendación"
+!!! recommendation
{ align=right }
@@ -346,7 +313,7 @@ Aurora Store no te permite descargar aplicaciones de pago con su función de cue
### Manualmente con notificaciones RSS
-Para aplicaciones lanzadas en plataformas como GitHub y GitLab, es posible que puedas añadir un feed RSS a tu [agregador de noticias](/news-aggregators) que te ayudará a llevar un seguimiento de novedades.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/es/basics/common-threats.md b/i18n/es/basics/common-threats.md
index ba73a4ae..4ad2bd8c 100644
--- a/i18n/es/basics/common-threats.md
+++ b/i18n/es/basics/common-threats.md
@@ -39,7 +39,7 @@ Para minimizar el daño que una pieza maliciosa de software *podría hacer*, deb
Los sistemas operativos móviles suelen tener un mejor aislamiento de aplicaciones que los sistemas operativos de escritorio: Las aplicaciones no pueden obtener acceso a la raíz y requieren permiso para acceder a los recursos del sistema.
- Los sistemas operativos de escritorio generalmente se retrasan en el aislamiento adecuado. ChromeOS tiene capacidades de aislamiento similares a las de Android, y macOS tiene un control total de los permisos del sistema (y los desarrolladores pueden optar por el aislamiento para las aplicaciones). Sin embargo, estos sistemas operativos transmiten información de identificación a sus respectivos OEM. Linux tiende a no enviar información a los proveedores de sistemas, pero tiene poca protección contra los exploits y las aplicaciones maliciosas. Esto puede mitigarse un poco con distribuciones especializadas que hacen un uso significativo de máquinas virtuales o contenedores, como Qubes OS.
+ Los sistemas operativos de escritorio generalmente se retrasan en el aislamiento adecuado. ChromeOS tiene capacidades de aislamiento similares a las de Android, y macOS tiene un control total de los permisos del sistema (y los desarrolladores pueden optar por el aislamiento para las aplicaciones). Sin embargo, estos sistemas operativos transmiten información de identificación a sus respectivos OEM. Linux tiende a no enviar información a los proveedores de sistemas, pero tiene poca protección contra los exploits y las aplicaciones maliciosas. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Ataques dirigidos
diff --git a/i18n/es/basics/vpn-overview.md b/i18n/es/basics/vpn-overview.md
index 38b3d885..a6e819cd 100644
--- a/i18n/es/basics/vpn-overview.md
+++ b/i18n/es/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Las Redes Privadas Virtuales desplazan el riesgo de tu proveedor de Internet a un tercero quien confías. Debes tener en cuenta estas cosas.
---
-Las redes privadas virtuales son una forma de ampliar el extremo de tu red para que salga por otro lugar en el mundo. Un ISP puede ver el flujo de tráfico de Internet que entra y sale de tu dispositivo de terminación de red (es decir, el módem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Los protocolos de cifrado como HTTPS se utilizan habitualmente en Internet, por lo que no puedan ser capaces de ver exactamente lo que estés publicando o leyendo, pero pueden hacerse una idea de los [dominios que solicitas](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-Una VPN puede ayudar, ya que puede trasladar la confianza a un servidor en otro lugar del mundo. Como resultado, el ISP solamente ve que estás conectado a una VPN y nada sobre la actividad que le estás pasando.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! nota
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## ¿Yo debería usar una VPN?
-**Sí**, a menos que ya estés usando Tor. Una VPN hace dos cosas: trasladar los riesgos de tu proveedor de servicios de Internet a sí mismo y ocultar tu IP de un servicio de terceros.
-
-Las VPNs no pueden encriptar datos fuera de la conexión entre tu dispositivo y el servidor VPN. Los proveedores de VPN pueden ver y modificar tu tráfico del mismo modo que tu proveedor de Internet podría. Y no hay forma en absoluto de verificar las políticas de "no registro" de un proveedor de VPN.
-
-Sin embargo, sí ocultan tu IP real de un servicio de terceros, siempre que no haya fugas de IP. Te ayudan a mezclarte con los demás y a mitigar el seguimiento basado en la IP.
-
-## ¿Cuándo no debería usar una VPN?
-
-Utilizar una VPN en casos donde estés usando tu [identidad conocida](common-misconceptions.md#complicated-is-better) es poco probable que sea útil.
-
-Si lo haces, puede activar sistemas de detección de spam y fraude, por ejemplo si te conectas al sitio web de tu banco.
-
-## ¿Qué pasa con la encriptación?
-
-El cifrado que ofrecen los proveedores de VPN se realiza entre tus dispositivos y sus servidores. Garantiza que este enlace específico es seguro. Esto supone un paso adelante respecto al uso de proxies no cifrados, en los que un adversario en la red puede interceptar las comunicaciones entre tus dispositivos y dichos proxies y modificarlas. Sin embargo, el cifrado entre tus aplicaciones o navegadores con los proveedores de servicios no se gestiona mediante este cifrado.
-
-Para mantener la privacidad y seguridad de lo que haces en los sitios web que visitas, debes utilizar HTTPS. Esto mantendrá tus contraseñas, tokens de sesión y consultas a salvo del proveedor de VPN. Considera la posibilidad de activar "HTTPS en todas partes" en tu navegador para mitigar los ataques de degradación como [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## ¿Debo utilizar DNS cifrado con una VPN?
-
-A menos que tu proveedor de VPN aloje los servidores DNS cifrados, **no**. Usar DOH/DOT (o cualquier otra forma de DNS encriptado) con servidores de terceros simplemente añadirá más entidades en las que confiar y no hace **absolutamente nada** para mejorar tu privacidad/seguridad. Tu proveedor de VPN aún puede ver qué sitios web visitas basándose en las direcciones IP y otros métodos. En lugar de confiar únicamente en tu proveedor de VPN, ahora confías tanto en el proveedor de VPN como en el proveedor de DNS.
-
-Una razón común para recomendar DNS cifrado es que ayuda contra el spoofing de DNS. Sin embargo, tu navegador ya debería estar buscando [certificados TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) con **HTTPS** y advertirte al respecto. Si no estás utilizando **HTTPS**, entonces un adversario todavía puede simplemente modificar cualquier cosa que no sean tus consultas DNS y el resultado final será similar.
-
-No hace falta decir que **no deberías usar DNS encriptados con Tor**. Esto dirigiría todas tus peticiones DNS a través de un único circuito y permitiría al proveedor de DNS cifrado desanonimizarte.
-
-## ¿Debería usar Tor *y* una VPN?
-
-Al usar una VPN con Tor, estás creando esencialmente un nodo de entrada permanente, a menudo con un rastro de dinero adjunto. Esto no te proporciona ningún beneficio adicional, a la vez que aumenta drásticamente la superficie de ataque de tu conexión. Si deseas ocultar el uso de Tor a tu ISP o a tu gobierno, Tor tiene una solución incorporada para eso: los puentes Tor. [Lee más sobre los puentes Tor y por qué no es necesario usar una VPN](../advanced/tor-overview.md).
-
-## ¿Y si necesito anonimato?
-
-Las VPN no pueden proporcionar anonimato. Tu proveedor de VPN aún verá tu dirección IP real, y a menudo tiene un rastro de dinero que puede vincularse directamente a ti. No puedes confiar en las políticas de "no registro" para proteger tus datos. Usa [Tor](https://www.torproject.org/) en vez.
-
-## ¿Qué pasa con los proveedores de VPN que proporcionan nodos Tor?
-
-No utilices esa función. El punto de usar Tor es que no confías en tu proveedor de VPN. Actualmente Tor solamente soporta el protocolo [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol). [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (utilizado en [WebRTC](https://en.wikipedia.org/wiki/WebRTC) para compartir voz y vídeo, el nuevo protocolo [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), etc), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) y otros paquetes serán descartados. Para compensar por esto, los proveedores de VPN suelen enrutar todos los paquetes no TCP a través de su servidor VPN (tu primer salto). Este es el caso con [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Adicionalmente, al usar esta configuración de Tor sobre VPN, no tienes control sobre otras funciones importantes de Tor como [Dirección de Destino Aislada](https://www.whonix.org/wiki/Stream_Isolation) (usando un circuito Tor diferente para cada dominio que visitas).
-
-La función debe verse como una forma conveniente de acceder a la Red Tor, no para permanecer anónimo. Para anonimato adecuado, usa el navegador Tor, TorSocks o una puerta de enlace Tor.
-
-## ¿Cuándo son útiles las VPNs?
-
-Una VPN puede seguir siéndote útil en una variedad de escenarios, por ejemplo:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Ocultando tu tráfico de **sólo** tu proveedor de servicios de Internet.
1. Ocultando tus descargas (como los torrents) de tu ISP y a las organizaciones antipiratería.
-1. Ocultando tu IP de sitios web y servicios de terceros, evitando el rastreo basado en IP.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-Para situaciones como estas, o si tienes otra razón de peso, los proveedores de VPN que hemos enumerado anteriormente son los que consideramos más fiables. Sin embargo, utilizar un proveedor de VPN aun significa que estás *confiando* en el proveedor. En casi cualquier otro escenario deberías estar usando una herramienta segura**-por diseño** como Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Fuentes y Lecturas Complementarias
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. Y no hay forma en absoluto de verificar las políticas de "no registro" de un proveedor de VPN.
-1. [VPN - una narrativa muy precaria](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) por Dennis Schubert
-1. [Visión General de la Red Tor](../advanced/tor-overview.md)
-1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-1. ["¿Necesito una VPN?"](https://www.doineedavpn.com), una herramienta desarrollada por IVPN para desafiar el mercadeo agresivo de las VPN ayudando las personas a decidir si una VPN es adecuada para ellas.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Si lo haces, puede activar sistemas de detección de spam y fraude, por ejemplo si te conectas al sitio web de tu banco.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. Para mantener la privacidad y seguridad de lo que haces en los sitios web que visitas, debes utilizar HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## ¿Debo utilizar DNS cifrado con una VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Tu proveedor de VPN aún puede ver qué sitios web visitas basándose en las direcciones IP y otros métodos. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. Sin embargo, tu navegador ya debería estar buscando [certificados TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) con **HTTPS** y advertirte al respecto. Si no estás utilizando **HTTPS**, entonces un adversario todavía puede simplemente modificar cualquier cosa que no sean tus consultas DNS y el resultado final será similar.
+
+## ¿Debería usar Tor *y* una VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. Para compensar por esto, los proveedores de VPN suelen enrutar todos los paquetes no TCP a través de su servidor VPN (tu primer salto). Este es el caso con [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Adicionalmente, al usar esta configuración de Tor sobre VPN, no tienes control sobre otras funciones importantes de Tor como [Dirección de Destino Aislada](https://www.whonix.org/wiki/Stream_Isolation) (usando un circuito Tor diferente para cada dominio que visitas).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Información Relacionada con las VPNs
@@ -76,3 +112,4 @@ Para situaciones como estas, o si tienes otra razón de peso, los proveedores de
- [Investigación de Aplicaciones de VPN Gratuita](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Propietarios ocultos de VPN revelados: 101 productos VPN administrados por solo 23 empresas](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [Esta empresa china está secretamente detrás de 24 aplicaciones populares que buscan permisos peligrosos](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - una narrativa muy precaria](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) por Dennis Schubert
diff --git a/i18n/es/desktop.md b/i18n/es/desktop.md
index d1f9ef01..c461dacf 100644
--- a/i18n/es/desktop.md
+++ b/i18n/es/desktop.md
@@ -120,11 +120,9 @@ Nix es un gestor de paquetes basado en el código fuente; si no hay ningún paqu
Whonix está pensado para funcionar como dos máquinas virtuales: una "Estación de Trabajo" y una "Puerta de Enlace" Tor. Todas las comunicaciones desde la Estación de Trabajo deben pasar por la puerta de enlace Tor. Esto significa que incluso si la Estación de Trabajo se ve comprometida por algún tipo de malware, la verdadera dirección IP permanece oculta.
-Algunas de sus características incluyen Tor Stream Isolation, [anonimización de pulsaciones](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [swap encriptado ](https://github.com/Whonix/swap-file-creator), y un asignador de memoria endurecido.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Las futuras versiones de Whonix probablemente incluirán [políticas AppArmor para todo el sistema](https://github.com/Whonix/apparmor-profile-everything) y un lanzador de aplicaciones en entorno aislado [](https://www.whonix.org/wiki/Sandbox-app-launcher) para confinar completamente todos los procesos del sistema.
-
-Whonix se utiliza mejor [junto con Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix tiene varias [desventajas](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) cuando se compara con otros hipervisores.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/es/device-integrity.md b/i18n/es/device-integrity.md
new file mode 100644
index 00000000..ede8f050
--- /dev/null
+++ b/i18n/es/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger "Peligro"
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning "Advertencia"
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning "Advertencia"
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning "Advertencia"
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/es/os/qubes-overview.md b/i18n/es/os/qubes-overview.md
index e6416049..3da69d28 100644
--- a/i18n/es/os/qubes-overview.md
+++ b/i18n/es/os/qubes-overview.md
@@ -49,6 +49,22 @@ Para copiar y pegar archivos y directorios (carpetas) entre un *qube* y otro, pu
El [framework qrexec](https://www.qubes-os.org/doc/qrexec/) es una parte central de Qubes que permite la comunicación entre dominios. Está construido sobre la librería Xen *vchan*, que facilita el [aislamiento a través de políticas](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Recursos Adicionales
Para obtener información adicional, te animamos a consultar las extensas páginas de documentación de Qubes OS que se encuentran en el [sitio web Qubes OS](https://www.qubes-os.org/doc/). Copias offline se pueden descargar desde el [repositorio de documentación ](https://github.com/QubesOS/qubes-doc)de Qubes OS.
diff --git a/i18n/es/tools.md b/i18n/es/tools.md
index 570f7e75..5e9cb177 100644
--- a/i18n/es/tools.md
+++ b/i18n/es/tools.md
@@ -157,6 +157,7 @@ Para obtener más información sobre cada proyecto, por qué han sido elegidos y
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[Más información :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -429,12 +430,11 @@ Para obtener más información sobre cada proyecto, por qué han sido elegidos y
-- { .twemoji } [Obtainium (gestor de aplicaciones)](android.md#obtainium)
-- { .twemoji } [Aurora Store (cliente de Google Play)](android.md#aurora-store)
-- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
-- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
-- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
+- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
+- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
+- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
+- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
+- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ Para obtener más información sobre cada proyecto, por qué han sido elegidos y
[Más información :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[Más información :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/es/tor.md b/i18n/es/tor.md
index c5d3b105..a1bfcdea 100644
--- a/i18n/es/tor.md
+++ b/i18n/es/tor.md
@@ -39,7 +39,15 @@ Tor funciona enrutando tu tráfico de Internet a través de esos servidores oper
## Conectándote a Tor
-Hay varias maneras de conectarte a la red Tor desde tu dispositivo, la más utilizada es **Tor Browser**, un fork de Firefox diseñado para la navegación anónima para computadoras y Android. Además de las aplicaciones enumeradas a continuación, también hay sistemas operativos diseñados específicamente para conectarse a la red Tor, como [Whonix](desktop.md#whonix) en [Qubes OS](desktop.md#qubes-os), que proporcionan incluso mayor seguridad y protección que el Navegador Tor estándar.
+!!! tip "Consejo"
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+Hay varias maneras de conectarte a la red Tor desde tu dispositivo, la más utilizada es **Tor Browser**, un fork de Firefox diseñado para la navegación anónima para computadoras y Android.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor Browser
@@ -69,6 +77,8 @@ Hay varias maneras de conectarte a la red Tor desde tu dispositivo, la más util
El navegador Tor está diseñado para evitar la toma de huellas digirtales o tu identificación debido a la configuración de tu navegador. Por lo tanto, es imperativo que **no** modifiques el navegador más allá de los [niveles de seguridad](https://tb-manual.torproject.org/security-settings/) predeterminados.
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! recommendation
diff --git a/i18n/fa/advanced/tor-overview.md b/i18n/fa/advanced/tor-overview.md
index e0c5b08b..3a642929 100644
--- a/i18n/fa/advanced/tor-overview.md
+++ b/i18n/fa/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor is a free to use, decentralized network designed for using the
Tor is a free to use, decentralized network designed for using the internet with as much privacy as possible. If used properly, the network enables private and anonymous browsing and communications.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Path Building to Clearnet Services
"Clearnet services" are websites which you can access with any browser, like [privacyguides.org](https://www.privacyguides.org). Tor lets you connect to these websites anonymously by routing your traffic through a network comprised of thousands of volunteer-run servers called nodes (or relays).
@@ -76,13 +156,34 @@ Tor allows us to connect to a server without any single party knowing the entire
Though Tor does provide strong privacy guarantees, one must be aware that Tor is not perfect:
-- Well-funded adversaries with the capability to passively watch most network traffic over the globe have a chance of deanonymizing Tor users by means of advanced traffic analysis. Nor does Tor protect you from exposing yourself by mistake, such as if you share too much information about your real identity.
-- Tor exit nodes can also monitor traffic that passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be recorded and monitored. If such traffic contains personally identifiable information, then it can deanonymize you to that exit node. Thus, we recommend using HTTPS over Tor where possible.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Tor exit nodes can also monitor traffic that passes through them. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
If you wish to use Tor for browsing the web, we only recommend the **official** Tor Browser—it is designed to prevent fingerprinting.
- [Tor Browser :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Additional Resources
- [Tor Browser User Manual](https://tb-manual.torproject.org)
diff --git a/i18n/fa/android.md b/i18n/fa/android.md
index 010f15b7..38f4a98b 100644
--- a/i18n/fa/android.md
+++ b/i18n/fa/android.md
@@ -215,39 +215,6 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
-
- ??? downloads
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor performs attestation and intrusion detection by:
-
-- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
-- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
-- The *auditor* records the current state and configuration of the *auditee*.
-- Should tampering with the operating system of the *auditee* happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
-- You will be alerted to the change.
-
-No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
-
-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
-
### Secure Camera
!!! recommendation
@@ -347,7 +314,7 @@ Aurora Store does not allow you to download paid apps with their anonymous accou
### Manually with RSS Notifications
-For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](/news-aggregators) that will help you keep track of new releases.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/fa/basics/common-threats.md b/i18n/fa/basics/common-threats.md
index e278c0cb..9776a47b 100644
--- a/i18n/fa/basics/common-threats.md
+++ b/i18n/fa/basics/common-threats.md
@@ -39,7 +39,7 @@ To minimize the damage that a malicious piece of software *could* do, you should
Mobile operating systems generally have better application sandboxing than desktop operating systems: Apps can't obtain root access, and require permission for access to system resources.
- Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../../desktop/#qubes-os).
+ Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Targeted Attacks
diff --git a/i18n/fa/basics/vpn-overview.md b/i18n/fa/basics/vpn-overview.md
index d057a1ae..2f34dd6e 100644
--- a/i18n/fa/basics/vpn-overview.md
+++ b/i18n/fa/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Virtual Private Networks shift risk away from your ISP to a third-party you trust. You should keep these things in mind.
---
-Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world. An ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-A VPN can help as it can shift trust to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing into it.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## Should I use a VPN?
-**Yes**, unless you are already using Tor. A VPN does two things: shifting the risks from your Internet Service Provider to itself and hiding your IP from a third-party service.
-
-VPNs cannot encrypt data outside of the connection between your device and the VPN server. VPN providers can see and modify your traffic the same way your ISP could. And there is no way to verify a VPN provider's "no logging" policies in any way.
-
-However, they do hide your actual IP from a third-party service, provided that there are no IP leaks. They help you blend in with others and mitigate IP based tracking.
-
-## When shouldn't I use a VPN?
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
-
-## What about encryption?
-
-Encryption offered by VPN providers are between your devices and their servers. It guarantees that this specific link is secure. This is a step up from using unencrypted proxies where an adversary on the network can intercept the communications between your devices and said proxies and modify them. However, encryption between your apps or browsers with the service providers are not handled by this encryption.
-
-In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider. Consider enabling "HTTPS everywhere" in your browser to mitigate downgrade attacks like [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Should I use encrypted DNS with a VPN?
-
-Unless your VPN provider hosts the encrypted DNS servers, **no**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust and does **absolutely nothing** to improve your privacy/security. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. Instead of just trusting your VPN provider, you are now trusting both the VPN provider and the DNS provider.
-
-A common reason to recommend encrypted DNS is that it helps against DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
-
-Needless to say, **you shouldn't use encrypted DNS with Tor**. This would direct all of your DNS requests through a single circuit and would allow the encrypted DNS provider to deanonymize you.
-
-## Should I use Tor *and* a VPN?
-
-By using a VPN with Tor, you're creating essentially a permanent entry node, often with a money trail attached. This provides zero additional benefits to you, while increasing the attack surface of your connection dramatically. If you wish to hide your Tor usage from your ISP or your government, Tor has a built-in solution for that: Tor bridges. [Read more about Tor bridges and why using a VPN is not necessary](../advanced/tor-overview.md).
-
-## What if I need anonymity?
-
-VPNs cannot provide anonymity. Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data. Use [Tor](https://www.torproject.org/) instead.
-
-## What about VPN providers that provide Tor nodes?
-
-Do not use that feature. The point of using Tor is that you do not trust your VPN provider. Currently Tor only supports the [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
-
-The feature should be viewed as a convenient way to access the Tor Network, not to stay anonymous. For proper anonymity, use the Tor Browser, TorSocks, or a Tor gateway.
-
-## When are VPNs useful?
-
-A VPN may still be useful to you in a variety of scenarios, such as:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Hiding your traffic from **only** your Internet Service Provider.
1. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
-1. Hiding your IP from third-party websites and services, preventing IP based tracking.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-For situations like these, or if you have another compelling reason, the VPN providers we listed above are who we think are the most trustworthy. However, using a VPN provider still means you're *trusting* the provider. In pretty much any other scenario you should be using a secure**-by-design** tool such as Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Sources and Further Reading
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. And there is no way to verify a VPN provider's "no logging" policies in any way.
-1. [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
-1. [Tor Network Overview](../advanced/tor-overview.md)
-1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-1. ["Do I need a VPN?"](https://www.doineedavpn.com), a tool developed by IVPN to challenge aggressive VPN marketing by helping individuals decide if a VPN is right for them.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Should I use encrypted DNS with a VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
+
+## Should I use Tor *and* a VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Related VPN Information
@@ -76,3 +112,4 @@ For situations like these, or if you have another compelling reason, the VPN pro
- [Free VPN App Investigation](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Hidden VPN owners unveiled: 101 VPN products run by just 23 companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [This Chinese company is secretly behind 24 popular apps seeking dangerous permissions](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
diff --git a/i18n/fa/desktop.md b/i18n/fa/desktop.md
index c2b5515a..5f937ed1 100644
--- a/i18n/fa/desktop.md
+++ b/i18n/fa/desktop.md
@@ -120,11 +120,9 @@ Nix is a source-based package manager; if there’s no pre-built available in th
Whonix is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden.
-Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-
-Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix has various [disadvantages](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) when compared to other hypervisors.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/fa/device-integrity.md b/i18n/fa/device-integrity.md
new file mode 100644
index 00000000..76da114e
--- /dev/null
+++ b/i18n/fa/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/fa/os/qubes-overview.md b/i18n/fa/os/qubes-overview.md
index a255bd21..0a3a095a 100644
--- a/i18n/fa/os/qubes-overview.md
+++ b/i18n/fa/os/qubes-overview.md
@@ -49,6 +49,22 @@ To copy and paste files and directories (folders) from one *qube* to another, yo
The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Qubes which allows communication between domains. It is built on top of the Xen library *vchan*, which facilitates [isolation through policies](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Additional Resources
For additional information we encourage you to consult the extensive Qubes OS documentation pages located on the [Qubes OS Website](https://www.qubes-os.org/doc/). Offline copies can be downloaded from the Qubes OS [documentation repository](https://github.com/QubesOS/qubes-doc).
diff --git a/i18n/fa/tools.md b/i18n/fa/tools.md
index 3603abf6..cac9bc4c 100644
--- a/i18n/fa/tools.md
+++ b/i18n/fa/tools.md
@@ -157,6 +157,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[Learn more :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
[Learn more :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[Learn more :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/fa/tor.md b/i18n/fa/tor.md
index d4293334..49b297da 100644
--- a/i18n/fa/tor.md
+++ b/i18n/fa/tor.md
@@ -39,7 +39,15 @@ Tor works by routing your internet traffic through those volunteer-operated serv
## Connecting to Tor
-There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android. In addition to the apps listed below, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser.
+!!! tip
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor Browser
@@ -69,6 +77,8 @@ There are a variety of ways to connect to the Tor network from your device, the
The Tor Browser is designed to prevent fingerprinting, or identifying you based on your browser configuration. Therefore, it is imperative that you do **not** modify the browser beyond the default [security levels](https://tb-manual.torproject.org/security-settings/).
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! recommendation
diff --git a/i18n/fr/advanced/tor-overview.md b/i18n/fr/advanced/tor-overview.md
index 14e2e345..86d6334d 100644
--- a/i18n/fr/advanced/tor-overview.md
+++ b/i18n/fr/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor est un réseau décentralisé, gratuit, conçu pour utiliser In
Tor est un réseau décentralisé, gratuit, conçu pour utiliser Internet avec le plus de confidentialité possible. S'il est utilisé correctement, le réseau permet une navigation et des communications privées et anonymes.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Création de chemins vers les services de surface
Les "services de surface" sont des sites web auxquels vous pouvez accéder avec n'importe quel navigateur, comme [privacyguides.org](https://www.privacyguides.org). Tor vous permet de vous connecter à ces sites web de manière anonyme en acheminant votre trafic via un réseau composé de milliers de serveurs gérés par des bénévoles et appelés nœuds (ou relais).
@@ -76,13 +156,34 @@ Tor nous permet de nous connecter à un serveur sans que personne ne connaisse l
Bien que Tor offre de solides garanties de confidentialité, il faut être conscient que Tor n'est pas parfait:
-- Des adversaires bien financés ayant la capacité d'observer passivement la plupart du trafic réseau mondial ont une chance de désanonymiser les utilisateurs de Tor au moyen d'une analyse avancée du trafic. Tor ne vous protège pas non plus contre le risque de vous exposer par erreur, par exemple si vous partagez trop d'informations sur votre véritable identité.
-- Les nœuds de sortie de Tor peuvent également surveiller le trafic qui passe par eux. Cela signifie que le trafic qui n'est pas chiffré, comme le trafic HTTP ordinaire, peut être enregistré et surveillé. Si ce trafic contient des informations permettant de vous identifier, il peut vous désanonymiser aux yeux de ce nœud de sortie. Par conséquent, nous recommandons d'utiliser HTTPS via Tor dans la mesure du possible.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Les nœuds de sortie de Tor peuvent également surveiller le trafic qui passe par eux. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
Si vous souhaitez utiliser Tor pour naviguer sur le web, nous ne recommandons que le navigateur Tor **officiel** - il est conçu pour empêcher la prise d'empreintes numériques.
- [Navigateur Tor :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Ressources supplémentaires
- [Manuel d'utilisation du navigateur Tor](https://tb-manual.torproject.org)
diff --git a/i18n/fr/android.md b/i18n/fr/android.md
index 91f88b49..70c6f7ef 100644
--- a/i18n/fr/android.md
+++ b/i18n/fr/android.md
@@ -215,39 +215,6 @@ Nous recommandons une grande variété d'applications Android sur ce site. Les a
En utilisant Shelter, vous accordez une confiance totale à son développeur, car Shelter agit en tant qu'[administrateur de l'appareil](https://developer.android.com/guide/topics/admin/device-admin) pour créer le Profil professionnel, et il a un accès étendu aux données stockées dans ce dernier.
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor** est une application qui exploite les fonctions de sécurité matérielle pour assurer le contrôle de l'intégrité d'un appareil en validant activement son identité et l'intégrité de son système d'exploitation. Actuellement, elle ne fonctionne qu'avec GrapheneOS ou le système d'exploitation de base pour les [appareils pris en charge](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Page d'accueil](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Politique de confidentialité" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Code source" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribuer }
-
- ??? downloads "Téléchargements"
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: Magasin d'application de GrapheneOS](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor effectue l'attestation et la détection d'intrusion :
-
-- A l'aide d'un modèle de [Confiance lors de la première utilisation (TOFU - Trust On First Use)](https://en.wikipedia.org/wiki/Trust_on_first_use) entre un *auditeur* et un *audité*, la paire établit une clé privée dans le trousseau [matériel](https://source.android.com/security/keystore/) d'*Auditor*.
-- L'*auditeur* peut être une autre instance de l'application Auditor ou le [Service d'Attestation à Distance](https://attestation.app).
-- L'*auditeur* enregistre l'état et la configuration actuels de l'*audité*.
-- En cas d'altération du système d'exploitation de l'*audité* après l'appairage, l'auditeur sera informé de la modification de l'état et des configurations de l'appareil.
-- Vous serez alerté de ce changement.
-
-Aucune donnée à charactère personnel n'est soumise au service d'attestation. Nous vous recommandons de vous inscrire avec un compte anonyme et d'activer l'attestation à distance pour un contrôle continu.
-
-Si votre [modèle de menace](basics/threat-modeling.md) nécessite une certaine confidentialité, vous pouvez envisager d'utiliser [Orbot](tor.md#orbot) ou un VPN pour cacher votre adresse IP au service d'attestation. Pour s'assurer de l'authenticité de votre matériel et de votre système d'exploitation, [effectuez une attestation locale](https://grapheneos.org/install/web#verifying-installation) immédiatement après l'installation de l'appareil et avant toute connexion à internet.
-
### Secure Camera
!!! recommendation
@@ -347,7 +314,7 @@ Aurora Store ne vous permet pas de télécharger des applications payantes grâc
### Manuellement avec les notifications RSS
-Pour les applications publiées sur des plateformes telles que GitHub et GitLab, vous pouvez ajouter un flux RSS à votre [agrégateur d'actualités](/news-aggregators) qui vous aidera à suivre les nouvelles versions.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/fr/basics/common-threats.md b/i18n/fr/basics/common-threats.md
index e27488c0..3e6c2d4b 100644
--- a/i18n/fr/basics/common-threats.md
+++ b/i18n/fr/basics/common-threats.md
@@ -39,7 +39,7 @@ Pour minimiser les dommages potentiels qu'un logiciel malveillant peut causer, v
Les systèmes d'exploitation mobiles sont généralement plus sûrs que les systèmes d'exploitation de bureau en ce qui concerne le sandboxing des applications.
- Les systèmes d'exploitation de bureau sont généralement à la traîne en ce qui concerne le sandboxing. ChromeOS possède des capacités de sandboxing similaires à celles d'Android, et macOS dispose d'un contrôle complet des autorisations système (et les développeurs peuvent opter pour le sandboxing pour les applications). Cependant, ces systèmes d'exploitation transmettent des informations d'identification à leurs constructeurs respectifs. Linux a tendance à ne pas soumettre d'informations aux fournisseurs de systèmes, mais il a une mauvaise protection contre les exploits et les applications malveillantes. Ce problème peut être quelque peu atténué avec des distributions spécialisées qui font un usage intensif des machines virtuelles ou des conteneurs, comme Qubes OS.
+ Les systèmes d'exploitation de bureau sont généralement à la traîne en ce qui concerne le sandboxing. ChromeOS possède des capacités de sandboxing similaires à celles d'Android, et macOS dispose d'un contrôle complet des autorisations système (et les développeurs peuvent opter pour le sandboxing pour les applications). Cependant, ces systèmes d'exploitation transmettent des informations d'identification à leurs constructeurs respectifs. Linux a tendance à ne pas soumettre d'informations aux fournisseurs de systèmes, mais il a une mauvaise protection contre les exploits et les applications malveillantes. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Attaques ciblées
diff --git a/i18n/fr/basics/vpn-overview.md b/i18n/fr/basics/vpn-overview.md
index 988930e9..b7610887 100644
--- a/i18n/fr/basics/vpn-overview.md
+++ b/i18n/fr/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Les réseaux privés virtuels déplacent le risque de votre FAI à un tiers en qui vous avez confiance. Vous devriez garder ces éléments à l'esprit.
---
-Les Réseaux Privés Virtuels sont un moyen d'étendre l'extrémité de votre réseau à une sortie située ailleurs dans le monde. Un Fournisseur d'Accès Internet (FAI) peut voir le flux du trafic internet qui entre et sort de votre dispositif de terminaison de réseau (c'est-à-dire la box/modem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Les protocoles de chiffrement tels que HTTPS sont couramment utilisés sur internet, ils peuvent donc ne pas être en mesure de voir exactement ce que vous publiez ou lisez, mais ils peuvent avoir une idée [des domaines que vous visitez](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-Un VPN peut vous aider car il peut déplacer la confiance offerte à votre FAI vers un serveur situé ailleurs dans le monde. Par conséquent, le FAI ne voit que le fait que vous êtes connecté à un VPN et rien sur l'activité que vous lui transmettez.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note "À noter"
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## Devrais-je utiliser un VPN ?
-**Oui**, sauf si vous utilisez déjà Tor. Un VPN fait deux choses: déplacer les risques de votre Fournisseur d'Accès à Internet vers lui-même et cacher votre adresse IP d'un service tiers.
-
-Les VPN ne peuvent pas chiffrer les données en dehors de la connexion entre votre appareil et le serveur VPN. Les fournisseurs de VPN peuvent voir et modifier votre trafic de la même manière que votre FAI pourrait le faire. Et il n'existe aucun moyen de vérifier de quelque manière que ce soit la politique de "non journalisation" d'un fournisseur de VPN.
-
-Cependant, ils cachent votre IP réelle d'un service tiers, à condition qu'il n'y ait pas de fuites d'IP. Ils vous aident à vous fondre dans la masse et à atténuer le suivi par IP.
-
-## Quand ne devrais-je pas utiliser un VPN ?
-
-L'utilisation d'un VPN dans les cas où vous utilisez votre [identité connue](common-misconceptions.md#complicated-is-better) ne sera probablement pas utile.
-
-Cela peut déclencher des systèmes de détection de spam et de fraude, par exemple si vous vous connectez au site web de votre banque.
-
-## Qu'en est-il du chiffrement ?
-
-Le chiffrement offert par les fournisseurs VPN se situe entre vos appareils et leurs serveurs. Il garantit que ce lien spécifique est sécurisé. Il s'agit d'une avancée par rapport à l'utilisation de proxys non chiffrés où un adversaire sur le réseau peut intercepter les communications entre vos appareils et lesdits proxys et les modifier. Cependant, le chiffrement entre vos applications ou navigateurs et les fournisseurs de services n'est pas géré par ce chiffrement.
-
-Pour que ce que vous faites sur les sites web que vous visitez reste privé et sécurisé, vous devez utiliser le protocole HTTPS. Cela protégera vos mots de passe, jetons de session et requêtes du fournisseur VPN. Envisagez d'activer "HTTPS partout" dans votre navigateur pour atténuer les attaques de rétrogradation comme [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Devrais-je utiliser un DNS chiffré avec un VPN ?
-
-À moins que votre fournisseur VPN n'héberge les serveurs DNS chiffrés, **non**. L'utilisation de DOH/DOT (ou de toute autre forme de DNS chiffré) avec des serveurs tiers ne fera qu'ajouter des entités supplémentaires auxquelles il faudra faire confiance, et ne fait **absolument rien** pour améliorer votre confidentialité/sécurité. Votre fournisseur de VPN peut toujours voir quels sites web vous visitez en se basant sur les adresses IP et d'autres méthodes. Au lieu de faire uniquement confiance à votre fournisseur de VPN, vous faites maintenant confiance à la fois au fournisseur de VPN et au fournisseur de DNS.
-
-Une raison courante de recommander le DNS chiffré est qu'il permet de lutter contre l'usurpation DNS. Cependant, votre navigateur devrait déjà vérifier la présence de [certificats TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) avec **HTTPS** et vous en avertir. Si vous n'utilisez pas **HTTPS**, alors un adversaire peut toujours modifier n'importe quoi d'autre que vos requêtes DNS et le résultat final sera peu différent.
-
-Inutile de dire que **vous ne devriez pas utiliser de DNS chiffré avec Tor**. Toutes vos requêtes DNS seraient ainsi dirigées vers un seul circuit, ce qui permettrait au fournisseur de DNS chiffré de vous désanonymiser.
-
-## Devrais-je utiliser Tor *et* un VPN?
-
-En utilisant un VPN avec Tor, vous créez essentiellement un nœud d'entrée permanent, souvent avec une trace financière attachée. Cela ne vous apporte aucun avantages supplémentaires, tout en augmentant considérablement la surface d'attaque de votre connexion. Si vous souhaitez cacher votre utilisation de Tor à votre FAI ou à votre gouvernement, Tor a une solution intégrée pour cela : les passerelles Tor. [En savoir plus sur les passerelles Tor et pourquoi l'utilisation d'un VPN n'est pas nécessaire](../advanced/tor-overview.md).
-
-## Et si j'ai besoin d'anonymat ?
-
-Les VPNs ne peuvent pas fournir d'anonymat. Votre fournisseur de VPN verra toujours votre adresse IP réelle, et dispose souvent d'une trace financière qui peut être liée directement à vous. Vous ne pouvez pas compter sur des politiques de "non journalisation" pour protéger vos données. Utilisez plutôt [Tor](https://www.torproject.org/fr/).
-
-## Qu'en est-il des fournisseurs de VPN qui proposent des nœuds Tor ?
-
-N'utilisez pas cette fonctionnalité. L'intérêt d'utiliser Tor est que vous ne faites pas confiance à votre fournisseur de VPN. Actuellement Tor ne supporte que le protocole [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol). [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (utilisé dans [WebRTC](https://en.wikipedia.org/wiki/WebRTC) pour le partage de la voix et de la vidéo, le nouveau protocole [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), etc.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) et les autres paquets seront abandonnés. Pour compenser cela, les fournisseurs de VPN acheminent généralement tous les paquets non TCP par leur serveur VPN (votre premier saut). C'est le cas de [Proton VPN](https://protonvpn.com/support/tor-vpn/). De plus, lorsque vous utilisez cette configuration Tor par VPN, vous n'avez pas le contrôle sur d'autres fonctionnalités importantes de Tor telles que [Adresse de Destination Isolée](https://www.whonix.org/wiki/Stream_Isolation) (utilisation d'un circuit Tor différent pour chaque domaine que vous visitez).
-
-Cette fonctionnalité doit être considérée comme un moyen pratique d'accéder au réseau Tor, et non comme un moyen de rester anonyme. Pour un véritable anonymat, utilisez le navigateur Tor, TorSocks, ou une passerelle Tor.
-
-## Quand les VPNs sont-ils utiles ?
-
-Un VPN peut toujours vous être utile dans divers scénarios, tels que :
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Cacher votre trafic de **seulement** votre Fournisseur d'Accès Internet.
1. Cacher vos téléchargements (tels que les torrents) à votre FAI et aux organisations anti-piratage.
-1. Cacher votre adresse IP des sites web et services tiers, empêchant le suivi basé sur l'adresse IP.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-Pour des situations comme celles-ci, ou si vous avez une autre raison impérieuse, les fournisseurs de VPN que nous avons listés ci-dessus sont ceux que nous pensons être les plus dignes de confiance. Cependant, l'utilisation d'un fournisseur de VPN signifie toujours que vous *faites confiance* à ce fournisseur. Dans presque tous les autres cas, vous devriez utiliser un outil sécurisé **par conception** tel que Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Sources et Lectures Complémentaires
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. Et il n'existe aucun moyen de vérifier de quelque manière que ce soit la politique de "non journalisation" d'un fournisseur de VPN.
-1. [VPN - un Récit Très Précaire](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) par Dennis Schubert
-1. [Présentation du Réseau Tor](../advanced/tor-overview.md)
-1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-1. ["Ai-je besoin d'un VPN ?"](https://www.doineedavpn.com), un outil développé par IVPN pour défier le marketing agressif des autres VPNs en aidant les individus à décider si un VPN leur convient.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Cela peut déclencher des systèmes de détection de spam et de fraude, par exemple si vous vous connectez au site web de votre banque.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. Pour que ce que vous faites sur les sites web que vous visitez reste privé et sécurisé, vous devez utiliser le protocole HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Devrais-je utiliser un DNS chiffré avec un VPN ?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Votre fournisseur de VPN peut toujours voir quels sites web vous visitez en se basant sur les adresses IP et d'autres méthodes. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. Cependant, votre navigateur devrait déjà vérifier la présence de [certificats TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) avec **HTTPS** et vous en avertir. Si vous n'utilisez pas **HTTPS**, alors un adversaire peut toujours modifier n'importe quoi d'autre que vos requêtes DNS et le résultat final sera peu différent.
+
+## Devrais-je utiliser Tor *et* un VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. Pour compenser cela, les fournisseurs de VPN acheminent généralement tous les paquets non TCP par leur serveur VPN (votre premier saut). C'est le cas de [Proton VPN](https://protonvpn.com/support/tor-vpn/). De plus, lorsque vous utilisez cette configuration Tor par VPN, vous n'avez pas le contrôle sur d'autres fonctionnalités importantes de Tor telles que [Adresse de Destination Isolée](https://www.whonix.org/wiki/Stream_Isolation) (utilisation d'un circuit Tor différent pour chaque domaine que vous visitez).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Informations VPN Liées
@@ -76,3 +112,4 @@ Pour des situations comme celles-ci, ou si vous avez une autre raison impérieus
- [Enquête sur les Applications VPN Gratuites](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Les propriétaires inconnus des VPNs dévoilés : 101 produits VPN gérés par seulement 23 sociétés](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [Cette société chinoise est secrètement à l'origine de 24 applications populaires qui cherchent à obtenir des autorisations dangereuses](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - un Récit Très Précaire](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) par Dennis Schubert
diff --git a/i18n/fr/desktop.md b/i18n/fr/desktop.md
index 1f85acbe..64fbaa3a 100644
--- a/i18n/fr/desktop.md
+++ b/i18n/fr/desktop.md
@@ -119,11 +119,9 @@ Nix est un gestionnaire de paquets basé sur les sources ; s'il n'y a pas de paq
Whonix est conçu pour fonctionner sous la forme de deux machines virtuelles : une "Station de Travail" et une "Passerelle" Tor. Toutes les communications de la station de travail doivent passer par la passerelle Tor, et seront acheminées par le réseau Tor. Cela signifie que même si la "Station de Travail" est compromise par un logiciel malveillant quelconque, la véritable adresse IP reste cachée.
-Parmi ses fonctionnalités, citons l'isolation des Flux Tor, [l'anonymisation des frappes de clavier](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [un swap chiffré](https://github.com/Whonix/swap-file-creator), et un allocateur de mémoire renforcé.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Les futures versions de Whonix incluront probablement [des politiques AppArmor système complètes](https://github.com/Whonix/apparmor-profile-everything) et [un lanceur d'apps bac à sable](https://www.whonix.org/wiki/Sandbox-app-launcher) pour confiner complètement tous les processus sur le système.
-
-Il est préférable d'utiliser Whonix [en conjonction avec Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers).
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/fr/device-integrity.md b/i18n/fr/device-integrity.md
new file mode 100644
index 00000000..53b1a123
--- /dev/null
+++ b/i18n/fr/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger "Danger"
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning "Avertissement"
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning "Avertissement"
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning "Avertissement"
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/fr/os/qubes-overview.md b/i18n/fr/os/qubes-overview.md
index 39471d57..40d54166 100644
--- a/i18n/fr/os/qubes-overview.md
+++ b/i18n/fr/os/qubes-overview.md
@@ -49,6 +49,22 @@ Pour copier et coller des fichiers et des répertoires (dossiers) d'un *qube* à
L'[environnement qrexec](https://www.qubes-os.org/doc/qrexec/) est une partie essentielle de Qubes qui permet la communication entre les domaines. Il est construit sur la bibliothèque Xen *vchan*, qui facilite [l'isolation de par le biais de politiques](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Ressources supplémentaires
Pour de plus amples informations, nous vous encourageons à consulter les pages de documentation complètes de Qubes OS, situées sur le [site web de Qubes OS](https://www.qubes-os.org/doc/). Des copies hors ligne peuvent être téléchargées à partir du [dépôt de documentationde](https://github.com/QubesOS/qubes-doc) Qubes OS.
diff --git a/i18n/fr/tools.md b/i18n/fr/tools.md
index c4287033..a6c80bc9 100644
--- a/i18n/fr/tools.md
+++ b/i18n/fr/tools.md
@@ -157,6 +157,7 @@ Nous [recommandons](dns.md#recommended-providers) un certain nombre de serveurs
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[En savoir plus :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -429,12 +430,11 @@ Nous [recommandons](dns.md#recommended-providers) un certain nombre de serveurs
-- { .twemoji } [Obtainium (gestionnaire d'applications)](android.md#obtainium)
-- { .twemoji } [Aurora Store (client Google Play)](android.md#aurora-store)
-- { .twemoji } [Shelter (profils professionnels)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (appareils pris en charge)](android.md#auditor)
-- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
-- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
+- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
+- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
+- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
+- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
+- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ Nous [recommandons](dns.md#recommended-providers) un certain nombre de serveurs
[En savoir plus :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[En savoir plus :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/fr/tor.md b/i18n/fr/tor.md
index a38fa7ac..da047aee 100644
--- a/i18n/fr/tor.md
+++ b/i18n/fr/tor.md
@@ -39,7 +39,15 @@ Tor fonctionne en acheminant votre trafic Internet via ces serveurs gérés par
## Se connecter à Tor
-Il existe plusieurs façons de se connecter au réseau Tor à partir de votre appareil, la plus utilisée étant le **Navigateur Tor**, un fork de Firefox conçu pour la navigation anonyme sur les ordinateurs de bureau et Android. En plus des applications listées ci-dessous, il existe également des systèmes d'exploitation conçus spécifiquement pour se connecter au réseau Tor tels que [Whonix](desktop.md#whonix) sur [Qubes OS](desktop.md#qubes-os), qui offrent une sécurité et des protections encore plus importantes que le navigateur Tor standard.
+!!! tip "Conseil"
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+Il existe plusieurs façons de se connecter au réseau Tor à partir de votre appareil, la plus utilisée étant le **Navigateur Tor**, un fork de Firefox conçu pour la navigation anonyme sur les ordinateurs de bureau et Android.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Navigateur Tor
@@ -69,6 +77,8 @@ Il existe plusieurs façons de se connecter au réseau Tor à partir de votre ap
Le Navigateur Tor est conçu pour empêcher la prise d'empreintes numérique, ou l'identification en fonction de la configuration de votre navigateur. Par conséquent, il est impératif de ne **pas** modifier le navigateur au-delà des [niveaux de sécurité](https://tb-manual.torproject.org/fr/security-settings/) par défaut.
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! recommendation
diff --git a/i18n/he/advanced/tor-overview.md b/i18n/he/advanced/tor-overview.md
index 41509a85..e7ca5b80 100644
--- a/i18n/he/advanced/tor-overview.md
+++ b/i18n/he/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor היא רשת מבוזרת בחינם לשימוש המיועד
Tor היא רשת מבוזרת בחינם לשימוש המיועדת לשימוש באינטרנט עם כמה שיותר פרטיות. בשימוש נכון, הרשת מאפשרת גלישה ותקשורת פרטית ואנונימית.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## בניית נתיב לשירותי Clearnet
"שירותי Clearnet" הם אתרים אליהם אתה יכול לגשת עם כל דפדפן, כמו [privacyguides.org](https://www.privacyguides.org). Tor מאפשר לך להתחבר לאתרים אלה באופן אנונימי על ידי ניתוב התנועה שלך דרך רשת המורכבת מאלפי שרתים המנוהלים על ידי מתנדבים הנקראים צמתים (או ממסרים).
@@ -76,13 +156,34 @@ Tor מאפשר לנו להתחבר לשרת מבלי שאף גורם אחד יד
למרות ש-Tor מספקת ערובות פרטיות חזקות, צריך להיות מודע לכך ש-Tor אינו מושלם:
-- ליריבים ממומנים היטב עם יכולת לצפות באופן פסיבי ברוב תעבורת הרשת על פני הגלובוס יש סיכוי לבטל את האנונימיות של משתמשי Tor באמצעות ניתוח תעבורה מתקדם. Tor גם לא מגן עליך מפני חשיפת עצמך בטעות, כגון אם אתה חולק יותר מדי מידע על זהותך האמיתית.
-- צמתי יציאה של Tor יכולים גם לנטר את התעבורה שעוברת דרכם. המשמעות היא שתעבורה שאינה מוצפנת, כגון תעבורת HTTP רגילה, יכולה להיות מתועדת ולמעקב. אם תעבורה כזו מכילה מידע אישי מזהה, היא יכולה להפוך אותך לאנונימית לאותו צומת יציאה. לפיכך, אנו ממליצים להשתמש ב-HTTPS על פני Tor במידת האפשר.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- צמתי יציאה של Tor יכולים גם לנטר את התעבורה שעוברת דרכם. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
אם ברצונך להשתמש ב- Tor לגלישה באינטרנט, אנו ממליצים רק על דפדפן ה**רשמי** Tor - הוא נועד למנוע טביעת אצבע.
- [דפדפן Tor :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## מקורות נוספים
- [מדריך למשתמש של דפדפן Tor](https://tb-manual.torproject.org)
diff --git a/i18n/he/android.md b/i18n/he/android.md
index 7aab188e..c9ce5369 100644
--- a/i18n/he/android.md
+++ b/i18n/he/android.md
@@ -142,7 +142,7 @@ GrapheneOS תומך ב-[Sandboxed Google Play](https://grapheneos.org/usage#sand
DivestOS מיישמת כמה תיקוני הקשחת מערכת שפותחו במקור עבור GrapheneOS. DivestOS 16.0 ומעלה מיישמת את החלפת הרשאות [`אינטרנט`](https://developer.android.com/training/basics/network-ops/connecting) וחיישנים של GrapheneOS, [מקצית זיכרון מוקשחת](https://github.com/GrapheneOS/hardened_malloc), [השרצת מנהלים](https://blog.privacyguides.org/2022/04/21/grapheneos-or-calyxos/#additional-hardening), [קונסטיפיקציה](https://en.wikipedia.org/wiki/Const_(computer_programming)) של [JNI](https://en.wikipedia.org/wiki/Java_Native_Interface) ותיקוני התקשות [ביונית](https://en.wikipedia.org/wiki/Bionic_(software)) חלקית. תכונות 17.1 ומעלה של GrapheneOS לכל רשת [אפשרות אקראיות מלאה של ](https://en.wikipedia.org/wiki/MAC_address#Randomization)MAC, בקרת [`ptrace_scope`](https://www.kernel.org/doc/html/latest/admin-guide/LSM/Yama.html) ואתחול אוטומטי/Wi-Fi/Bluetooth [אפשרויות פסק זמן](https://grapheneos.org/features).
-DivestOS משתמשת ב-F-Droid כחנות האפליקציות המוגדרת כברירת מחדל. We normally [recommend avoiding F-Droid](#f-droid), but doing so on DivestOS isn't viable; the developers update their apps via their own F-Droid repositories ([DivestOS Official](https://divestos.org/fdroid/official/?fingerprint=E4BE8D6ABFA4D9D4FEEF03CDDA7FF62A73FD64B75566F6DD4E5E577550BE8467) and [DivestOS WebView](https://divestos.org/fdroid/webview/?fingerprint=FB426DA1750A53D7724C8A582B4D34174E64A84B38940E5D5A802E1DFF9A40D2)). We recommend disabling the official F-Droid app and using [F-Droid Basic](https://f-droid.org/en/packages/org.fdroid.basic/) **with the DivestOS repositories enabled** to keep those components up to date. לגבי אפליקציות אחרות, השיטות המומלצות שלנו להשגתן עדיין חלות.
+DivestOS משתמשת ב-F-Droid כחנות האפליקציות המוגדרת כברירת מחדל. בדרך כלל אנו [ממליצים להימנע מ-F-Droid](#f-droid), אך אין לעשות זאת ב-DivestOS; המפתחים מעדכנים את האפליקציות שלהם באמצעות מאגרי F-Droid משלהם ([DivestOS Official](https://divestos.org/fdroid/official/?fingerprint=E4BE8D6ABFA4D9D4FEEF03CDDA7FF62A73FD64B75566F6DD4E5E577550BE8467) and [DivestOS WebView](https://divestos.org/fdroid/webview/?fingerprint=FB426DA1750A53D7724C8A582B4D34174E64A84B38940E5D5A802E1DFF9A40D2)). אנו ממליצים להשבית את אפליקציית F-Droid הרשמית ולהשתמש ב- [F-Droid Basic](https://f-droid.org/en/packages/org.fdroid.basic/) **עם מאגרי DivestOS מופעלים** כדי לשמור על רכיבים אלה מעודכנים. לגבי אפליקציות אחרות, השיטות המומלצות שלנו להשגתן עדיין חלות.
!!! warning "אזהרה"
@@ -174,13 +174,13 @@ DivestOS משתמשת ב-F-Droid כחנות האפליקציות המוגדרת
מכשירי **גוגל פיקסל** ידועים כבעלי אבטחה טובה ותומכים כראוי ב[אתחול מאומת](https://source.android.com/security/verifiedboot), גם בעת התקנת מערכות הפעלה מותאמות אישית.
- Beginning with the **Pixel 8** and **8 Pro**, Pixel devices receive a minimum of 7 years of guaranteed security updates, ensuring a much longer lifespan compared to the 2-5 years competing OEMs typically offer.
+ החל מ-**Pixel 8** ו-**8 Pro**, מכשירי Pixel מקבלים לפחות 7 שנים של עדכוני אבטחה מובטחים, מה שמבטיח תוחלת חיים ארוכה בהרבה בהשוואה ל-2-5 שנים שמציעות בדרך כלל יצרני OEM מתחרים.
[:material-shopping: חנות](https://store.google.com/category/phones){ .md-button .md-button--primary }
רכיבים מאובטחים כמו Titan M2 מוגבלים יותר מסביבת הביצוע המהימנה של המעבד המשמשת את רוב הטלפונים האחרים מכיוון שהם משמשים רק לאחסון סודות, הוכחת חומרה והגבלת קצב, לא להפעלת תוכניות "מהימנות". טלפונים ללא Secure Element חייבים להשתמש ב-TEE עבור *כל* הפונקציות הללו, וכתוצאה מכך משטח התקפה גדול יותר.
-Google Pixel phones use a TEE OS called Trusty which is [open source](https://source.android.com/security/trusty#whyTrusty), unlike many other phones.
+טלפונים של Google Pixel משתמשים במערכת הפעלה TEE בשם Trusty שהיא [קוד פתוח](https://source.android.com/security/trusty#whyTrusty), בניגוד לטלפונים רבים אחרים.
ההתקנה של GrapheneOS בטלפון Pixel קלה עם [מתקין האינטרנט שלהם](https://grapheneos.org/install/web). אם אתה לא מרגיש בנוח לעשות את זה בעצמך ומוכן להוציא קצת כסף נוסף, בדוק את ה-[NitroPhone](https://shop.nitrokey.com/shop) מכיוון שהם נטענים מראש עם GrapheneOS של חברת [Nitrokey](https://www.nitrokey.com/about) המכובדת.
@@ -215,39 +215,6 @@ Google Pixel phones use a TEE OS called Trusty which is [open source](https://so
כשאתה משתמש ב-Shelter, אתה נותן אמון מלא במפתח שלו, שכן Shelter פועל כ[מנהל מכשיר](https://developer.android.com/guide/topics/admin/device-admin) כדי ליצור את פרופיל העבודה, וכן יש לו גישה נרחבת לנתונים המאוחסנים בפרופיל העבודה.
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor** היא אפליקציה הממנפת תכונות אבטחת חומרה כדי לספק ניטור שלמות המכשיר על ידי אימות אקטיבי של זהות המכשיר ושלמות מערכת ההפעלה שלו. נכון לעכשיו, זה עובד רק עם GrapheneOS או מערכת ההפעלה המניות עבור [מכשירים נתמכים](https://attestation.app/about#device-support).
-
- [:octicons-home-16: דף הבית](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="מדיניות פרטיות" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=תיעוד}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="קוד מקור" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=לתרומה }
-
- ??? downloads "הורדות"
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor מבצע אישור וזיהוי חדירה על ידי:
-
-- באמצעות מודל [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) בין *מבקר* ל*מבוקר*, הזוג יוצר מפתח פרטי ב[מאגר המפתחות המגובה בחומרה](https://source.android.com/security/keystore/) של ה*מבקר*.
-- *auditor* יכול להיות מופע אחר של אפליקציית Auditor או [שירות אישור מרחוק](https://attestation.app).
-- המבקר רושם את המצב הנוכחי ואת התצורה של המבוקר. ה*auditor* מתעד את המצב והתצורה הנוכחיים של ה*auditee*.
-- אם התעסקות במערכת ההפעלה של ה*auditee* תתרחש לאחר השלמת ההתאמה, המבקר יהיה מודע לשינוי במצב המכשיר ובתצורות.
-- תקבל התראה על השינוי.
-
-לא נמסר מידע מזהה אישי לשירות האישורים. אנו ממליצים להירשם עם חשבון אנונימי ולאפשר אישור מרחוק לניטור רציף.
-
-אם [מודל האיומים](basics/threat-modeling.md) שלך דורש פרטיות, תוכל לשקול להשתמש ב-[Orbot](tor.md#orbot)או ב-VPN כדי להסתיר את כתובת ה-IP שלך משירות האישורים. כדי לוודא שהחומרה ומערכת ההפעלה שלך מקוריות, [בצע אישור מקומי](https://grapheneos.org/install/web#verifying-installation) מיד לאחר התקנת המכשיר ולפני כל חיבור לאינטרנט.
-
### Secure Camera
!!! recommendation
@@ -307,19 +274,19 @@ Auditor מבצע אישור וזיהוי חדירה על ידי:
!!! recommendation
- { align=right }
+ { align=right }
- **Obtainium** is an app manager which allows you to install and update apps directly from the developer's own releases page (i.e. GitHub, GitLab, the developer's website, etc.), rather than a centralized app store/repository. It supports automatic background updates on Android 12 and higher.
+ **Obtainium** הוא מנהל אפליקציות המאפשר לך להתקין ולעדכן אפליקציות ישירות מדף ההפצות של המפתח עצמו (כלומר. GitHub, GitLab, אתר האינטרנט של המפתח וכו'), במקום חנות/מאגר אפליקציות מרכזי. הוא תומך בעדכוני רקע אוטומטיים באנדרואיד 12 ומעלה.
- [:octicons-repo-16: Repository](https://github.com/ImranR98/Obtainium#readme){ .md-button .md-button--primary }
- [:octicons-code-16:](https://github.com/ImranR98/Obtainium){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://github.com/sponsors/ImranR98){ .card-link title=Contribute }
+ [:octicons-repo-16: מאגר](https://github.com/ImranR98/Obtainium#readme){ .md-button .md-button--primary }
+ [:octicons-code-16:](https://github.com/ImranR98/Obtainium){ .card-link title="קוד מקור" }
+ [:octicons-heart-16:](https://github.com/sponsors/ImranR98){ .card-link title=לתרומה }
- ??? downloads
+ ??? downloads "הורדות"
- [:simple-github: GitHub](https://github.com/ImranR98/Obtainium/releases)
-Obtainium allows you to download APK installer files from a wide variety of sources, and it is up to you to ensure those sources and apps are legitimate. For example, using Obtainium to install Signal from [Signal's APK landing page](https://signal.org/android/apk/) should be fine, but installing from third-party APK repositories like Aptoide or APKPure may pose additional risks. The risk of installing a malicious *update* is lower, because Android itself verifies that all app updates are signed by the same developer as the existing app on your phone before installing them.
+Obtainium מאפשר לך להוריד קבצי התקנת APK ממגוון רחב של מקורות, וזה תלוי בך לוודא שהמקורות והאפליקציות האלה לגיטימיים. לדוגמה, השימוש ב-Obtainium כדי להתקין את Signal מ[דף הנחיתה של סיגנל APK](https://signal.org/android/apk/) אמור להיות בסדר, אבל התקנה ממאגרי APK של צד שלישי כמו Aptoide או APKPure עלולים להוות סיכונים נוספים. הסיכון של התקנת *עדכון* זדוני נמוך יותר, מכיוון שאנדרואיד עצמו מוודא שכל עדכוני האפליקציה חתומים על ידי אותו מפתח כמו האפליקציה הקיימת בטלפון שלך לפני התקנתם.
### GrapheneOS App Store
@@ -335,9 +302,9 @@ Obtainium allows you to download APK installer files from a wide variety of sour
**Aurora Store** היא לקוח של חנות Google Play שאינה דורשת חשבון Google, שירותי Google Play או microG כדי להוריד אפליקציות.
- [:octicons-home-16: Homepage](https://auroraoss.com/){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://gitlab.com/AuroraOSS/AuroraStore/-/blob/master/POLICY.md){ .card-link title="Privacy Policy" }
- [:octicons-code-16:](https://gitlab.com/AuroraOSS/AuroraStore){ .card-link title="Source Code" }
+ [:octicons-home-16: דף הבית](https://auroraoss.com/){ .md-button .md-button--primary }
+ [:octicons-eye-16:](https://gitlab.com/AuroraOSS/AuroraStore/-/blob/master/POLICY.md){ .card-link title="מדיניות הפרטיות" }
+ [:octicons-code-16:](https://gitlab.com/AuroraOSS/AuroraStore){ .card-link title="קוד מקור" }
??? downloads "הורדות"
@@ -347,9 +314,9 @@ Aurora Store לא מאפשרת להוריד אפליקציות בתשלום עם
### התראות RSS באופן ידני
-עבור אפליקציות שמשוחררות בפלטפורמות כמו GitHub ו-GitLab, ייתכן שתוכל להוסיף עדכון RSS ל[צובר החדשות](/news-aggregators) שלך שיעזור לך לעקוב אחר מהדורות חדשות.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
-   
+   
#### Github
@@ -398,17 +365,17 @@ Aurora Store לא מאפשרת להוריד אפליקציות בתשלום עם
{ align=right width=120px }
-==We only recommend F-Droid as a way to obtain apps which cannot be obtained via the means above.== F-Droid is often recommended as an alternative to Google Play, particularly in the privacy community. האפשרות להוסיף מאגרי צד שלישי ולא להיות מוגבלים לגן המוקף חומה של גוגל הובילה לפופולריות שלו. ל-F-Droid יש בנוסף [בנייה הניתנת לשחזור](https://f-droid.org/en/docs/Reproducible_Builds/) עבור יישומים מסוימים והוא מוקדש לתוכנות חינמיות וקוד פתוח. However, there are some security-related downsides to how F-Droid builds, signs, and delivers packages:
+==אנו ממליצים רק על F-Droid כדרך להשיג אפליקציות שלא ניתן להשיג באמצעים שלמעלה.== F-Droid מומלצת לעתים קרובות כחלופה ל-Google Play, במיוחד בקהילת הפרטיות. האפשרות להוסיף מאגרי צד שלישי ולא להיות מוגבלים לגן המוקף חומה של גוגל הובילה לפופולריות שלו. ל-F-Droid יש בנוסף [בנייה הניתנת לשחזור](https://f-droid.org/en/docs/Reproducible_Builds/) עבור יישומים מסוימים והוא מוקדש לתוכנות חינמיות וקוד פתוח. עם זאת, ישנם כמה חסרונות הקשורים לאבטחה באופן שבו F-Droid בונה, חותם ומספק חבילות:
-בשל תהליך בניית האפליקציות שלהם, אפליקציות במאגר ה-F-Droid הרשמי מפגרות לעתים קרובות בפיגור לגבי עדכונים. מנהלי F-Droid גם עושים שימוש חוזר במזהי חבילה בזמן חתימת אפליקציות עם המפתחות שלהם, וזה לא אידיאלי מכיוון שהוא נותן אמון אולטימטיבי לצוות F-Droid. Additionally, the requirements for an app to be included in the official F-Droid repo are less strict than other app stores like Google Play, meaning that F-Droid tends to host a lot more apps which are older, unmaintained, or otherwise no longer meet [modern security standards](https://developer.android.com/google/play/requirements/target-sdk).
+בשל תהליך בניית האפליקציות שלהם, אפליקציות במאגר ה-F-Droid הרשמי מפגרות לעתים קרובות בפיגור לגבי עדכונים. מנהלי F-Droid גם עושים שימוש חוזר במזהי חבילה בזמן חתימת אפליקציות עם המפתחות שלהם, וזה לא אידיאלי מכיוון שהוא נותן אמון אולטימטיבי לצוות F-Droid. בנוסף, הדרישות להכללת אפליקציה במאגר ה-F-Droid הרשמי הן פחות מחמירות מחנויות אפליקציות אחרות כמו Google Play, כלומר F-Droid נוטה לארח הרבה יותר אפליקציות ישנות יותר, לא מתוחזקות או לא יותר לעמוד ב[תקני אבטחה מודרניים](https://developer.android.com/google/play/requirements/target-sdk).
-Other popular third-party repositories for F-Droid such as [IzzyOnDroid](https://apt.izzysoft.de/fdroid/) alleviate some of these concerns. מאגר IzzyOnDroid מושך רכיבים ישירות מ-GitHub והוא הדבר הטוב הבא למאגרים של המפתחים עצמם. However, it is not something that we can fully recommend, as apps are typically [removed](https://github.com/vfsfitvnm/ViMusic/issues/240#issuecomment-1225564446) from that repository if they are later added to the main F-Droid repository. למרות שזה הגיוני (מכיוון שהמטרה של המאגר המסוים הזה היא לארח אפליקציות לפני שהן מתקבלות למאגר ה-F-Droid הראשי), זה יכול להשאיר אותך עם אפליקציות מותקנות שכבר לא מקבלים עדכונים.
+מאגרי צד שלישי פופולריים אחרים עבור F-Droid כגון [IzzyOnDroid](https://apt.izzysoft.de/fdroid/) מקלים על חלק מהחששות הללו. מאגר IzzyOnDroid מושך רכיבים ישירות מ-GitHub והוא הדבר הטוב הבא למאגרים של המפתחים עצמם. עם זאת, זה לא משהו שאנחנו יכולים להמליץ עליו באופן מלא, מכיוון שאפליקציות בדרך כלל [מוסרות](https://github.com/vfsfitvnm/ViMusic/issues/240#issuecomment-1225564446) מהמאגר הזה אם הם יתווספו מאוחר יותר למאגר F-Droid הראשי. למרות שזה הגיוני (מכיוון שהמטרה של המאגר המסוים הזה היא לארח אפליקציות לפני שהן מתקבלות למאגר ה-F-Droid הראשי), זה יכול להשאיר אותך עם אפליקציות מותקנות שכבר לא מקבלים עדכונים.
-That said, the [F-Droid](https://f-droid.org/en/packages/) and [IzzyOnDroid](https://apt.izzysoft.de/fdroid/) repositories are home to countless apps, so they can be a useful tool to search for and discover open-source apps that you can then download through other means such as the Play Store, Aurora Store, or by getting the APK directly from the developer. You should use your best judgement when looking for new apps via this method, and keep an eye on how frequently the app is updated. Outdated apps may rely on unsupported libraries, among other things, posing a potential security risk.
+עם זאת, [F-Droid](https://f-droid.org/en/packages/) ו-[IzzyOnDroid](https://apt.izzysoft.de/fdroid/) הם ביתם של אינספור אפליקציות, כך שהם יכולים להוות כלי שימושי לחיפוש ולגלות אפליקציות קוד פתוח שתוכל להוריד באמצעים אחרים כגון Play Store, Aurora Store, או על ידי קבלת ה-APK ישירות מהמפתח. כדאי להשתמש במיטב שיקול הדעת כשאתה מחפש אפליקציות חדשות בשיטה זו, ולעקוב אחר התדירות שבה האפליקציה מתעדכנת. אפליקציות מיושנות עשויות להסתמך על ספריות שאינן נתמכות, בין היתר, מהוות סיכון אבטחה פוטנציאלי.
!!! note "F-Droid Basic"
- במקרים נדירים מסוימים, מפתח אפליקציה יפיץ אותה רק באמצעות F-Droid ([Gadgetbridge](https://gadgetbridge.org/) היא דוגמה אחת לכך). If you really need an app like that, we recommend using the newer [F-Droid Basic](https://f-droid.org/en/packages/org.fdroid.basic/) client instead of the original F-Droid app to obtain it. F-Droid Basic can do unattended updates without privileged extension or root, and has a reduced feature set (limiting attack surface).
+ במקרים נדירים מסוימים, מפתח אפליקציה יפיץ אותה רק באמצעות F-Droid ([Gadgetbridge](https://gadgetbridge.org/) היא דוגמה אחת לכך). אם אתה באמת צריך אפליקציה כזו, אנו ממליצים להשתמש בלקוח החדש יותר [F-Droid Basic](https://f-droid.org/en/packages/org.fdroid.basic/) במקום ב-F-Droid המקורי אפליקציה כדי להשיג אותו. F-Droid Basic יכול לבצע עדכונים ללא השגחה ללא הרחבה או שורש מורשים, ויש לו מערך תכונות מופחת (הגבלת משטח ההתקפה).
## קריטריונים
diff --git a/i18n/he/basics/common-threats.md b/i18n/he/basics/common-threats.md
index fad4813f..780df524 100644
--- a/i18n/he/basics/common-threats.md
+++ b/i18n/he/basics/common-threats.md
@@ -39,7 +39,7 @@ description: מודל האיום שלך הוא אישי עבורך, אך אלו
למערכות הפעלה מובייל יש בדרך כלל ארגז חול טוב יותר לאפליקציות מאשר למערכות הפעלה שולחניות: אפליקציות אינן יכולות לקבל גישת שורש, ודורשות הרשאה לגישה למשאבי המערכת.
- מערכות הפעלה שולחניות בדרך כלל מפגרות עם ארגז חול נכון. ל-ChromeOS יש יכולות ארגז חול דומות לאנדרואיד, ול-macOS יש בקרת הרשאות מערכת מלאה (ומפתחים יכולים להצטרף לארגזי חול עבור יישומים). עם זאת, מערכות הפעלה אלו אכן משדרות מידע מזהה ליצרני ה-OEM שלהם. לינוקס נוטה לא לשלוח מידע לספקי מערכות, אך יש לה הגנה גרועה מפני ניצול ואפליקציות זדוניות. ניתן למתן את זה במידת מה עם הפצות מיוחדות שעושות שימוש משמעותי במכונות וירטואליות או קונטיינרים, כגון [Qubes OS](../../desktop/#qubes-os).
+ מערכות הפעלה שולחניות בדרך כלל מפגרות עם ארגז חול נכון. ל-ChromeOS יש יכולות ארגז חול דומות לאנדרואיד, ול-macOS יש בקרת הרשאות מערכת מלאה (ומפתחים יכולים להצטרף לארגזי חול עבור יישומים). עם זאת, מערכות הפעלה אלו אכן משדרות מידע מזהה ליצרני ה-OEM שלהם. לינוקס נוטה לא לשלוח מידע לספקי מערכות, אך יש לה הגנה גרועה מפני ניצול ואפליקציות זדוניות. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: התקפות ממוקדות
diff --git a/i18n/he/basics/vpn-overview.md b/i18n/he/basics/vpn-overview.md
index 323a4668..bb83d8d8 100644
--- a/i18n/he/basics/vpn-overview.md
+++ b/i18n/he/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: רשתות וירטואליות פרטיות מעבירות את הסיכון מספק שירותי האינטרנט שלך לצד שלישי שאתה סומך עליו. כדאי לזכור את הדברים האלה.
---
-רשתות וירטואליות פרטיות הן דרך להרחיב את הקצה של הרשת שלך ליציאה למקום אחר בעולם. ספק שירותי אינטרנט יכול לראות את זרימת תעבורת האינטרנט הנכנסת ויוצאת ממכשיר סיום הרשת שלך (כלומר מודם).
+רשתות וירטואליות פרטיות הן דרך להרחיב את הקצה של הרשת שלך ליציאה למקום אחר בעולם.
-פרוטוקולי הצפנה כגון HTTPS נמצאים בשימוש נפוץ באינטרנט, כך שהם אולי לא יוכלו לראות בדיוק מה אתה מפרסם או קורא, אבל הם יכולים לקבל מושג על [הדומיינים שאתה מבקש](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+בדרך כלל, ספק שירותי אינטרנט יכול לראות את זרימת תעבורת האינטרנט הנכנסת ויוצאת ממכשיר סיום הרשת שלך (כלומר מודם). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-VPN יכול לעזור מכיוון שהוא יכול להעביר אמון לשרת במקום אחר בעולם. כתוצאה מכך, ספק שירותי האינטרנט רואה רק שאתה מחובר ל-VPN ושום דבר לגבי הפעילות שאתה מעביר אליו.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note "הערה"
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## האם כדאי להשתמש ב - VPN?
-**כן**, אלא אם אתה כבר משתמש ב-Tor. VPN עושה שני דברים: מעביר את הסיכונים מספק שירותי האינטרנט שלך לעצמו והסתרת ה-IP שלך משירות של צד שלישי.
-
-VPNs אינם יכולים להצפין נתונים מחוץ לחיבור בין המכשיר שלך לשרת VPN. ספקי VPN יכולים לראות ולשנות את התעבורה שלך באותו אופן שבו ספק שירותי האינטרנט שלך יכול לראות. ואין דרך לאמת את מדיניות "ללא רישום" של ספק VPN בשום אופן.
-
-עם זאת, הם מסתירים את ה-IP האמיתי שלך משירות של צד שלישי, בתנאי שאין דליפות IP. הם עוזרים לך להשתלב עם אחרים ולהפחית מעקב מבוסס IP.
-
-## מתי לא כדאי להשתמש ב - VPN?
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-פעולה זו עלולה להפעיל מערכות זיהוי דואר זבל והונאות, כגון אם היית נכנס לאתר האינטרנט של הבנק שלך.
-
-## מה לגבי הצפנה?
-
-ההצפנה המוצעת על ידי ספקי VPN נמצאת בין המכשירים שלך לשרתים שלהם. זה מבטיח שהקישור הספציפי הזה מאובטח. זהו שלב עלייה משימוש בפרוקסי לא מוצפנים שבהם יריב ברשת יכול ליירט את התקשורת בין המכשירים שלך לפרוקסי האמורים ולשנות אותם. עם זאת, הצפנה בין האפליקציות או הדפדפנים שלך עם ספקי השירות אינה מטופלת על ידי הצפנה זו.
-
-על מנת לשמור על פרטיות ומאובטחת מה שאתה עושה באתרים שבהם אתה מבקר, עליך להשתמש ב-HTTPS. זה ישמור על הסיסמאות, אסימוני הפגישה והשאילתות שלך בטוחים מספק ה-VPN. שקול להפעיל "HTTPS בכל מקום" בדפדפן שלך כדי למתן התקפות שדרוג לאחור כמו [רצועת SSL](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## האם עלי להשתמש ב-DNS מוצפן עם VPN?
-
-אלא אם כן ספק ה-VPN שלך מארח את שרתי ה-DNS המוצפנים, **לא**. שימוש ב-DOH/DOT (או כל צורה אחרת של DNS מוצפן) עם שרתי צד שלישי פשוט יוסיף עוד ישויות למתן אמון ו**לא עושה כלום** לשיפור הפרטיות/אבטחתך. ספק ה-VPN שלך עדיין יכול לראות באילו אתרים אתה מבקר בהתבסס על כתובות ה-IP ושיטות אחרות. במקום לסמוך רק על ספק ה-VPN שלך, אתה בוטח כעת גם בספק ה-VPN וגם בספק ה-DNS.
-
-סיבה נפוצה להמליץ על DNS מוצפן היא שהוא עוזר נגד זיוף DNS. עם זאת, הדפדפן שלך כבר אמור לבדוק [אישורי TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) עם **HTTPS** ולהזהיר אותך לגבי זה. אם אינך משתמש ב**HTTPS**, יריב עדיין יכול פשוט לשנות כל דבר מלבד שאילתות ה-DNS שלך והתוצאה הסופית תהיה מעט שונה.
-
-מיותר לציין ש**לא כדאי להשתמש ב-DNS מוצפן עם Tor**. זה יפנה את כל בקשות ה-DNS שלך דרך מעגל יחיד ויאפשר לספק ה-DNS המוצפן לעשות לך דה-אנוניזציה.
-
-## האם עלי להשתמש ב- Tor *וגם*-VPN?
-
-על ידי שימוש ב-VPN עם Tor, אתה יוצר בעצם צומת כניסה קבוע, לעתים קרובות עם שביל כסף מחובר. זה מספק אפס יתרונות נוספים לך, תוך הגדלת משטח ההתקפה של החיבור שלך באופן דרמטי. אם אתה רוצה להסתיר את השימוש שלך ב-Tor מ-ISP שלך או מהממשלה שלך, ל-Tor יש פתרון מובנה לכך: גשרי Tor. [קרא עוד על גשרי Tor ומדוע אין צורך להשתמש ב-VPN](../advanced/tor-overview.md).
-
-## מה אם אני צריך אנונימיות?
-
-רשתות VPN לא יכולות לספק אנונימיות. ספק ה-VPN שלך עדיין יראה את כתובת ה-IP האמיתית שלך, ולעתים קרובות יש לו שובל כסף שניתן לקשר ישירות אליך. אינך יכול להסתמך על מדיניות "ללא רישום" כדי להגן על הנתונים שלך. השתמש [ב Tor](https://www.torproject.org/) במקום.
-
-## מה לגבי ספקי VPN המספקים צמתי Tor?
-
-אל תשתמש בתכונה זו. הנקודה בשימוש ב-Tor היא שאינך סומך על ספק ה-VPN שלך. נכון לעכשיו Tor תומך רק בפרוטוקול [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol). [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (בשימוש [WebRTC](https://en.wikipedia.org/wiki/WebRTC) לשיתוף קול ווידאו, פרוטוקול [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) החדש וכו'), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) וחבילות אחרות יוסרו. כדי לפצות על כך, ספקי VPN בדרך כלל ינתבו את כל החבילות שאינן TCP דרך שרת ה-VPN שלהם (הקפיצה הראשונה שלך). זה המקרה עם [ProtonVPN](https://protonvpn.com/support/tor-vpn/). בנוסף, בעת שימוש בהגדרת Tor over VPN זו, אין לך שליטה על תכונות Tor חשובות אחרות כגון [כתובת יעד מבודדת](https://www.whonix.org/wiki/Stream_Isolation) (באמצעות מעגל Tor שונה עבור כל דומיין שאתה מבקר בו).
-
-יש לראות את התכונה כדרך נוחה לגשת לרשת Tor, לא להישאר אנונימית. לאנונימיות נאותה, השתמש בדפדפן TorSocks, Tor או שער Tor.
-
-## מתי רשתות VPN שימושיות?
-
-VPN עדיין עשוי להיות שימושי עבורך במגוון תרחישים, כגון:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. הסתרת התנועה שלך **רק** מספק האינטרנט שלך.
1. הסתרת ההורדות שלך (כגון טורנטים) מספק האינטרנט שלך וארגונים נגד פיראטיות.
-1. הסתרת ה-IP שלך מאתרי אינטרנט ושירותים של צד שלישי, מניעת מעקב מבוסס IP.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-במצבים כאלה, או אם יש לך סיבה משכנעת אחרת, ספקי רשתות ה-VPN שציינו לעיל הם אלו שאנו חושבים שהם הכי אמינים. עם זאת, שימוש בספק VPN עדיין אומר שאתה *סומך* על הספק. כמעט בכל תרחיש אחר אתה אמור להשתמש בכלי מאובטח **לפי-העיצוב** כגון Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## מקורות וקריאה נוספת
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. ואין דרך לאמת את מדיניות "ללא רישום" של ספק VPN בשום אופן.
-1. [VPN - נרטיב מאוד מעורער](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) מאת Dennis Schubert
-1. [סקירה כללית של רשת Tor](../advanced/tor-overview.md)
-1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-1. ["האם אני צריך VPN?"](https://www.doineedavpn.com), כלי שפותח על ידי IVPN כדי לאתגר שיווק VPN אגרסיבי על ידי סיוע לאנשים להחליט אם VPN מתאים להם.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. פעולה זו עלולה להפעיל מערכות זיהוי דואר זבל והונאות, כגון אם היית נכנס לאתר האינטרנט של הבנק שלך.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. על מנת לשמור על פרטיות ומאובטחת מה שאתה עושה באתרים שבהם אתה מבקר, עליך להשתמש ב-HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## האם עלי להשתמש ב-DNS מוצפן עם VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. ספק ה-VPN שלך עדיין יכול לראות באילו אתרים אתה מבקר בהתבסס על כתובות ה-IP ושיטות אחרות. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. עם זאת, הדפדפן שלך כבר אמור לבדוק [אישורי TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) עם **HTTPS** ולהזהיר אותך לגבי זה. אם אינך משתמש ב**HTTPS**, יריב עדיין יכול פשוט לשנות כל דבר מלבד שאילתות ה-DNS שלך והתוצאה הסופית תהיה מעט שונה.
+
+## האם עלי להשתמש ב- Tor *וגם*-VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. כדי לפצות על כך, ספקי VPN בדרך כלל ינתבו את כל החבילות שאינן TCP דרך שרת ה-VPN שלהם (הקפיצה הראשונה שלך). זה המקרה עם [ProtonVPN](https://protonvpn.com/support/tor-vpn/). בנוסף, בעת שימוש בהגדרת Tor over VPN זו, אין לך שליטה על תכונות Tor חשובות אחרות כגון [כתובת יעד מבודדת](https://www.whonix.org/wiki/Stream_Isolation) (באמצעות מעגל Tor שונה עבור כל דומיין שאתה מבקר בו).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## מידע שקשור ל VPN
@@ -76,3 +112,4 @@ VPN עדיין עשוי להיות שימושי עבורך במגוון תרחי
- [חקירת אפליקציית VPN בחינם](https://www.top10vpn.com/free-vpn-app-investigation/)
- [בעלי VPN מוסתרים חשפו: 101 מוצרי VPN המנוהלים על ידי 23 חברות בלבד](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [החברה הסינית הזו עומדת בסתר מאחורי 24 אפליקציות פופולריות שמחפשות הרשאות מסוכנות](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - נרטיב מאוד מעורער](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) מאת Dennis Schubert
diff --git a/i18n/he/calendar.md b/i18n/he/calendar.md
index 364cb12c..2da61f14 100644
--- a/i18n/he/calendar.md
+++ b/i18n/he/calendar.md
@@ -11,21 +11,21 @@ cover: calendar.webp
!!! recommendation
- { align=right }
+ { align=right }
- **Tuta** offers a free and encrypted calendar across their supported platforms. Features include: automatic E2EE of all data, sharing features, import/export functionality, multi-factor authentication, and [more](https://tuta.com/calendar-app-comparison/).
+ **Tuta** מציעה לוח שנה בחינם ומוצפן על פני הפלטפורמות הנתמכות שלהם. התכונות כוללות: E2EE אוטומטי של כל הנתונים, תכונות שיתוף, פונקציונליות ייבוא/ייצוא, אימות רב-גורמי ו-[עוד](https://tuta.com/calendar-app-comparison/).
מספר לוחות שנה ופונקציונליות שיתוף מורחבת מוגבלים למנויים בתשלום.
- [:octicons-home-16: Homepage](https://tuta.com/calendar){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://tuta.com/privacy){ .card-link title="Privacy Policy" }
- [:octicons-info-16:](https://tuta.com/faq){ .card-link title=Documentation}
- [:octicons-code-16:](https://github.com/tutao/tutanota){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://tuta.com/community/){ .card-link title=Contribute }
+ [:octicons-home-16: דף הבית](https://tuta.com/calendar){ .md-button .md-button--primary }
+ [:octicons-eye-16:](https://tuta.com/privacy){ .card-link title="מדיניות הפרטיות" }
+ [:octicons-info-16:](https://tuta.com/faq){ .card-link title=תיעוד}
+ [:octicons-code-16:](https://github.com/tutao/tutanota){ .card-link title="קוד מקור" }
+ [:octicons-heart-16:](https://tuta.com/community/){ .card-link title=לתרומה }
- ??? downloads
+ ??? downloads "הורדות"
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=de.tutao.tutanota)
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=de.tutao.tutanota)
- [:simple-appstore: App Store](https://apps.apple.com/us/app/tutanota/id922429609)
- [:simple-windows11: Windows](https://tuta.com/blog/posts/desktop-clients/)
- [:simple-apple: macOS](https://tuta.com/blog/posts/desktop-clients/)
@@ -46,7 +46,7 @@ cover: calendar.webp
[:octicons-info-16:](https://proton.me/support/proton-calendar-guide){ .card-link title=תיעוד}
[:octicons-code-16:](https://github.com/ProtonMail/WebClients){ .card-link title="קוד מקור" }
- ??? downloads
+ ??? downloads "הורדות"
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=me.proton.android.calendar)
- [:simple-appstore: App Store](https://apps.apple.com/app/apple-store/id1514709943)
diff --git a/i18n/he/data-redaction.md b/i18n/he/data-redaction.md
index d9b60767..112c6b38 100644
--- a/i18n/he/data-redaction.md
+++ b/i18n/he/data-redaction.md
@@ -142,5 +142,5 @@ cover: data-redaction.webp
אנו עובדים על קביעת קריטריונים מוגדרים לכל קטע באתר שלנו, והדבר עשוי להשתנות. אם יש לך שאלות כלשהן לגבי הקריטריונים שלנו, אנא [שאל בפורום שלנו](https://discuss.privacyguides.net/latest) ואל תניח שלא שקלנו משהו כשהצענו את ההמלצות שלנו אם הוא לא רשום כאן. ישנם גורמים רבים שנחשבים ונדונים כאשר אנו ממליצים על פרויקט, ותיעוד כל אחד מהם הוא עבודה בתהליך.
-- Apps developed for open-source operating systems must be open source.
+- אפליקציות שפותחו עבור מערכות הפעלה בקוד פתוח חייבות להיות בקוד פתוח.
- יישומים חייבים להיות חינמיים ולא לכלול מודעות או מגבלות אחרות.
diff --git a/i18n/he/desktop.md b/i18n/he/desktop.md
index c678419f..373274a3 100644
--- a/i18n/he/desktop.md
+++ b/i18n/he/desktop.md
@@ -120,11 +120,9 @@ Nix הוא מנהל חבילות מבוסס מקור; אם אין מוכן מר
Whonix אמור לפעול כמו שתי מכונות וירטואליות: "תחנת עבודה" ו "שער" Tor כל התקשורת מתחנת העבודה חייבת לעבור דרך שער טור. משמעות הדבר היא כי גם אם תחנת העבודה נפגעת על ידי תוכנות זדוניות מסוג כלשהו, כתובת ה - IP האמיתית נשארת מוסתרת.
-חלק מהתכונות כוללות בידוד Tor Stream, אנונימיזציה של [הקשות](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [החלפה מוצפנת](https://github.com/Whonix/swap-file-creator), והקצאת זיכרון מוקשה.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-גירסאות עתידיות של Whonix יכללו ככל הנראה [מדיניות AppArmor מערכת מלאה](https://github.com/Whonix/apparmor-profile-everything) ו [משגר יישום ארגז חול](https://www.whonix.org/wiki/Sandbox-app-launcher) כדי להגביל באופן מלא את כל התהליכים במערכת.
-
-Whonix הוא הטוב ביותר בשימוש [בשילוב עם Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes - Whonix יש [חסרונות שונים](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) בהשוואה hypervisors אחרים.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/he/device-integrity.md b/i18n/he/device-integrity.md
new file mode 100644
index 00000000..73ba748e
--- /dev/null
+++ b/i18n/he/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: תקינות המכשיר
+icon: material/security
+description: ניתן להשתמש בכלים אלה כדי לבדוק אם המכשירים שלך נפגעו.
+cover: device-integrity.webp
+---
+
+ניתן להשתמש בכלים אלה כדי לאמת את תקינות המכשירים הניידים שלך ולבדוק אותם עבור אינדיקטורים של פשרה על ידי תוכנות ריגול ותוכנות זדוניות כגון Pegasus, Predator או KingsPawn. דף זה מתמקד ב-**אבטחת סלולר**, מכיוון שלמכשירים ניידים יש בדרך כלל מערכות לקריאה בלבד עם תצורות ידועות, כך שזיהוי שינויים זדוניים קל יותר מאשר במערכות שולחניות מסורתיות. אנו עשויים להרחיב את המיקוד של דף זה בעתיד.
+
+!!! note "זה נושא מתקדם"
+
+```
+כלים אלה עשויים לספק שימוש עבור אנשים מסוימים. הם מספקים פונקציונליות שרוב האנשים לא צריכים לדאוג לגביה, ולעתים קרובות דורשים ידע טכני מעמיק יותר כדי להשתמש ביעילות.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger "סַכָּנָה"
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning "אזהרה"
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning "אזהרה"
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning "אזהרה"
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/he/email-clients.md b/i18n/he/email-clients.md
index 41109e6d..05939db4 100644
--- a/i18n/he/email-clients.md
+++ b/i18n/he/email-clients.md
@@ -143,13 +143,13 @@ Canary Mail הוא קוד סגור. אנו ממליצים על זה בגלל ה
בעתיד, K-9 Mail יהיה [המותג הרשמי](https://k9mail.app/2022/06/13/K-9-Mail-and-Thunderbird.html) לקוח Thunderbird עבור אנדרואיד.
- [:octicons-home-16: Homepage](https://k9mail.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://k9mail.app/privacy){ .card-link title="Privacy Policy" }
- [:octicons-info-16:](https://docs.k9mail.app/){ .card-link title=Documentation}
- [:octicons-code-16:](https://github.com/thundernest/k-9){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://k9mail.app/contribute){ .card-link title=Contribute }
+ [:octicons-home-16: דף הבית](https://k9mail.app){ .md-button .md-button--primary }
+ [:octicons-eye-16:](https://k9mail.app/privacy){ .card-link title="מדיניות הפרטיות" }
+ [:octicons-info-16:](https://docs.k9mail.app/){ .card-link title=תיעוד}
+ [:octicons-code-16:](https://github.com/thundernest/k-9){ .card-link title="קוד מקור" }
+ [:octicons-heart-16:](https://k9mail.app/contribute){ .card-link title=לתרומה }
- ??? downloads
+ ??? downloads "הורדות"
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=com.fsck.k9)
- [:simple-github: GitHub](https://github.com/thundernest/k-9/releases)
@@ -226,7 +226,7 @@ Canary Mail הוא קוד סגור. אנו ממליצים על זה בגלל ה
### כישורים מינימליים
-- Apps developed for open-source operating systems must be open source.
+- אפליקציות שפותחו עבור מערכות הפעלה בקוד פתוח חייבות להיות בקוד פתוח.
- לא יכול לאסוף טלמטריה, או שיש דרך קלה להפוך את כל הטלמטריה ללא זמינה.
- חייב לתמוך בהצפנת הודעות OpenPGP.
@@ -234,7 +234,7 @@ Canary Mail הוא קוד סגור. אנו ממליצים על זה בגלל ה
הקריטריונים הטובים ביותר שלנו מייצגים את מה שהיינו רוצים לראות מהפרויקט המושלם בקטגוריה זו. ייתכן שההמלצות שלנו לא יכללו חלק מהפונקציונליות הזו או את כולה, אך אלו שכן כן עשויות לדרג גבוה יותר מאחרות בדף זה.
-- Should be open source.
+- צריך להיות קוד פתוח.
- צריך להיות חוצה פלטפורמות.
- אינו אוסף טלמטריה כברירת מחדל.
- צריך לתמוך ב - OpenPGP באופן מקורי, כלומר ללא הרחבות.
diff --git a/i18n/he/email.md b/i18n/he/email.md
index da307083..a42297e4 100644
--- a/i18n/he/email.md
+++ b/i18n/he/email.md
@@ -236,7 +236,7 @@ Skiff Mail אינו מציע תכונה דיגיטלית מדור קודם.
- [:simple-linux: Linux](https://tuta.com/#download)
- [:octicons-browser-16: Web](https://app.tuta.com/)
-Tuta doesn't support the [IMAP protocol](https://tuta.com/faq/#imap) or the use of third-party [email clients](email-clients.md), and you also won't be able to add [external email accounts](https://github.com/tutao/tutanota/issues/544#issuecomment-670473647) to the Tuta app. Neither [Email import](https://github.com/tutao/tutanota/issues/630) or [subfolders](https://github.com/tutao/tutanota/issues/927) are currently supported, though this is [due to be changed](https://tuta.com/blog/posts/kickoff-import). Emails can be exported [individually or by bulk selection](https://tuta.com/howto#generalMail) per folder, which may be inconvenient if you have many folders.
+Tuta אינו תומך ב[פרוטוקול IMAP](https://tuta.com/faq/#imap) או בשימוש ב[ של צד שלישי לקוחות אימייל](email-clients.md), וגם לא תוכל להוסיף [חשבונות אימייל חיצוניים](https://github.com/tutao/tutanota/issues/544#issuecomment-670473647) לאפליקציית Tuta. Neither [Email import](https://github.com/tutao/tutanota/issues/630) or [subfolders](https://github.com/tutao/tutanota/issues/927) are currently supported, though this is [due to be changed](https://tuta.com/blog/posts/kickoff-import). Emails can be exported [individually or by bulk selection](https://tuta.com/howto#generalMail) per folder, which may be inconvenient if you have many folders.
#### :material-check:{ .pg-green } דומיינים וכינויים מותאמים אישית
@@ -260,15 +260,15 @@ Tuta [does not use OpenPGP](https://tuta.com/support/#pgp). Tuta accounts can on
#### :material-information-outline:{ .pg-blue } סגירת חשבון
-Tuta will [delete inactive free accounts](https://tuta.com/faq#inactive-accounts) after six months. אם ברצונך לשלם, באפשרותך להשתמש שוב בחשבון חינמי שהושבת.
+Tuta [ימחק חשבונות בחינם לא פעילים](https://tuta.com/faq#inactive-accounts) לאחר שישה חודשים. אם ברצונך לשלם, באפשרותך להשתמש שוב בחשבון חינמי שהושבת.
#### :material-information-outline:{ .pg-blue } פונקציונליות נוספת
-Tuta offers the business version of [Tuta to non-profit organizations](https://tuta.com/blog/posts/secure-email-for-non-profit) for free or with a heavy discount.
+Tuta מציעה את הגרסה העסקית של [Tuta לארגונים ללא מטרות רווח](https://tuta.com/blog/posts/secure-email-for-non-profit) בחינם או בהנחה כבדה.
-Tuta also has a business feature called [Secure Connect](https://tuta.com/secure-connect/). זה מבטיח שיצירת קשר עם הלקוח לעסק משתמשת ב- E2EE. התכונה עולה 240 אירו לשנה.
+ל-Tuta יש גם תכונה עסקית בשם [חיבור מאובטח](https://tuta.com/secure-connect/). זה מבטיח שיצירת קשר עם הלקוח לעסק משתמשת ב- E2EE. התכונה עולה 240 אירו לשנה.
-Tuta doesn't offer a digital legacy feature.
+Tuta אינו מציע תכונה מורשת דיגיטלית.
## שירותי כינוי דוא"ל
@@ -494,7 +494,7 @@ SimpleLogin [נרכשה על ידי Proton AG](https://proton.me/news/proton-and
- טענות של "הצפנה בלתי שבירה " יש להשתמש בהצפנה מתוך כוונה שהיא לא תהיה סודית בעתיד כאשר הטכנולוגיה קיימת כדי לפצח אותה.
- ביצוע ערבויות של הגנה על 100% אנונימיות. כשמישהו טוען שמשהו הוא 100% זה אומר שאין ודאות לכישלון. אנחנו יודעים שאנשים יכולים בקלות להפוך את עצמם לאיאנונימיים במספר דרכים, למשל.:
- - Reusing personal information e.g. (email accounts, unique pseudonyms, etc.) that they accessed without anonymity software (Tor, VPN, etc.)
+ - שימוש חוזר במידע אישי, למשל. (חשבונות אימיילים, שמות בדויים ייחודיים וכו') שאליהם הם ניגשו ללא תוכנת אנונימיות (Tor, VPN וכו')
- [טביעת אצבע של דפדפן](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint)
**המקרה הטוב ביותר:**
diff --git a/i18n/he/encryption.md b/i18n/he/encryption.md
index 2632cf40..abb8f3b7 100644
--- a/i18n/he/encryption.md
+++ b/i18n/he/encryption.md
@@ -88,7 +88,7 @@ Truecrypt [נבדק מספר פעמים](https://en.wikipedia.org/wiki/TrueCrypt
## הצפנת דיסק מלא של מערכת ההפעלה
-For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
+להצפנת הכונן שמערכת ההפעלה שלך מאתחלת ממנו, אנו ממליצים בדרך כלל להפעיל את תוכנת ההצפנה שמגיעה עם מערכת ההפעלה שלך במקום להשתמש בכלי של צד שלישי. הסיבה לכך היא שכלי ההצפנה המקוריים של מערכת ההפעלה שלך עושים לעתים קרובות שימוש בתכונות ספציפיות למערכת ההפעלה ולחומרה כמו [מעבד ההצפנה המאובטח](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) במכשיר שלך כדי להגן על המחשב שלך מפני התקפות פיזיות מתקדמות יותר. עבור כוננים משניים וכוננים חיצוניים שאתה *אינך* מאתחל מהם, אנו עדיין ממליצים להשתמש בכלי קוד פתוח כמו [VeraCrypt](#veracrypt-disk) על הכלים שלהלן, מכיוון שהם מציעים גמישות נוספת ומאפשרים לך להימנע מנעילת ספקים.
### BitLocker
@@ -96,7 +96,7 @@ For encrypting the drive your operating system boots from, we generally recommen
{ align=right }
- **BitLocker** הוא פתרון ההצפנה המלא המצורף ל-Microsoft Windows. The main reason we recommend it for encrypting your boot drive is because of its [use of TPM](https://docs.microsoft.com/en-us/windows/security/information-protection/tpm/how-windows-uses-the-tpm). ElcomSoft, a forensics company, has written about this feature in [Understanding BitLocker TPM Protection](https://blog.elcomsoft.com/2021/01/understanding-BitLocker-tpm-protection/).
+ **BitLocker** הוא פתרון ההצפנה המלא המצורף ל-Microsoft Windows. הסיבה העיקרית שאנו ממליצים עליה להצפנת כונן האתחול שלך היא בגלל [השימוש ב-TPM](https://docs.microsoft.com/en-us/windows/security/information-protection/tpm/how-windows-uses-the-tpm). ElcomSoft, חברה לזיהוי פלילי, כתבה על תכונה זו ב-[הבנת BitLocker TPM Protection](https://blog.elcomsoft.com/2021/01/understanding-BitLocker-tpm-protection/).
[:octicons-info-16:](https://docs.microsoft.com/en-us/windows/security/information-protection/BitLocker/BitLocker-overview){ .card-link title=תיעוד}
@@ -104,7 +104,7 @@ BitLocker [ נתמך רק](https://support.microsoft.com/en-us/windows/turn-on-d
??? example "הפעלת BitLocker ב-Windows Home""
- כדי להפעיל את BitLocker במהדורות "בית" של Windows, חייבות להיות לך מחיצות מעוצבות עם [טבלת מחיצות GUID](https://en.wikipedia.org/wiki/GUID_Partition_Table) ובעלות TPM ייעודי (v1.2, 2.0+) מודול. You may need to [disable the non-Bitlocker "Device encryption" functionality](https://discuss.privacyguides.net/t/enabling-bitlocker-on-the-windows-11-home-edition/13303/5) (which is inferior because it sends your recovery key to Microsoft's servers) if it is enabled on your device already before following this guide.
+ כדי להפעיל את BitLocker במהדורות "בית" של Windows, חייבות להיות לך מחיצות מעוצבות עם [טבלת מחיצות GUID](https://en.wikipedia.org/wiki/GUID_Partition_Table) ובעלות TPM ייעודי (v1.2, 2.0+) מודול. ייתכן שיהיה עליך [להשבית את הפונקציונליות של "הצפנת מכשיר" שאינה של Bitlocker](https://discuss.privacyguides.net/t/enabling-bitlocker-on-the-windows-11-home-edition/13303/5) ( שהוא נחות מכיוון שהוא שולח את מפתח השחזור שלך לשרתים של מיקרוסופט) אם הוא מופעל במכשיר שלך כבר לפני ביצוע המדריך הזה.
1. פתח שורת פקודה ובדוק את תבנית טבלת המחיצות של הכונן באמצעות הפקודה הבאה. אתה אמור לראות את "**GPT**" ברשימה תחת "סגנון מחיצה":
@@ -346,7 +346,7 @@ BitLocker [ נתמך רק](https://support.microsoft.com/en-us/windows/turn-on-d
### כישורים מינימליים
-- Cross-platform encryption apps must be open source.
+- אפליקציות הצפנה חוצות פלטפורמות חייבות להיות בקוד פתוח.
- אפליקציות להצפנת קבצים חייבות לתמוך בפענוח ב-Linux, macOS ו-Windows.
- אפליקציות להצפנת דיסק חיצוני חייבות לתמוך בפענוח ב-Linux, macOS ו-Windows.
- אפליקציות להצפנת דיסק פנימי (OS) חייבות להיות חוצות פלטפורמות או מובנות במערכת ההפעלה באופן מקורי.
diff --git a/i18n/he/financial-services.md b/i18n/he/financial-services.md
index 8567615d..95096312 100644
--- a/i18n/he/financial-services.md
+++ b/i18n/he/financial-services.md
@@ -44,7 +44,7 @@ Privacy.com מספק מידע על הסוחרים מהם אתה רוכש לבנ
[:octicons-eye-16:](https://anonyome.com/privacy-policy/){ .card-link title="מדיניות פרטיות" }
[:octicons-info-16:](https://support.mysudo.com/hc/en-us){ .card-link title=תיעוד}
-MySudo's virtual cards are currently only available via their iOS app.
+הכרטיסים הווירטואליים של MySudo זמינים כרגע רק דרך אפליקציית iOS שלהם.
### קריטריונים
diff --git a/i18n/he/frontends.md b/i18n/he/frontends.md
index 072f127f..bbe3f4ca 100644
--- a/i18n/he/frontends.md
+++ b/i18n/he/frontends.md
@@ -39,9 +39,9 @@ cover: frontends.webp
!!! recommendation
- { align=right }
+ { align=right }
- **ProxiTok** is an open-source frontend to the [TikTok](https://www.tiktok.com) website that is also self-hostable.
+ **ProxiTok** הוא חזית קוד פתוח לאתר [TikTok](https://www.tiktok.com) שהוא גם מארח עצמי.
ישנם מספר מופעים ציבוריים, כאשר בחלק מהמקרים יש תמיכה בשירותי בצל [Tor](https://www.torproject.org).
diff --git a/i18n/he/multi-factor-authentication.md b/i18n/he/multi-factor-authentication.md
index a19f3847..f9be45d6 100644
--- a/i18n/he/multi-factor-authentication.md
+++ b/i18n/he/multi-factor-authentication.md
@@ -23,12 +23,12 @@ cover: multi-factor-authentication.webp
[טבלת ההשוואה](https://www.yubico.com/store/compare/) מציגה את התכונות ואת אופן ההשוואה של YubiKeys. אנו ממליצים בחום לבחור במפתחות מסדרת YubiKey 5.
-ניתן לתכנת את [YubiKey מנהל](https://www.yubico.com/support/download/yubikey-manager/) או [YubiKey כלי התאמה אישית](https://www.yubico.com/support/download/yubikey-personalization-tools/). לניהול קודי TOTP, תוכל להשתמש ב - [Yubico Authenticator](https://www.yubico.com/products/yubico-authenticator/). All of Yubico's clients are open source.
+ניתן לתכנת את [YubiKey מנהל](https://www.yubico.com/support/download/yubikey-manager/) או [YubiKey כלי התאמה אישית](https://www.yubico.com/support/download/yubikey-personalization-tools/). לניהול קודי TOTP, תוכל להשתמש ב - [Yubico Authenticator](https://www.yubico.com/products/yubico-authenticator/). כל הלקוחות של Yubico הם קוד פתוח.
עבור דגמים התומכים ב - HOTP וב - TOTP, ישנם 2 חריצים בממשק ה - OTP שניתן להשתמש בהם עבור HOTP ו -32 חריצים לאחסון סודות TOTP. סודות אלה מאוחסנים מוצפנים על המפתח ואף פעם לא לחשוף אותם למכשירים הם מחוברים. ברגע שזרע (סוד משותף) ניתן למאמת Yubico, הוא ייתן רק את הקודים בני שש הספרות, אך לעולם לא את הזרע. מודל אבטחה זה עוזר להגביל את מה שתוקף יכול לעשות אם הוא מסכן את אחד המכשירים המריצים את המאמת של Yubico והופך את ה - YubiKey לעמיד בפני תוקף פיזי.
-!!! warning
- The firmware of YubiKey is not open source and is not updatable. אם אתה רוצה תכונות בגרסאות קושחה חדשות יותר, או אם ישנה פגיעות בגרסת הקושחה שבה אתה משתמש, תצטרך לרכוש מפתח חדש.
+!!! warning "אזהרה"
+ הקושחה של YubiKey אינה קוד פתוח ואינה ניתנת לעדכון. אם אתה רוצה תכונות בגרסאות קושחה חדשות יותר, או אם ישנה פגיעות בגרסת הקושחה שבה אתה משתמש, תצטרך לרכוש מפתח חדש.
### Nitrokey
@@ -58,7 +58,7 @@ cover: multi-factor-authentication.webp
ה-Nitrokey Pro 2, Nitrokey Storage 2 וה-Nitrokey 3 הקרובים תומכים באימות שלמות המערכת עבור מחשבים ניידים עם קושחת [Coreboot](https://www.coreboot.org/) + [Heads](https://osresearch.net/).
-Nitrokey's firmware is open source, unlike the YubiKey. הקושחה בדגמי NitroKey המודרניים (למעט ה**NitroKey Pro 2**) ניתנת לעדכון.
+הקושחה של Nitrokey היא קוד פתוח, שלא כמו YubiKey. הקושחה בדגמי NitroKey המודרניים (למעט ה**NitroKey Pro 2**) ניתנת לעדכון.
### קריטריונים
@@ -94,15 +94,15 @@ Nitrokey's firmware is open source, unlike the YubiKey. הקושחה בדגמי
!!! recommendation
- { align=right }
+ { align=right }
- **ente Auth** is a free and open-source app which stores and generates TOTP tokens on your mobile device. It can be used with an online account to backup and sync your tokens across your devices (and access them via a web interface) in a secure, end-to-end encrypted fashion. It can also be used offline on a single device with no account necessary.
+ **ente Auth** היא אפליקציה חינמית וקוד פתוח המאחסנת ויוצרת אסימוני TOTP במכשיר הנייד שלך. ניתן להשתמש בו עם חשבון מקוון כדי לגבות ולסנכרן את האסימונים שלך בין המכשירים שלך (ולגשת אליהם דרך ממשק אינטרנט) בצורה מאובטחת ומוצפנת מקצה לקצה. ניתן להשתמש בו גם במצב לא מקוון במכשיר בודד ללא צורך בחשבון.
- [:octicons-home-16: Homepage](https://ente.io/auth){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://ente.io/privacy){ .card-link title="Privacy Policy" }
- [:octicons-code-16:](https://github.com/ente-io/auth){ .card-link title="Source Code" }
+ [:octicons-home-16: דף הבית](https://ente.io/auth){ .md-button .md-button--primary }
+ [:octicons-eye-16:](https://ente.io/privacy){ .card-link title="מדיניות הפרטיות" }
+ [:octicons-code-16:](https://github.com/ente-io/auth){ .card-link title="קוד מקור" }
- ??? downloads
+ ??? downloads "הורדות"
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=io.ente.auth)
- [:simple-appstore: App Store](https://apps.apple.com/us/app/ente-authenticator/id6444121398)
@@ -113,9 +113,9 @@ Nitrokey's firmware is open source, unlike the YubiKey. הקושחה בדגמי
!!! recommendation
- { align=right }
+ { align=right }
- **Aegis Authenticator** is a free and open-source app for Android to manage your 2-step verification tokens for your online services. Aegis Authenticator operates completely offline/locally, but includes the option to export your tokens for backup unlike many alternatives.
+ **Aegis Authenticator** היא אפליקציה חינמית וקוד פתוח עבור אנדרואיד לניהול אסימוני האימות הדו-שלביים שלך עבור השירותים המקוונים שלך. Aegis Authenticator פועל באופן לא מקוון/מקומי לחלוטין, אך כולל אפשרות לייצא את האסימונים שלך לגיבוי בניגוד לחלופות רבות.
[:octicons-home-16: דף הבית](https://getaegis.app){ .md-button .md-button--primary }
[:octicons-eye-16:](https://getaegis.app/aegis/privacy.html){ .card-link title="מדיניות פרטיות" }
diff --git a/i18n/he/news-aggregators.md b/i18n/he/news-aggregators.md
index bee9b231..0fd485f0 100644
--- a/i18n/he/news-aggregators.md
+++ b/i18n/he/news-aggregators.md
@@ -35,9 +35,9 @@ cover: news-aggregators.webp
**Feeder** הוא קליינט RSS מודרני עבור אנדרואיד שיש לו רבים [features](https://gitlab.com/spacecowboy/Feeder#features) ועובד היטב עם תיקיות של הזנות RSS. הוא תומך ב [RSS](https://en.wikipedia.org/wiki/RSS), [Atom](https://en.wikipedia.org/wiki/Atom_(Web_standard)), [RDF](https://en.wikipedia.org/wiki/RDF%2FXML) and [JSON Feed](https://en.wikipedia.org/wiki/JSON_Feed).
- [:octicons-repo-16: Repository](https://github.com/spacecowboy/Feeder){ .md-button .md-button--primary }
- [:octicons-code-16:](https://github.com/spacecowboy/Feeder){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://ko-fi.com/spacecowboy){ .card-link title=Contribute }
+ [:octicons-repo-16: מאגר](https://github.com/spacecowboy/Feeder){ .md-button .md-button--primary }
+ [:octicons-code-16:](https://github.com/spacecowboy/Feeder){ .card-link title="קוד מקור" }
+ [:octicons-heart-16:](https://ko-fi.com/spacecowboy){ .card-link title=לתרומה }
??? downloads "הורדות"
diff --git a/i18n/he/os/android-overview.md b/i18n/he/os/android-overview.md
index 00cee0a7..070b46de 100644
--- a/i18n/he/os/android-overview.md
+++ b/i18n/he/os/android-overview.md
@@ -12,7 +12,7 @@ description: אנדרואיד היא מערכת הפעלה בקוד פתוח ע
### בחירת הפצת אנדרואיד
-When you buy an Android phone, the device's default operating system often comes with invasive integration with apps and services that are not part of the [Android Open Source Project](https://source.android.com/). דוגמה כזו היא שירותי Google Play, שיש לו הרשאות בלתי חוזרות לגשת לקבצים שלך, אחסון אנשי הקשר, יומני שיחות, הודעות SMS, מיקום, מצלמה, מיקרופון, מזהי חומרה וכו'. אפליקציות ושירותים אלו מגדילים את משטח ההתקפה של המכשיר שלך ומהווים מקור לחששות פרטיות שונים עם אנדרואיד.
+כאשר אתה קונה טלפון אנדרואיד, מערכת ההפעלה המוגדרת כברירת מחדל של המכשיר מגיעה לרוב עם אינטגרציה פולשנית עם אפליקציות ושירותים שאינם חלק מ[פרויקט הקוד הפתוח של אנדרואיד](https://source.android.com/). דוגמה כזו היא שירותי Google Play, שיש לו הרשאות בלתי חוזרות לגשת לקבצים שלך, אחסון אנשי הקשר, יומני שיחות, הודעות SMS, מיקום, מצלמה, מיקרופון, מזהי חומרה וכו'. אפליקציות ושירותים אלו מגדילים את משטח ההתקפה של המכשיר שלך ומהווים מקור לחששות פרטיות שונים עם אנדרואיד.
ניתן לפתור בעיה זו באמצעות הפצת אנדרואיד מותאמת אישית שאינה מגיעה עם אינטגרציה פולשנית כזו. לרוע המזל, הפצות רבות של אנדרואיד מותאמות אישית מפרות לעתים קרובות את מודל האבטחה של אנדרואיד בכך שאינן תומכות בתכונות אבטחה קריטיות כגון AVB, הגנה לאחור, עדכוני קושחה וכן הלאה. חלק מההפצות מספקות גם רכיבי [`userdebug`](https://source.android.com/setup/build/building#choose-a-target) אשר חושפים שורש באמצעות [ADB](https://developer.android.com/studio/command-line/adb) ודורשים [מדיניות](https://github.com/LineageOS/android_system_sepolicy/search?q=userdebug&type=code) SELinux מתירנית יותר כדי להתאים לתכונות ניפוי באגים, וכתוצאה מכך משטח התקפה מוגדל נוסף ומודל אבטחה מוחלש.
diff --git a/i18n/he/os/ios-overview.md b/i18n/he/os/ios-overview.md
index ec275e18..f01155a5 100644
--- a/i18n/he/os/ios-overview.md
+++ b/i18n/he/os/ios-overview.md
@@ -24,7 +24,7 @@ description: iOS היא מערכת הפעלה ניידת שפותחה על יד
לאפל היו בעבר בעיות עם אנונימיזציה נכונה של הטלמטריה שלהם ב-iOS. [בשנת 2019](https://www.theguardian.com/technology/2019/jul/26/apple-contractors-regularly-hear-confidential-details-on-siri-recordings), אפל נמצאה משדרת הקלטות Siri - חלקן מכילות מידע סודי ביותר - לשרתים שלהן לבדיקה ידנית על ידי קבלני צד שלישי. בזמן שהם הפסיקו זמנית את התוכנית הזו אחרי האימון הזה היה [דיווח נרחב על](https://www.theverge.com/2019/8/23/20830120/apple-contractors-siri-recordings-listening-1000-a-day-globetech-microsoft-cortana), הבעיה לא נפתרה לחלוטין [עד 2021](https://www.theguardian.com/technology/2021/jun/07/apple-overhauls-siri-to-address-privacy-concerns-and-improve-performance).
-More recently, Apple has been found to [transmit analytics even when analytics sharing is disabled](https://gizmodo.com/apple-iphone-analytics-tracking-even-when-off-app-store-1849757558) on iOS, and this data [appears](https://twitter.com/mysk_co/status/1594515229915979776) to be easily linked to unique iCloud account identifiers despite supposedly being anonymous.
+לאחרונה, נמצאה שאפל [משדרת ניתוח נתונים גם כאשר שיתוף הניתוח מושבת ](https://gizmodo.com/apple-iphone-analytics-tracking-even-when-off-app-store-1849757558) ב-iOS, והנתונים האלה [נראה](https://twitter.com/mysk_co/status/1594515229915979776) מקושרים בקלות למזהים ייחודיים של חשבון iCloud למרות שהם כביכול אנונימיים.
## תצורה מומלצת
diff --git a/i18n/he/os/macos-overview.md b/i18n/he/os/macos-overview.md
index c0f317e5..3b2caccf 100644
--- a/i18n/he/os/macos-overview.md
+++ b/i18n/he/os/macos-overview.md
@@ -134,21 +134,21 @@ macOS מבצעת בדיקות מקוונות כאשר אתה פותח אפליק
### כתובת MAC אקראית
-macOS uses a randomized MAC address when performing Wi-Fi scans while disconnected from a network. However, when you connect to a preferred Wi-Fi network, the MAC address used is never randomized. Full MAC address randomization is an advanced topic, and most people don't need to worry about performing the following steps.
+macOS משתמש בכתובת MAC אקראית בעת ביצוע סריקות Wi-Fi בזמן ניתוק מרשת. עם זאת, כאשר אתה מתחבר לרשת Wi-Fi מועדפת, כתובת ה-MAC המשמשת לעולם אינה אקראית. אקראיות מלאה של כתובות MAC היא נושא מתקדם, ורוב האנשים לא צריכים לדאוג לגבי ביצוע השלבים הבאים.
-Unlike iOS, macOS doesn't give you an option to randomize your MAC address in the settings, so if you wish to change this identifier, you'll need to do it with a command or a script. To set a random MAC address, first disconnect from the network if you're already connected, then open **Terminal** and enter this command to randomize your MAC address:
+בניגוד ל-iOS, macOS לא נותן לך אפשרות לעשות אקראי את כתובת ה-MAC שלך בהגדרות, כך שאם תרצה לשנות מזהה זה, תצטרך לעשות זאת עם פקודה או סקריפט. כדי להגדיר כתובת MAC אקראית, ראשית התנתק מהרשת אם אתה כבר מחובר, ואז פתח את **Terminal** והזן פקודה זו כדי להפוך את כתובת ה-MAC שלך באקראי:
``` zsh
openssl rand -hex 6 | sed 's/^\(.\{1\}\)./\12/; s/\(..\)/\1:/g; s/.$//' | xargs sudo ifconfig en0 ether
```
-`en0` is the name of the interface you're changing the MAC address for. ייתכן שזה לא המתאים בכל Mac, אז כדי לבדוק אתה יכול להחזיק את מקש האפשרות וללחוץ על סמל ה- Wi-Fi בפינה השמאלית העליונה של המסך. "Interface name" should be displayed at the top of the dropdown menu.
+`en0` הוא שם הממשק שעבורו אתה משנה את כתובת ה-MAC. ייתכן שזה לא המתאים בכל Mac, אז כדי לבדוק אתה יכול להחזיק את מקש האפשרות וללחוץ על סמל ה- Wi-Fi בפינה השמאלית העליונה של המסך. "שם ממשק" אמור להיות מוצג בחלק העליון של התפריט הנפתח.
-This command sets your MAC address to a randomized, "locally administered" address, matching the behavior of iOS, Windows, and Android's MAC address randomization features. This means that every character in the MAC address is fully randomized except the second character, which denotes the MAC address as *locally administered* and not in conflict with any actual hardware. This method is most compatible with modern networks. An alternative method is to set the first six characters of the MAC address to one of Apple's existing *Organizational Unique Identifiers*, which we'll leave as an exercise to the reader. That method is more likely to conflict with some networks, but may be less noticeable. Given the prevalence of randomized, locally administered MAC addresses in other modern operating systems, we don't think either method has significant privacy advantages over the other.
+פקודה זו מגדירה את כתובת ה-MAC שלך לכתובת אקראית, "מנוהלת מקומית", התואמת את ההתנהגות של תכונות האקראיות של כתובות MAC של iOS, Windows ו-Android. משמעות הדבר היא שכל תו בכתובת ה-MAC הוא אקראי לחלוטין מלבד התו השני, המציין את כתובת ה-MAC כ*מנוהלת מקומית* ואינה מתנגשת עם חומרה ממשית כלשהי. שיטה זו מתאימה ביותר לרשתות מודרניות. שיטה חלופית היא להגדיר את ששת התווים הראשונים של כתובת ה-MAC לאחד מ*מזהים ייחודיים ארגוניים* הקיימים של אפל, אותם נשאיר כתרגיל לקורא. סביר יותר ששיטה זו תתנגש עם רשתות מסוימות, אך עשויה להיות פחות בולטת. בהתחשב בשכיחותן של כתובות MAC אקראיות המנוהלות מקומית במערכות הפעלה מודרניות אחרות, איננו חושבים שלכל אחת מהשיטות יש יתרונות פרטיות משמעותיים על פני האחרת.
-When you connect to the network again, you'll connect with a random MAC address. זה יאופס עם אתחול מחדש.
+כאשר תתחבר שוב לרשת, תתחבר עם כתובת MAC אקראית. זה יאופס עם אתחול מחדש.
-Your MAC address is not the only unique information about your device which is broadcast on the network, your hostname is another piece of information which could uniquely identify you. You may wish to set your hostname to something generic like "MacBook Air", "Laptop", "John's MacBook Pro", or "iPhone" in **System Settings** > **General** > **Sharing**. Some [privacy scripts](https://github.com/sunknudsen/privacy-guides/tree/master/how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos#guide) allow you to easily generate hostnames with random names.
+כתובת ה-MAC שלך היא לא המידע הייחודי היחיד על המכשיר שלך המשודר ברשת, שם המארח שלך הוא עוד פיסת מידע שיכולה לזהות אותך באופן ייחודי. ייתכן שתרצה להגדיר את שם המארח שלך למשהו כללי כמו "MacBook Air", "Laptop", "John's MacBook Pro" או "iPhone" ב**הגדרות מערכת** > **כללי** > **שיתוף**. כמה [סקריפטים של פרטיות](https://github.com/sunknudsen/privacy-guides/tree/master/how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos#guide) מאפשרים לך ליצור בקלות שמות מארח עם שמות אקראיים.
## הגנות אבטחה
diff --git a/i18n/he/os/qubes-overview.md b/i18n/he/os/qubes-overview.md
index ad07a0c7..95b03594 100644
--- a/i18n/he/os/qubes-overview.md
+++ b/i18n/he/os/qubes-overview.md
@@ -49,6 +49,22 @@ Qubes OS משתמשת ב-[דום0](https://wiki.xenproject.org/wiki/Dom0)Xen VM
[מסגרת qrexec](https://www.qubes-os.org/doc/qrexec/) היא חלק מרכזי ב-Qubes המאפשר תקשורת בין דומיינים. הוא בנוי על גבי ספריית Xen *vchan*, המאפשרת [בידוד באמצעות מדיניות](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## מקורות נוספים
למידע נוסף, אנו ממליצים לך לעיין בדפי התיעוד הנרחבים של Qubes OS הממוקמים ב[אתר האינטרנט של Qubes OS](https://www.qubes-os.org/doc/). ניתן להוריד עותקים לא מקוונים מ[מאגר התיעוד](https://github.com/QubesOS/qubes-doc) של Qubes OS.
diff --git a/i18n/he/search-engines.md b/i18n/he/search-engines.md
index 4b256e4d..4d1063b1 100644
--- a/i18n/he/search-engines.md
+++ b/i18n/he/search-engines.md
@@ -72,10 +72,10 @@ SearXNG הוא פרוקסי בינך לבין מנועי החיפוש שמהם
!!! recommendation
- { align=right }
- { align=right }
+ { align=right }
+ { align=right }
- **Startpage** is a private search engine known for serving [Google and Bing](https://support.startpage.com/hc/en-us/articles/4522435533844-What-is-the-relationship-between-Startpage-and-your-search-partners-like-Google-and-Microsoft-Bing-) search results. אחת התכונות הייחודיות של Startpage היא [תצוגה אנונימית](https://www.startpage.com/en/anonymous-view/), שמשקיעה מאמצים בסטנדרטיזציה של פעילות המשתמשים כדי להקשות על זיהוי ייחודי. התכונה יכולה להיות שימושית להסתרת [some](https://support.startpage.com/hc/en-us/articles/4455540212116-The-Anonymous-View-Proxy-technical-details) מאפייני הרשת והדפדפן. שלא כמו שהשם מרמז, אין להסתמך על התכונה לאנונימיות. אם אתה מחפש אנונימיות, השתמש במקום זאת ב [Tor Browser]( tor.md#tor - browser).
+ **Startpage** הוא מנוע חיפוש פרטי הידוע בשירות [Google ו-Bing](https://support.startpage.com/hc/en-us/articles/4522435533844-What-is-the-relationship-between-Startpage -and-your-search-partners-like-Google-and-Microsoft-Bing-) תוצאות החיפוש. אחת התכונות הייחודיות של Startpage היא [תצוגה אנונימית](https://www.startpage.com/en/anonymous-view/), שמשקיעה מאמצים בסטנדרטיזציה של פעילות המשתמשים כדי להקשות על זיהוי ייחודי. התכונה יכולה להיות שימושית להסתרת [some](https://support.startpage.com/hc/en-us/articles/4455540212116-The-Anonymous-View-Proxy-technical-details) מאפייני הרשת והדפדפן. שלא כמו שהשם מרמז, אין להסתמך על התכונה לאנונימיות. אם אתה מחפש אנונימיות, השתמש במקום זאת ב [Tor Browser]( tor.md#tor - browser).
[:octicons-home-16: דף הבית](https://www.startpage.com){ .md-button .md-button--primary }
[:octicons-eye-16:](https://www.startpage.com/en/privacy-policy){ .card-link title="מדיניות פרטיות" }
diff --git a/i18n/he/tools.md b/i18n/he/tools.md
index 67a967fc..90d5fea9 100644
--- a/i18n/he/tools.md
+++ b/i18n/he/tools.md
@@ -17,10 +17,10 @@ description: Privacy Guides הוא האתר השקוף והאמין ביותר
-- { .twemoji } [Tor Browser](tor.md#tor-browser)
-- { .twemoji } [Orbot (Smartphone Tor Proxy)](tor.md#orbot)
-- { .twemoji } [Onion Browser (Tor for iOS)](tor.md#onion-browser)
-- { .twemoji }{ .twemoji } [Snowflake](tor.md#snowflake) (1)
+- { .twemoji } [Tor Browser](tor.md#tor-browser)
+- { .twemoji } [Orbot (Smartphone Tor Proxy)](tor.md#orbot)
+- { .twemoji } [Onion Browser (Tor for iOS)](tor.md#onion-browser)
+- { .twemoji }{ .twemoji } [Snowflake](tor.md#snowflake) (1)
@@ -118,10 +118,10 @@ description: Privacy Guides הוא האתר השקוף והאמין ביותר
-- { .twemoji } [Proton Mail](email.md#proton-mail)
-- { .twemoji } [Mailbox.org](email.md#mailboxorg)
-- { .twemoji } [Skiff Mail](email.md#skiff-mail)
-- { .twemoji } [Tuta](email.md#tuta)
+- { .twemoji } [Proton Mail](email.md#proton-mail)
+- { .twemoji } [Mailbox.org](email.md#mailboxorg)
+- { .twemoji } [Skiff Mail](email.md#skiff-mail)
+- { .twemoji } [Tuta](email.md#tuta)
@@ -157,6 +157,7 @@ description: Privacy Guides הוא האתר השקוף והאמין ביותר
{ .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[למד עוד :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -212,8 +213,8 @@ description: Privacy Guides הוא האתר השקוף והאמין ביותר
-- { .twemoji } [Tuta](calendar.md#tuta)
-- { .twemoji } [Proton Calendar](calendar.md#proton-calendar)
+- { .twemoji } [Tuta](calendar.md#tuta)
+- { .twemoji } [Proton Calendar](calendar.md#proton-calendar)
@@ -432,7 +433,6 @@ description: Privacy Guides הוא האתר השקוף והאמין ביותר
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ description: Privacy Guides הוא האתר השקוף והאמין ביותר
[למד עוד :material-arrow-right-drop-circle:](router.md)
+
+## כלים מתקדמים
+
+כלים אלה עשויים לספק שימוש עבור אנשים מסוימים. הם מספקים פונקציונליות שרוב האנשים לא צריכים לדאוג לגביה, ולעתים קרובות דורשים ידע טכני מעמיק יותר כדי לנצל ביעילות.
+
+### אימות תקינות המכשיר
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[למד עוד :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/he/tor.md b/i18n/he/tor.md
index d2a8c5aa..64581986 100644
--- a/i18n/he/tor.md
+++ b/i18n/he/tor.md
@@ -39,7 +39,15 @@ Tor פועלת על ידי ניתוב תעבורת האינטרנט שלך דר
## התחברות ל - Tor
-ישנן מגוון דרכים שלך להתחבר לרשת Tor מהמכשיר, הנפוץ ביותר הוא דפדפן **Tor**, נגזרת של Firefox המיועד לגלישה אנונימית למחשבים שולחניים ואנדרואיד. בנוסף לאפליקציות המפורטות למטה, יש גם מערכות הפעלה שתוכננו במיוחד להתחבר לרשת Tor כגון [Whonix](desktop.md#whonix) ב-[Qubes OS](desktop.md#qubes-os), המספקות אבטחה והגנות גבוהות עוד יותר מאשר דפדפן Tor הרגיל.
+!!! tip "טיפ"
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+ישנן מגוון דרכים שלך להתחבר לרשת Tor מהמכשיר, הנפוץ ביותר הוא דפדפן **Tor**, נגזרת של Firefox המיועד לגלישה אנונימית למחשבים שולחניים ואנדרואיד.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### דפדפן Tor
@@ -69,6 +77,8 @@ Tor פועלת על ידי ניתוב תעבורת האינטרנט שלך דר
דפדפן Tor נועד למנוע טביעת אצבע, או לזהות אותך על סמך תצורת הדפדפן שלך. לכן, זה הכרחי כי אתה עושה **לא** לשנות את הדפדפן מעבר ברירת המחדל [רמות אבטחה](https://tb-manual.torproject.org/security-settings/).
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! recommendation
diff --git a/i18n/hi/advanced/tor-overview.md b/i18n/hi/advanced/tor-overview.md
index e0c5b08b..3a642929 100644
--- a/i18n/hi/advanced/tor-overview.md
+++ b/i18n/hi/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor is a free to use, decentralized network designed for using the
Tor is a free to use, decentralized network designed for using the internet with as much privacy as possible. If used properly, the network enables private and anonymous browsing and communications.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Path Building to Clearnet Services
"Clearnet services" are websites which you can access with any browser, like [privacyguides.org](https://www.privacyguides.org). Tor lets you connect to these websites anonymously by routing your traffic through a network comprised of thousands of volunteer-run servers called nodes (or relays).
@@ -76,13 +156,34 @@ Tor allows us to connect to a server without any single party knowing the entire
Though Tor does provide strong privacy guarantees, one must be aware that Tor is not perfect:
-- Well-funded adversaries with the capability to passively watch most network traffic over the globe have a chance of deanonymizing Tor users by means of advanced traffic analysis. Nor does Tor protect you from exposing yourself by mistake, such as if you share too much information about your real identity.
-- Tor exit nodes can also monitor traffic that passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be recorded and monitored. If such traffic contains personally identifiable information, then it can deanonymize you to that exit node. Thus, we recommend using HTTPS over Tor where possible.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Tor exit nodes can also monitor traffic that passes through them. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
If you wish to use Tor for browsing the web, we only recommend the **official** Tor Browser—it is designed to prevent fingerprinting.
- [Tor Browser :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Additional Resources
- [Tor Browser User Manual](https://tb-manual.torproject.org)
diff --git a/i18n/hi/android.md b/i18n/hi/android.md
index 010f15b7..38f4a98b 100644
--- a/i18n/hi/android.md
+++ b/i18n/hi/android.md
@@ -215,39 +215,6 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
-
- ??? downloads
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor performs attestation and intrusion detection by:
-
-- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
-- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
-- The *auditor* records the current state and configuration of the *auditee*.
-- Should tampering with the operating system of the *auditee* happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
-- You will be alerted to the change.
-
-No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
-
-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
-
### Secure Camera
!!! recommendation
@@ -347,7 +314,7 @@ Aurora Store does not allow you to download paid apps with their anonymous accou
### Manually with RSS Notifications
-For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](/news-aggregators) that will help you keep track of new releases.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/hi/basics/common-threats.md b/i18n/hi/basics/common-threats.md
index e278c0cb..9776a47b 100644
--- a/i18n/hi/basics/common-threats.md
+++ b/i18n/hi/basics/common-threats.md
@@ -39,7 +39,7 @@ To minimize the damage that a malicious piece of software *could* do, you should
Mobile operating systems generally have better application sandboxing than desktop operating systems: Apps can't obtain root access, and require permission for access to system resources.
- Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../../desktop/#qubes-os).
+ Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Targeted Attacks
diff --git a/i18n/hi/basics/vpn-overview.md b/i18n/hi/basics/vpn-overview.md
index d057a1ae..2f34dd6e 100644
--- a/i18n/hi/basics/vpn-overview.md
+++ b/i18n/hi/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Virtual Private Networks shift risk away from your ISP to a third-party you trust. You should keep these things in mind.
---
-Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world. An ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-A VPN can help as it can shift trust to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing into it.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## Should I use a VPN?
-**Yes**, unless you are already using Tor. A VPN does two things: shifting the risks from your Internet Service Provider to itself and hiding your IP from a third-party service.
-
-VPNs cannot encrypt data outside of the connection between your device and the VPN server. VPN providers can see and modify your traffic the same way your ISP could. And there is no way to verify a VPN provider's "no logging" policies in any way.
-
-However, they do hide your actual IP from a third-party service, provided that there are no IP leaks. They help you blend in with others and mitigate IP based tracking.
-
-## When shouldn't I use a VPN?
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
-
-## What about encryption?
-
-Encryption offered by VPN providers are between your devices and their servers. It guarantees that this specific link is secure. This is a step up from using unencrypted proxies where an adversary on the network can intercept the communications between your devices and said proxies and modify them. However, encryption between your apps or browsers with the service providers are not handled by this encryption.
-
-In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider. Consider enabling "HTTPS everywhere" in your browser to mitigate downgrade attacks like [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Should I use encrypted DNS with a VPN?
-
-Unless your VPN provider hosts the encrypted DNS servers, **no**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust and does **absolutely nothing** to improve your privacy/security. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. Instead of just trusting your VPN provider, you are now trusting both the VPN provider and the DNS provider.
-
-A common reason to recommend encrypted DNS is that it helps against DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
-
-Needless to say, **you shouldn't use encrypted DNS with Tor**. This would direct all of your DNS requests through a single circuit and would allow the encrypted DNS provider to deanonymize you.
-
-## Should I use Tor *and* a VPN?
-
-By using a VPN with Tor, you're creating essentially a permanent entry node, often with a money trail attached. This provides zero additional benefits to you, while increasing the attack surface of your connection dramatically. If you wish to hide your Tor usage from your ISP or your government, Tor has a built-in solution for that: Tor bridges. [Read more about Tor bridges and why using a VPN is not necessary](../advanced/tor-overview.md).
-
-## What if I need anonymity?
-
-VPNs cannot provide anonymity. Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data. Use [Tor](https://www.torproject.org/) instead.
-
-## What about VPN providers that provide Tor nodes?
-
-Do not use that feature. The point of using Tor is that you do not trust your VPN provider. Currently Tor only supports the [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
-
-The feature should be viewed as a convenient way to access the Tor Network, not to stay anonymous. For proper anonymity, use the Tor Browser, TorSocks, or a Tor gateway.
-
-## When are VPNs useful?
-
-A VPN may still be useful to you in a variety of scenarios, such as:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Hiding your traffic from **only** your Internet Service Provider.
1. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
-1. Hiding your IP from third-party websites and services, preventing IP based tracking.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-For situations like these, or if you have another compelling reason, the VPN providers we listed above are who we think are the most trustworthy. However, using a VPN provider still means you're *trusting* the provider. In pretty much any other scenario you should be using a secure**-by-design** tool such as Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Sources and Further Reading
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. And there is no way to verify a VPN provider's "no logging" policies in any way.
-1. [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
-1. [Tor Network Overview](../advanced/tor-overview.md)
-1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-1. ["Do I need a VPN?"](https://www.doineedavpn.com), a tool developed by IVPN to challenge aggressive VPN marketing by helping individuals decide if a VPN is right for them.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Should I use encrypted DNS with a VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
+
+## Should I use Tor *and* a VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Related VPN Information
@@ -76,3 +112,4 @@ For situations like these, or if you have another compelling reason, the VPN pro
- [Free VPN App Investigation](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Hidden VPN owners unveiled: 101 VPN products run by just 23 companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [This Chinese company is secretly behind 24 popular apps seeking dangerous permissions](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
diff --git a/i18n/hi/desktop.md b/i18n/hi/desktop.md
index c2b5515a..5f937ed1 100644
--- a/i18n/hi/desktop.md
+++ b/i18n/hi/desktop.md
@@ -120,11 +120,9 @@ Nix is a source-based package manager; if there’s no pre-built available in th
Whonix is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden.
-Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-
-Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix has various [disadvantages](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) when compared to other hypervisors.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/hi/device-integrity.md b/i18n/hi/device-integrity.md
new file mode 100644
index 00000000..76da114e
--- /dev/null
+++ b/i18n/hi/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/hi/os/qubes-overview.md b/i18n/hi/os/qubes-overview.md
index a255bd21..0a3a095a 100644
--- a/i18n/hi/os/qubes-overview.md
+++ b/i18n/hi/os/qubes-overview.md
@@ -49,6 +49,22 @@ To copy and paste files and directories (folders) from one *qube* to another, yo
The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Qubes which allows communication between domains. It is built on top of the Xen library *vchan*, which facilitates [isolation through policies](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Additional Resources
For additional information we encourage you to consult the extensive Qubes OS documentation pages located on the [Qubes OS Website](https://www.qubes-os.org/doc/). Offline copies can be downloaded from the Qubes OS [documentation repository](https://github.com/QubesOS/qubes-doc).
diff --git a/i18n/hi/tools.md b/i18n/hi/tools.md
index 3603abf6..cac9bc4c 100644
--- a/i18n/hi/tools.md
+++ b/i18n/hi/tools.md
@@ -157,6 +157,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[Learn more :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
[Learn more :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[Learn more :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/hi/tor.md b/i18n/hi/tor.md
index d4293334..49b297da 100644
--- a/i18n/hi/tor.md
+++ b/i18n/hi/tor.md
@@ -39,7 +39,15 @@ Tor works by routing your internet traffic through those volunteer-operated serv
## Connecting to Tor
-There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android. In addition to the apps listed below, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser.
+!!! tip
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor Browser
@@ -69,6 +77,8 @@ There are a variety of ways to connect to the Tor network from your device, the
The Tor Browser is designed to prevent fingerprinting, or identifying you based on your browser configuration. Therefore, it is imperative that you do **not** modify the browser beyond the default [security levels](https://tb-manual.torproject.org/security-settings/).
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! recommendation
diff --git a/i18n/hu/advanced/tor-overview.md b/i18n/hu/advanced/tor-overview.md
index f3e390b8..d4cbe618 100644
--- a/i18n/hu/advanced/tor-overview.md
+++ b/i18n/hu/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor is a free to use, decentralized network designed for using the
Tor is a free to use, decentralized network designed for using the internet with as much privacy as possible. If used properly, the network enables private and anonymous browsing and communications.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Path Building to Clearnet Services
"Clearnet services" are websites which you can access with any browser, like [privacyguides.org](https://www.privacyguides.org). Tor lets you connect to these websites anonymously by routing your traffic through a network comprised of thousands of volunteer-run servers called nodes (or relays).
@@ -76,13 +156,34 @@ Tor allows us to connect to a server without any single party knowing the entire
Though Tor does provide strong privacy guarantees, one must be aware that Tor is not perfect:
-- Well-funded adversaries with the capability to passively watch most network traffic over the globe have a chance of deanonymizing Tor users by means of advanced traffic analysis. Nor does Tor protect you from exposing yourself by mistake, such as if you share too much information about your real identity.
-- Tor exit nodes can also monitor traffic that passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be recorded and monitored. If such traffic contains personally identifiable information, then it can deanonymize you to that exit node. Thus, we recommend using HTTPS over Tor where possible.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Tor exit nodes can also monitor traffic that passes through them. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
If you wish to use Tor for browsing the web, we only recommend the **official** Tor Browser—it is designed to prevent fingerprinting.
- [Tor Browser :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Android
- [Tor Browser User Manual](https://tb-manual.torproject.org)
diff --git a/i18n/hu/android.md b/i18n/hu/android.md
index 4be7604d..68cb8b94 100644
--- a/i18n/hu/android.md
+++ b/i18n/hu/android.md
@@ -215,39 +215,6 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
-
- ??? downloads
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor performs attestation and intrusion detection by:
-
-- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
-- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
-- The *auditor* records the current state and configuration of the *auditee*.
-- Should tampering with the operating system of the *auditee* happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
-- You will be alerted to the change.
-
-No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
-
-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
-
### Secure Camera
!!! recommendation
@@ -347,7 +314,7 @@ Aurora Store does not allow you to download paid apps with their anonymous accou
### Manually with RSS Notifications
-For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](/news-aggregators) that will help you keep track of new releases.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/hu/basics/common-threats.md b/i18n/hu/basics/common-threats.md
index 6f9a3cac..24760982 100644
--- a/i18n/hu/basics/common-threats.md
+++ b/i18n/hu/basics/common-threats.md
@@ -39,7 +39,7 @@ To minimize the damage that a malicious piece of software *could* do, you should
Mobile operating systems generally have better application sandboxing than desktop operating systems: Apps can't obtain root access, and require permission for access to system resources.
- Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../../desktop/#qubes-os).
+ Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Targeted Attacks
diff --git a/i18n/hu/basics/vpn-overview.md b/i18n/hu/basics/vpn-overview.md
index d057a1ae..2f34dd6e 100644
--- a/i18n/hu/basics/vpn-overview.md
+++ b/i18n/hu/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Virtual Private Networks shift risk away from your ISP to a third-party you trust. You should keep these things in mind.
---
-Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world. An ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-A VPN can help as it can shift trust to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing into it.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## Should I use a VPN?
-**Yes**, unless you are already using Tor. A VPN does two things: shifting the risks from your Internet Service Provider to itself and hiding your IP from a third-party service.
-
-VPNs cannot encrypt data outside of the connection between your device and the VPN server. VPN providers can see and modify your traffic the same way your ISP could. And there is no way to verify a VPN provider's "no logging" policies in any way.
-
-However, they do hide your actual IP from a third-party service, provided that there are no IP leaks. They help you blend in with others and mitigate IP based tracking.
-
-## When shouldn't I use a VPN?
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
-
-## What about encryption?
-
-Encryption offered by VPN providers are between your devices and their servers. It guarantees that this specific link is secure. This is a step up from using unencrypted proxies where an adversary on the network can intercept the communications between your devices and said proxies and modify them. However, encryption between your apps or browsers with the service providers are not handled by this encryption.
-
-In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider. Consider enabling "HTTPS everywhere" in your browser to mitigate downgrade attacks like [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Should I use encrypted DNS with a VPN?
-
-Unless your VPN provider hosts the encrypted DNS servers, **no**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust and does **absolutely nothing** to improve your privacy/security. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. Instead of just trusting your VPN provider, you are now trusting both the VPN provider and the DNS provider.
-
-A common reason to recommend encrypted DNS is that it helps against DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
-
-Needless to say, **you shouldn't use encrypted DNS with Tor**. This would direct all of your DNS requests through a single circuit and would allow the encrypted DNS provider to deanonymize you.
-
-## Should I use Tor *and* a VPN?
-
-By using a VPN with Tor, you're creating essentially a permanent entry node, often with a money trail attached. This provides zero additional benefits to you, while increasing the attack surface of your connection dramatically. If you wish to hide your Tor usage from your ISP or your government, Tor has a built-in solution for that: Tor bridges. [Read more about Tor bridges and why using a VPN is not necessary](../advanced/tor-overview.md).
-
-## What if I need anonymity?
-
-VPNs cannot provide anonymity. Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data. Use [Tor](https://www.torproject.org/) instead.
-
-## What about VPN providers that provide Tor nodes?
-
-Do not use that feature. The point of using Tor is that you do not trust your VPN provider. Currently Tor only supports the [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
-
-The feature should be viewed as a convenient way to access the Tor Network, not to stay anonymous. For proper anonymity, use the Tor Browser, TorSocks, or a Tor gateway.
-
-## When are VPNs useful?
-
-A VPN may still be useful to you in a variety of scenarios, such as:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Hiding your traffic from **only** your Internet Service Provider.
1. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
-1. Hiding your IP from third-party websites and services, preventing IP based tracking.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-For situations like these, or if you have another compelling reason, the VPN providers we listed above are who we think are the most trustworthy. However, using a VPN provider still means you're *trusting* the provider. In pretty much any other scenario you should be using a secure**-by-design** tool such as Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Sources and Further Reading
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. And there is no way to verify a VPN provider's "no logging" policies in any way.
-1. [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
-1. [Tor Network Overview](../advanced/tor-overview.md)
-1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-1. ["Do I need a VPN?"](https://www.doineedavpn.com), a tool developed by IVPN to challenge aggressive VPN marketing by helping individuals decide if a VPN is right for them.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Should I use encrypted DNS with a VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
+
+## Should I use Tor *and* a VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Related VPN Information
@@ -76,3 +112,4 @@ For situations like these, or if you have another compelling reason, the VPN pro
- [Free VPN App Investigation](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Hidden VPN owners unveiled: 101 VPN products run by just 23 companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [This Chinese company is secretly behind 24 popular apps seeking dangerous permissions](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
diff --git a/i18n/hu/desktop.md b/i18n/hu/desktop.md
index 921444c5..a12decfa 100644
--- a/i18n/hu/desktop.md
+++ b/i18n/hu/desktop.md
@@ -120,11 +120,9 @@ Nix is a source-based package manager; if there’s no pre-built available in th
Whonix is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden.
-Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-
-Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix has various [disadvantages](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) when compared to other hypervisors.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/hu/device-integrity.md b/i18n/hu/device-integrity.md
new file mode 100644
index 00000000..76da114e
--- /dev/null
+++ b/i18n/hu/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/hu/os/qubes-overview.md b/i18n/hu/os/qubes-overview.md
index d3a321dc..04435eae 100644
--- a/i18n/hu/os/qubes-overview.md
+++ b/i18n/hu/os/qubes-overview.md
@@ -49,6 +49,22 @@ To copy and paste files and directories (folders) from one *qube* to another, yo
The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Qubes which allows communication between domains. It is built on top of the Xen library *vchan*, which facilitates [isolation through policies](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Android
For additional information we encourage you to consult the extensive Qubes OS documentation pages located on the [Qubes OS Website](https://www.qubes-os.org/doc/). Offline copies can be downloaded from the Qubes OS [documentation repository](https://github.com/QubesOS/qubes-doc).
diff --git a/i18n/hu/tools.md b/i18n/hu/tools.md
index a4e6ae1b..041b27c8 100644
--- a/i18n/hu/tools.md
+++ b/i18n/hu/tools.md
@@ -157,6 +157,7 @@ Számos követelmény alapján [ajánlunk](dns.md#recommended-providers) több t
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[További információ :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ Számos követelmény alapján [ajánlunk](dns.md#recommended-providers) több t
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ Számos követelmény alapján [ajánlunk](dns.md#recommended-providers) több t
[További információ :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[További információ :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/hu/tor.md b/i18n/hu/tor.md
index c3b730a6..9b4e5dee 100644
--- a/i18n/hu/tor.md
+++ b/i18n/hu/tor.md
@@ -39,7 +39,15 @@ A Tor úgy működik, hogy az internetes forgalmadat ezeken az önkéntesek ált
## Csatlakozás a Torhoz
-A Tor-hálózathoz többféleképpen is csatlakozni lehet a készülékedről, a leggyakrabban használt módszer a **Tor Böngésző**, a Firefox egy asztali számítógépekre és Androidra tervezett forkja, ami alkalmas anonim böngészésre. Az alább felsorolt alkalmazásokon kívül léteznek olyan operációs rendszerek is, amelyeket kifejezetten a Tor-hálózathoz való csatlakozásra terveztek, mint például a [Whonix](desktop.md#whonix) [Qubes OS](desktop.md#qubes-os)-en, melyek még nagyobb biztonságot és védelmet nyújtanak, mint a hagyományos Tor böngésző.
+!!! tip
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+A Tor-hálózathoz többféleképpen is csatlakozni lehet a készülékedről, a leggyakrabban használt módszer a **Tor Böngésző**, a Firefox egy asztali számítógépekre és Androidra tervezett forkja, ami alkalmas anonim böngészésre.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor Böngésző
@@ -69,6 +77,8 @@ A Tor-hálózathoz többféleképpen is csatlakozni lehet a készülékedről, a
A Tor böngészőt úgy tervezték, hogy megakadályozza az fingerprintelést, vagyis a beazonosításodat a böngésző konfigurációja alapján. Ezért elengedhetetlen, hogy **ne** módosítsd a böngészőt az alapértelmezett [biztonsági szinteken](https://tb-manual.torproject.org/security-settings/) túl.
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! recommendation
diff --git a/i18n/id/advanced/tor-overview.md b/i18n/id/advanced/tor-overview.md
index c3d4e8e6..451749be 100644
--- a/i18n/id/advanced/tor-overview.md
+++ b/i18n/id/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor adalah jaringan terdesentralisasi yang gratis untuk digunakan,
Tor adalah jaringan terdesentralisasi yang gratis untuk digunakan, dan dirancang untuk penggunaan internet seprivat mungkin. Jika digunakan dengan benar, jaringan ini memungkinkan penjelajahan dan komunikasi secara privat dan anonim.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Membangun Jalur ke Layanan Clearnet
"Layanan Clearnet" adalah situs web yang dapat Anda akses dengan peramban apa pun, seperti [privacyguides.org](https://www.privacyguides.org). Tor memungkinkan Anda terhubung ke situs-situs web ini secara anonim dengan mengarahkan lalu lintas Anda melalui jaringan yang terdiri dari ribuan server yang dijalankan secara sukarela yang disebut "simpul" (atau "relai").
@@ -76,13 +156,34 @@ Tor memungkinkan kita untuk terhubung ke sebuah server tanpa ada satu pihak pun
Meskipun Tor menyediakan jaminan privasi yang kuat, kita harus menyadari bahwa Tor tidaklah sempurna:
-- Musuh yang didanai dengan baik dengan kemampuan untuk secara pasif mengawasi sebagian besar lalu lintas jaringan di seluruh dunia memiliki peluang untuk mendeanonimisasi pengguna Tor dengan menggunakan analisis lalu lintas tingkat lanjut. Tor juga tidak melindungi Anda dari mengekspos diri Anda secara tidak sengaja, misalnya jika Anda membagikan terlalu banyak informasi tentang identitas asli Anda.
-- Simpul keluar Tor juga dapat memonitor lalu lintas yang melewatinya. Ini berarti lalu lintas yang tidak dienkripsi, seperti lalu lintas HTTP biasa, dapat direkam dan dipantau. Jika lalu lintas tersebut mengandung informasi yang dapat diidentifikasi secara pribadi, lalu lintas tersebut dapat mendeanonimisasi Anda ke simpul keluar tersebut. Oleh karena itu, kami merekomendasikan penggunaan HTTPS melalui Tor jika memungkinkan.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Simpul keluar Tor juga dapat memonitor lalu lintas yang melewatinya. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
Jika Anda ingin menggunakan Tor untuk menjelajah web, kami hanya merekomendasikan Tor Browser **resmi**—peramban ini dirancang untuk mencegah serangan sidik jari.
- [Tor Browser :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Sumber Daya Tambahan
- [Panduan Pengguna Tor Browser](https://tb-manual.torproject.org)
diff --git a/i18n/id/android.md b/i18n/id/android.md
index b0abf009..ff6a6961 100644
--- a/i18n/id/android.md
+++ b/i18n/id/android.md
@@ -215,39 +215,6 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
-
- ??? downloads
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor performs attestation and intrusion detection by:
-
-- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
-- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
-- The *auditor* records the current state and configuration of the *auditee*.
-- Should tampering with the operating system of the *auditee* happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
-- You will be alerted to the change.
-
-No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
-
-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
-
### Secure Camera
!!! recommendation
@@ -347,7 +314,7 @@ Aurora Store does not allow you to download paid apps with their anonymous accou
### Manually with RSS Notifications
-For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](/news-aggregators) that will help you keep track of new releases.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/id/basics/common-threats.md b/i18n/id/basics/common-threats.md
index da762a09..ea3ebfdc 100644
--- a/i18n/id/basics/common-threats.md
+++ b/i18n/id/basics/common-threats.md
@@ -39,7 +39,7 @@ Untuk meminimalkan kerusakan *yang dapat* dilakukan oleh perangkat lunak berbaha
Sistem operasi seluler umumnya memiliki kotak pasir aplikasi yang lebih baik daripada sistem operasi desktop: Aplikasi tidak dapat memperoleh akses akar, dan memerlukan izin untuk mengakses sumber daya sistem.
- Sistem operasi desktop umumnya tertinggal dalam hal kotak pasir yang tepat. ChromeOS memiliki kemampuan kotak pasir yang mirip dengan Android, dan macOS memiliki kontrol izin sistem penuh (dan pengembang dapat memilih untuk ikut serta dalam kotak pasir untuk aplikasi). Namun demikian, sistem operasi ini mengirimkan informasi identifikasi ke OEM masing-masing. Linux cenderung tidak menyerahkan informasi kepada vendor sistem, tetapi memiliki perlindungan yang buruk terhadap eksploitasi dan aplikasi jahat. Hal ini dapat dikurangi dengan distribusi khusus yang memanfaatkan mesin virtual atau kontainer secara signifikan, seperti [Qubes OS](../../desktop/#qubes-os).
+ Sistem operasi desktop umumnya tertinggal dalam hal kotak pasir yang tepat. ChromeOS memiliki kemampuan kotak pasir yang mirip dengan Android, dan macOS memiliki kontrol izin sistem penuh (dan pengembang dapat memilih untuk ikut serta dalam kotak pasir untuk aplikasi). Namun demikian, sistem operasi ini mengirimkan informasi identifikasi ke OEM masing-masing. Linux cenderung tidak menyerahkan informasi kepada vendor sistem, tetapi memiliki perlindungan yang buruk terhadap eksploitasi dan aplikasi jahat. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Serangan Bertarget
diff --git a/i18n/id/basics/vpn-overview.md b/i18n/id/basics/vpn-overview.md
index d158a79f..8792ded1 100644
--- a/i18n/id/basics/vpn-overview.md
+++ b/i18n/id/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Virtual Private Networks mengalihkan risiko dari ISP Anda ke pihak ketiga yang Anda percayai. Anda harus mengingat hal-hal ini.
---
-Virtual Private Networks adalah cara untuk memperluas ujung jaringan Anda untuk keluar ke tempat lain di dunia. ISP dapat melihat arus lalu lintas internet yang masuk dan keluar dari perangkat terminasi jaringan Anda (misalnya modem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Protokol enkripsi seperti HTTPS umumnya digunakan di internet, jadi mereka mungkin tidak dapat melihat dengan tepat apa yang Anda posting atau baca, tetapi mereka dapat mengetahui [domain yang Anda minta](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-VPN dapat membantu karena dapat mengalihkan kepercayaan ke server di tempat lain di dunia. Akibatnya, ISP kemudian hanya melihat bahwa Anda tersambung ke VPN dan tidak ada aktivitas apa pun yang Anda kirimkan ke VPN tersebut.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## Haruskah saya menggunakan VPN?
-**Ya**, kecuali Anda sudah menggunakan Tor. VPN melakukan dua hal: mengalihkan risiko dari Penyedia Layanan Internet Anda ke dirinya sendiri dan menyembunyikan IP Anda dari layanan pihak ketiga.
-
-VPN tidak dapat mengenkripsi data di luar koneksi antara perangkat Anda dan server VPN. Penyedia VPN dapat melihat dan memodifikasi lalu lintas Anda dengan cara yang sama seperti yang dilakukan ISP Anda. Dan tidak ada cara untuk memverifikasi kebijakan "tanpa pencatatan" dari penyedia VPN dengan cara apa pun.
-
-Namun, mereka menyembunyikan IP Anda yang sebenarnya dari layanan pihak ketiga, asalkan tidak ada kebocoran IP. Mereka membantu Anda berbaur dengan orang lain dan mengurangi pelacakan berbasis IP.
-
-## Kapan sebaiknya saya tidak menggunakan VPN?
-
-Menggunakan VPN jika Anda menggunakan [identitas yang diketahui](common-misconceptions.md#complicated-is-better) kemungkinan tidak akan berguna.
-
-Melakukan hal itu dapat memicu sistem deteksi spam dan penipuan, seperti jika Anda masuk ke situs web bank Anda.
-
-## Bagaimana dengan enkripsi?
-
-Enkripsi yang ditawarkan oleh penyedia VPN berada di antara perangkat Anda dan server mereka. Ini menjamin bahwa tautan khusus ini aman. Ini merupakan langkah maju dari penggunaan proxy yang tidak terenkripsi, di mana pihak yang tidak bertanggung jawab dalam jaringan dapat mencegat komunikasi antara perangkat Anda dan proxy tersebut dan memodifikasinya. Namun, enkripsi antara aplikasi atau browser Anda dengan penyedia layanan tidak ditangani oleh enkripsi ini.
-
-Untuk menjaga agar apa yang Anda lakukan di situs web yang Anda kunjungi tetap privat dan aman, Anda harus menggunakan HTTPS. Ini akan menjaga kata sandi, token sesi, dan kueri Anda aman dari penyedia VPN. Pertimbangkan untuk mengaktifkan "HTTPS di mana saja" di peramban Anda untuk mengurangi serangan downgrade seperti [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Haruskah saya menggunakan DNS terenkripsi dengan VPN?
-
-Kecuali penyedia VPN Anda melayani server DNS terenkripsi, **tidak**. Menggunakan DOH/DOT (atau bentuk lain dari DNS terenkripsi) dengan server pihak ketiga hanya akan menambah lebih banyak entitas untuk dipercaya dan sama sekali **tidak** meningkatkan privasi/keamanan Anda. Penyedia VPN Anda masih dapat melihat situs web mana yang Anda kunjungi berdasarkan alamat IP dan metode lainnya. Alih-alih hanya mempercayai penyedia VPN Anda, Anda sekarang mempercayai penyedia VPN dan penyedia DNS.
-
-Alasan umum untuk merekomendasikan DNS terenkripsi adalah karena ini membantu melawan pemalsuan DNS. Namun, peramban Anda seharusnya sudah memeriksa [sertifikat TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) dengan **HTTPS** dan memperingatkan Anda tentang hal itu. Jika Anda tidak menggunakan **HTTPS**, maka pihak lawan masih bisa memodifikasi apa pun selain kueri DNS Anda dan hasil akhirnya tidak akan jauh berbeda.
-
-Tidak perlu dikatakan lagi, **Anda tidak boleh menggunakan DNS terenkripsi dengan Tor**. Ini akan mengarahkan semua permintaan DNS Anda melalui satu sirkuit dan memungkinkan penyedia DNS terenkripsi untuk mendeanonimkan Anda.
-
-## Haruskah saya menggunakan Tor *dan* VPN?
-
-Dengan menggunakan VPN dengan Tor, Anda pada dasarnya menciptakan simpul masuk permanen, sering kali dengan jejak uang yang melekat. Ini tidak memberikan manfaat tambahan apa pun bagi Anda, sekaligus meningkatkan permukaan serangan koneksi Anda secara dramatis. Jika Anda ingin menyembunyikan penggunaan Tor Anda dari ISP atau pemerintah Anda, Tor memiliki solusi bawaan untuk itu: Jembatan Tor. [Baca lebih lanjut tentang jembatan Tor dan mengapa menggunakan VPN tidak diperlukan](../advanced/tor-overview.md).
-
-## Bagaimana jika saya membutuhkan anonimitas?
-
-VPN tidak dapat memberikan anonimitas. Penyedia VPN Anda masih akan melihat alamat IP asli Anda, dan sering memiliki jejak uang yang dapat dihubungkan langsung kembali kepada Anda. Anda tidak dapat mengandalkan kebijakan "tanpa pencatatan" untuk melindungi data Anda. Gunakan [Tor](https://www.torproject.org/) sebagai gantinya.
-
-## Bagaimana dengan penyedia VPN yang menyediakan node Tor?
-
-Jangan gunakan fitur tersebut. Inti dari penggunaan Tor adalah Anda tidak mempercayai penyedia VPN Anda. Saat ini Tor hanya mendukung protokol [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol). [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (digunakan di [WebRTC](https://en.wikipedia.org/wiki/WebRTC) untuk berbagi suara dan video, protokol [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), dll.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) dan paket-paket lainnya akan dibatalkan. Untuk mengimbangi hal ini, penyedia VPN biasanya akan merutekan semua paket non-TCP melalui server VPN mereka (loncatan pertama Anda). Ini adalah kasus pada [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Selain itu, ketika menggunakan pengaturan Tor melalui VPN ini, Anda tidak memiliki kendali atas fitur Tor penting lainnya seperti [Alamat Tujuan Terisolasi](https://www.whonix.org/wiki/Stream_Isolation) (menggunakan sirkuit Tor yang berbeda untuk setiap domain yang Anda kunjungi).
-
-Fitur ini harus dilihat sebagai cara yang nyaman untuk mengakses Jaringan Tor, bukan untuk tetap anonim. Untuk anonimitas yang tepat, gunakan Tor Browser, TorSocks, atau gateway Tor.
-
-## Kapan VPN berguna?
-
-VPN mungkin masih berguna bagi Anda dalam berbagai skenario, seperti:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Menyembunyikan lalu lintas Anda dari **hanya** Penyedia Layanan Internet Anda.
1. Menyembunyikan unduhan Anda (seperti torrent) dari ISP dan organisasi anti-pembajakan.
-1. Menyembunyikan IP Anda dari situs web dan layanan pihak ketiga, mencegah pelacakan berbasis IP.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-Untuk situasi seperti ini, atau jika Anda memiliki alasan kuat lainnya, penyedia VPN yang kami sebutkan di atas adalah yang menurut kami paling dapat dipercaya. Namun, menggunakan penyedia VPN masih berarti Anda *mempercayai* penyedia. Dalam hampir semua skenario lain, Anda sebaiknya menggunakan alat**-by-design** yang aman seperti Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Sumber dan Bacaan Lebih Lanjut
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. Dan tidak ada cara untuk memverifikasi kebijakan "tanpa pencatatan" dari penyedia VPN dengan cara apa pun.
-1. [VPN - Narasi yang Sangat Genting](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) oleh Dennis Schubert
-1. [Gambaran Umum Jaringan Tor](../advanced/tor-overview.md)
-1. [Panduan Privasi IVPN](https://www.ivpn.net/privacy-guides)
-1. ["Apakah saya memerlukan VPN?"](https://www.doineedavpn.com)sebuah alat yang dikembangkan oleh IVPN untuk menantang pemasaran VPN yang agresif dengan membantu individu memutuskan apakah VPN tepat untuk mereka.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Melakukan hal itu dapat memicu sistem deteksi spam dan penipuan, seperti jika Anda masuk ke situs web bank Anda.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. Untuk menjaga agar apa yang Anda lakukan di situs web yang Anda kunjungi tetap privat dan aman, Anda harus menggunakan HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Haruskah saya menggunakan DNS terenkripsi dengan VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Penyedia VPN Anda masih dapat melihat situs web mana yang Anda kunjungi berdasarkan alamat IP dan metode lainnya. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. Namun, peramban Anda seharusnya sudah memeriksa [sertifikat TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) dengan **HTTPS** dan memperingatkan Anda tentang hal itu. Jika Anda tidak menggunakan **HTTPS**, maka pihak lawan masih bisa memodifikasi apa pun selain kueri DNS Anda dan hasil akhirnya tidak akan jauh berbeda.
+
+## Haruskah saya menggunakan Tor *dan* VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. Untuk mengimbangi hal ini, penyedia VPN biasanya akan merutekan semua paket non-TCP melalui server VPN mereka (loncatan pertama Anda). Ini adalah kasus pada [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Selain itu, ketika menggunakan pengaturan Tor melalui VPN ini, Anda tidak memiliki kendali atas fitur Tor penting lainnya seperti [Alamat Tujuan Terisolasi](https://www.whonix.org/wiki/Stream_Isolation) (menggunakan sirkuit Tor yang berbeda untuk setiap domain yang Anda kunjungi).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Informasi VPN Terkait
@@ -76,3 +112,4 @@ Untuk situasi seperti ini, atau jika Anda memiliki alasan kuat lainnya, penyedia
- [Investigasi Aplikasi VPN Gratis](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Terungkap pemilik tersembunyi VPN: 101 produk VPN hanya dimiliki oleh 23 perusahaan saja](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [Perusahaan Tiongkok ini diam-diam berada di balik 24 aplikasi populer yang meminta izin berbahaya](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - Narasi yang Sangat Genting](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) oleh Dennis Schubert
diff --git a/i18n/id/desktop.md b/i18n/id/desktop.md
index c6cb6e7c..ed6c6dfd 100644
--- a/i18n/id/desktop.md
+++ b/i18n/id/desktop.md
@@ -120,11 +120,9 @@ Nix is a source-based package manager; if there’s no pre-built available in th
Whonix is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden.
-Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-
-Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix has various [disadvantages](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) when compared to other hypervisors.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/id/device-integrity.md b/i18n/id/device-integrity.md
new file mode 100644
index 00000000..2fc7b18b
--- /dev/null
+++ b/i18n/id/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! peringatan
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! peringatan
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! peringatan
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/id/os/qubes-overview.md b/i18n/id/os/qubes-overview.md
index d40e3568..08e086bf 100644
--- a/i18n/id/os/qubes-overview.md
+++ b/i18n/id/os/qubes-overview.md
@@ -49,6 +49,22 @@ Untuk menyalin dan menempelkan file dan direktori (folder) dari satu *qube* ke *
[Kerangka kerja qrexec](https://www.qubes-os.org/doc/qrexec/) adalah bagian inti dari Qubes yang memungkinkan komunikasi antar domain. Ini dibangun di atas pustaka Xen *vchan*, yang memfasilitasi [isolasi melalui kebijakan](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Sumber Daya Tambahan
Untuk informasi tambahan, kami menganjurkan Anda untuk membaca halaman dokumentasi Qubes OS yang luas yang terletak di [Situs Web Qubes OS](https://www.qubes-os.org/doc/). Salinan offline dapat diunduh dari [repositori dokumentasi](https://github.com/QubesOS/qubes-doc) Qubes OS.
diff --git a/i18n/id/tools.md b/i18n/id/tools.md
index eb84c4bb..9b300f7c 100644
--- a/i18n/id/tools.md
+++ b/i18n/id/tools.md
@@ -157,6 +157,7 @@ Kami [merekomendasikan](dns.md#recommended-providers) sejumlah server DNS terenk
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[Pelajari lebih lanjut :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ Kami [merekomendasikan](dns.md#recommended-providers) sejumlah server DNS terenk
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ Kami [merekomendasikan](dns.md#recommended-providers) sejumlah server DNS terenk
[Pelajari lebih lanjut :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[Pelajari lebih lanjut :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/id/tor.md b/i18n/id/tor.md
index acbb9c2b..7fff0fef 100644
--- a/i18n/id/tor.md
+++ b/i18n/id/tor.md
@@ -39,7 +39,15 @@ Tor bekerja dengan merutekan lalu lintas internet Anda melalui server yang diope
## Menghubungkan ke Tor
-Ada berbagai cara untuk terhubung ke jaringan Tor dari perangkat Anda, yang paling umum digunakan adalah **Tor Browser**, sebuah fork dari Firefox yang dirancang untuk penjelajahan anonim untuk komputer desktop dan Android. Selain aplikasi yang tercantum di bawah ini, ada juga sistem operasi yang dirancang khusus untuk terhubung ke jaringan Tor seperti [Whonix](desktop.md#whonix) di [Qubes OS](desktop.md#qubes-os), yang menyediakan keamanan dan perlindungan yang lebih besar daripada Tor Browser standar.
+!!! tip
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+Ada berbagai cara untuk terhubung ke jaringan Tor dari perangkat Anda, yang paling umum digunakan adalah **Tor Browser**, sebuah fork dari Firefox yang dirancang untuk penjelajahan anonim untuk komputer desktop dan Android.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor Browser
@@ -69,6 +77,8 @@ Ada berbagai cara untuk terhubung ke jaringan Tor dari perangkat Anda, yang pali
Tor Browser dirancang untuk mencegah sidik jari, atau mengidentifikasi Anda berdasarkan konfigurasi peramban Anda. Oleh karena itu, sangat penting bagi Anda untuk tidak **tidak** memodifikasi peramban di luar [tingkat keamanan](https://tb-manual.torproject.org/security-settings/) bawaan.
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! recommendation
diff --git a/i18n/it/advanced/tor-overview.md b/i18n/it/advanced/tor-overview.md
index fdacd5cb..ba4bde0e 100644
--- a/i18n/it/advanced/tor-overview.md
+++ b/i18n/it/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor è una rete decentralizzata e libera, progettata per utilizzare
Tor è una rete decentralizzata e libera, progettata per utilizzare Internet con quanta più privacy possibile. Se utilizzata adeguatamente, la rete consente navigazione e comunicazioni private e anonime.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Costruzione del percorso verso i servizi Clearnet
I "servizi Clearnet" sono siti web accessibili da qualsiasi browser, come [privacyguides.org](https://www.privacyguides.org). Tor ti consente di collegarti anonimamente a questi siti web indirizzando il tuo traffico attraverso una rete composta da migliaia di server gestiti da volontari, detti nodi (o relay).
@@ -76,13 +156,34 @@ Tor consente di connetterci a un server senza che alcuna signola parte conosca l
Sebbene Tor fornisca forti garanzie per la privacy, devi essere consapevole che Tor non è perfetto:
-- Gli avversari ben finanziati, capaci di osservare passivamente gran parte del traffico di rete nel globo, sono capaci di deanonimizzare gli utenti di Tor, tramite l'analisi avanzata del traffico. Tor non ti protegge nemmeno dal rischio di esporti per errore, ad esempio, se condividi troppe informazioni sulla tua vera identità.
-- I nodi d'uscita di Tor, inoltre, possono monitorare il traffico che li attraversa. Ciò significa che il traffico non crittografato, come quello in HTTP semplice, è registrabile e monitorabile. Se tale traffico contiene informazioni personali identificative, può deanonimizzarti a quel nodo d'uscita. Pertanto, consigliamo di utilizzare HTTPS su Tor, laddove possibile.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- I nodi d'uscita di Tor, inoltre, possono monitorare il traffico che li attraversa. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
Se desideri utilizzare Tor per navigare sul web, consigliamo soltanto il Tor Browser **ufficiale**, progettato per evitare il fingerprinting.
- [Tor Browser :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Risorse aggiuntive
- [Manuale Utente del Tor Browser](https://tb-manual.torproject.org)
diff --git a/i18n/it/android.md b/i18n/it/android.md
index 8b565ffb..6e1c15f4 100644
--- a/i18n/it/android.md
+++ b/i18n/it/android.md
@@ -215,39 +215,6 @@ Consigliamo un'ampia gamma di app di Android, tramite questo sito. Le app qui el
Utilizzando Shelter, ti affidi interamente al suo sviluppatore, poiché Shelter agisce da [Admin del Dispositivo](https://developer.android.com/guide/topics/admin/device-admin?hl=it) per creare il Profilo di Lavoro, e ha ampio accesso ai dati memorizzati nel Profilo di Lavoro.
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor * * è un'app che sfrutta le funzionalità di sicurezza hardware per fornire il monitoraggio dell'integrità del dispositivo, convalidando attivamente l'identità di un dispositivo e l'integrità del suo sistema operativo. Al momento, funziona soltanto con GrapheneOS o con il sistema operativo di fabbrica per i [dispositivi supportati](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Home](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Politica sulla Privacy" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentazione}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Codice Sorgente" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribuisci }
-
- ??? downloads
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor esegue l'attestazione e il rilevamento delle intrusioni:
-
-- Utilizzando un modello di [Fiducia Al Primo Utilizzo (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) tra un *revisore* e un *revisionato*, la coppia stabilisce una chiave privata nel [keystore del hardware](https://source.android.com/security/keystore/) del *Revisore*.
-- Il *revisore* può essere un'altra istanza dell'app Auditor o del [Servizio di Attestazione Remoto](https://attestation.app).
-- Il *revisore* registra lo stato corrente e la configurazione del *revisionato*.
-- In caso di manomissione del sistema operativo del *revisore* in seguito al completamento dell'associazione, il revisore sarà a conoscenza della modifica allo stato e le configurazioni del dispositivo.
-- Sarai avvisato della modifica.
-
-Nessun'informazione personalmente identificabile è inviata al servizio d'attestazione. Ti consigliamo di iscriverti con un profilo anonimo e di consentire l'attestazione da remoto per il monitoraggio continuo.
-
-Se il tuo [modello di minaccia](basics/threat-modeling.md) richiede la privacy, potresti considerare l'utilizzo di [Orbot](tor.md#orbot) o di una VPN per nascondere il tuo indirizzo IP dal servizio d'attestazione. Per assicurarti che il tuo hardware e sistema operativo siano autentici, [esegui l'attestazione locale](https://grapheneos.org/install/web#verifying-installation) immediatamente dopo l'installazione del dispositivo e prima di qualsiasi connessione a Internet.
-
### Fotocamera Sicura
!!! recommendation
@@ -329,7 +296,7 @@ L'app store di GrapheneOS è disponibile su [GitHub](https://github.com/Graphene
Il Google Play Store richiede un profilo Google per l'accesso, il che non è un bene per la privacy. Puoi aggirare tale problema utilizzando un client alternativo, come Aurora Store.
-!!! consiglio
+!!! recommendation
{ align=right }
@@ -347,7 +314,7 @@ Aurora Store non consente di scaricare app a pagamento con la propria funzione d
### Manualmente con le notifiche RSS
-Per le app rilasciate sulle piattaforme come GitHub e GitLab, potresti aggiungere un feed SS al tuo [aggregatore di notizie](/news-aggregators), che ti aiuterà a tenere traccia delle nuove versioni.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/it/basics/common-threats.md b/i18n/it/basics/common-threats.md
index 4e26e9c7..b2dc1c1a 100644
--- a/i18n/it/basics/common-threats.md
+++ b/i18n/it/basics/common-threats.md
@@ -39,7 +39,7 @@ Per minimizzare i danni che un software malevolo *potrebbe* causare, dovresti ut
I sistemi operativi per mobile, generalmente, presentano un migliore sandboxing delle applicazioni, rispetto ai sistemi operativi per desktop: le app possono ottenere l'accesso di root e richiedono l'autorizzazione per accedere alle risorse di sistema.
- Generalmente, i sistemi operativi per desktop sono in ritardo, per l'adeguato sandboxing. ChromeOS ha funzionalità di sandboxing simili ad Android e macOS ha il pieno controllo delle autorizzazioni di sistema (e gli sviluppatori possono optare per il sandboxing delle applicazioni). Tuttavia, questi sistemi operativi trasmettono le informazioni identificativi ai rispettivi OEM. Linux tende a non inviare le informazioni ai fornitori del sistema, ma presenta una scarsa protezione da exploit e applicazioni dannose. Ciò è mitigabile con distribuzioni specializzate, che fanno un utilizzo significativo delle macchine virtuali o contenitori, come [Qubes OS](../../desktop/#qubes-os).
+ Generalmente, i sistemi operativi per desktop sono in ritardo, per l'adeguato sandboxing. ChromeOS ha funzionalità di sandboxing simili ad Android e macOS ha il pieno controllo delle autorizzazioni di sistema (e gli sviluppatori possono optare per il sandboxing delle applicazioni). Tuttavia, questi sistemi operativi trasmettono le informazioni identificativi ai rispettivi OEM. Linux tende a non inviare le informazioni ai fornitori del sistema, ma presenta una scarsa protezione da exploit e applicazioni dannose. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Attacchi mirati
diff --git a/i18n/it/basics/vpn-overview.md b/i18n/it/basics/vpn-overview.md
index c7e439d8..d5a9a9d9 100644
--- a/i18n/it/basics/vpn-overview.md
+++ b/i18n/it/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Le reti virtuali private spostano il rischio dal vostro ISP a una terza parte di cui vi fidate. Dovresti tenere a mente questi aspetti.
---
-Le reti private virtuali sono un modo per estendere l'estremità della vostra rete all'uscita di un'altra parte del mondo. Un ISP può vedere il flusso del traffico Internet che entra ed esce dal dispositivo di terminazione della rete (ad esempio, il modem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-I protocolli di crittografia come l'HTTPS sono comunemente utilizzati su Internet, quindi potrebbero non essere in grado di vedere esattamente ciò che state postando o leggendo, ma possono farsi un'idea dei domini [che utilizzate](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-Una VPN può essere d'aiuto in quanto può spostare la fiducia su un server in un'altra parte del mondo. Di conseguenza, l'ISP vede solo che sei connesso a una VPN e non vede nulla dell'attività che stai trasmettendo.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note "Nota"
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## Dovrei utilizzare una VPN?
-**Sì**, a meno che tu non stia già utilizzando Tor. Una VPN svolge due funzioni: spostare i rischi dall'Internet Service Provider a se stesso e nascondere l'IP da un servizio di terze parti.
-
-Le VPN non possono criptare i dati al di fuori della connessione tra il dispositivo e il server VPN. I fornitori di VPN possono vedere e modificare il tuo traffico proprio come il tuo ISP. E non c'è modo di verificare in alcun modo le politiche di "no logging" di un provider VPN.
-
-Tuttavia, nascondono il tuo IP reale da un servizio di terze parti, a condizione che non ci siano fughe dell'IP. Aiutano a confonderti con gli altri e ad attenuare il tracciamento basato sull'IP.
-
-## Quando non dovrei usare una VPN?
-
-È inutile utilizzare una VPN nei casi in cui stai utilizzando la tua [identità conosciuta](common-misconceptions.md#complicated-is-better).
-
-In questo modo si possono attivare sistemi di spam e di rilevamento delle frodi, come nel caso in cui si acceda al sito web della propria banca.
-
-## E la crittografia?
-
-La crittografia offerta dai fornitori di VPN avviene tra i propri dispositivi e i loro server. Garantisce che questo specifico collegamento è sicuro. Si tratta di un passo avanti rispetto all'uso di proxy non criptati, dove un avversario sulla rete può intercettare le comunicazioni tra i tuoi dispositivi e tali proxy e modificarle. Tuttavia, la crittografia tra le tue app o browser con i fornitori di servizi non è gestita da questa crittografia.
-
-Per garantire la riservatezza e la sicurezza di ciò che fai sui siti web che visiti, devi utilizzare il protocollo HTTPS. In questo modo le tue password, i token di sessione e le query saranno al sicuro dal fornitore VPN. Considera di abilitare "HTTPS ovunque" nel browser per mitigare gli attacchi di downgrade come [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Dovrei utilizzare un DNS criptato con una VPN?
-
-A meno che il provider VPN non ospiti i server DNS criptati, **no**. L'utilizzo di DOH/DOT (o di qualsiasi altra forma di DNS crittografato) con server di terze parti aggiungerà semplicemente altre entità di cui fidarsi e non farà **assolutamente nulla** per migliorare la privacy o la sicurezza. Il tuo fornitore VPN può comunque vedere quali siti web visiti in base agli indirizzi IP e ad altri metodi. Invece di fidarti solo del provider VPN, ora ti fidi sia del provider VPN che del provider DNS.
-
-Un motivo comune per raccomandare il DNS crittografato è che aiuta a contrastare lo spoofing DNS. Tuttavia, il browser dovrebbe già verificare la presenza di [certificati TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) con **HTTPS** e avvisare l'utente. Se non stai utilizzando **HTTPS**, un avversario può comunque modificare qualsiasi cosa oltre alle query DNS e il risultato finale sarà poco diverso.
-
-Inutile dire che **non si dovrebbero usare DNS criptati con Tor**. Questo indirizzerebbe tutte le vostre richieste DNS attraverso un unico circuito e permetterebbe al provider DNS criptato di deanonimizzarvi.
-
-## Dovrei usare Tor *e* una VPN?
-
-Utilizzando una VPN con Tor, si crea essenzialmente un nodo di ingresso permanente, spesso con una traccia di denaro. Questo non fornisce alcun vantaggio aggiuntivo all'utente, mentre aumenta drasticamente la superficie di attacco della connessione. Se desideri nascondere l'utilizzo di Tor all'ISP o al governo, Tor ha una soluzione integrata per questo: i Tor bridges. [Per saperne di più sui Tor bridges e sul perché non è necessario utilizzare una VPN](../advanced/tor-overview.md).
-
-## E se ho bisogno di anonimato?
-
-Le VPN non possono garantire l'anonimato. Il tuo provider VPN vedrà comunque il tuo vero indirizzo IP e spesso ha una traccia di denaro che può essere collegata direttamente a te. Non si può fare affidamento sulle politiche di "no logging" per proteggere i dati. In tal caso utilizza [Tor](https://www.torproject.org/).
-
-## E i fornitori di VPN che forniscono nodi Tor?
-
-Non usare questa funzione. Il punto di forza dell'utilizzo di Tor è che non ti devi fidare del provider VPN. Attualmente Tor supporta solo il protocollo [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol). [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (utilizzato in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) per la condivisione di voce e video, il nuovo protocollo [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), ecc.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) e altri pacchetti saranno eliminati. Per compensare questa situazione, i fornitori di VPN di solito instradano tutti i pacchetti non-TCP attraverso il loro server VPN (il primo hop). Questo è il caso di [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Inoltre, quando si utilizza questa configurazione di Tor su VPN, non si ha il controllo su altre importanti funzionalità di Tor come [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (utilizzo di un circuito Tor diverso per ogni dominio visitato).
-
-La funzione deve essere vista come un modo comodo per accedere alla rete Tor, non per rimanere anonimi. Per un corretto anonimato, utilizza Tor Browser, TorSocks o un gateway Tor.
-
-## Quando sono utili le VPN?
-
-Una VPN può comunque essere utile in diversi scenari, ad esempio:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Nascondere il proprio traffico **solo** al proprio Internet Service Provider.
1. Nascondere i propri download (come i torrent) al proprio ISP e alle organizzazioni antipirateria.
-1. Nascondere il proprio IP da siti e servizi di terze parti, impedendone il tracciamento.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-Per situazioni come queste, o se hai un altro motivo valido, i provider VPN che abbiamo elencato sopra sono quelli che riteniamo più affidabili. Tuttavia, utilizzare un provider VPN significa comunque *fidarsi* del provider. In quasi tutti gli altri scenari si dovrebbe utilizzare uno strumento progettato con la **sicurezza come obiettivo** come Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Fonti e approfondimenti
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. E non c'è modo di verificare in alcun modo le politiche di "no logging" di un provider VPN.
-1. [VPN - a Very Precarious Narrative (VPN - una narrazione molto precaria)](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) di Dennis Schubert
-1. [Panoramica della rete Tor](../advanced/tor-overview.md)
-1. [Guide alla privacy di IVPN](https://www.ivpn.net/privacy-guides)
-1. ["Do I need a VPN?" ("Ho bisogno di una VPN?")](https://www.doineedavpn.com), uno strumento sviluppato da IVPN per sfidare il marketing aggressivo delle VPN, aiutando le persone a decidere se una VPN è adatta a loro.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. In questo modo si possono attivare sistemi di spam e di rilevamento delle frodi, come nel caso in cui si acceda al sito web della propria banca.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. Per garantire la riservatezza e la sicurezza di ciò che fai sui siti web che visiti, devi utilizzare il protocollo HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Dovrei utilizzare un DNS criptato con una VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Il tuo fornitore VPN può comunque vedere quali siti web visiti in base agli indirizzi IP e ad altri metodi. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. Tuttavia, il browser dovrebbe già verificare la presenza di [certificati TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) con **HTTPS** e avvisare l'utente. Se non stai utilizzando **HTTPS**, un avversario può comunque modificare qualsiasi cosa oltre alle query DNS e il risultato finale sarà poco diverso.
+
+## Dovrei usare Tor *e* una VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. Per compensare questa situazione, i fornitori di VPN di solito instradano tutti i pacchetti non-TCP attraverso il loro server VPN (il primo hop). Questo è il caso di [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Inoltre, quando si utilizza questa configurazione di Tor su VPN, non si ha il controllo su altre importanti funzionalità di Tor come [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (utilizzo di un circuito Tor diverso per ogni dominio visitato).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Informazioni correlate alle VPN
@@ -76,3 +112,4 @@ Per situazioni come queste, o se hai un altro motivo valido, i provider VPN che
- [Free VPN App Investigation (Indagine sulle app di VPN gratuite)](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Hidden VPN owners unveiled: 101 VPN products run by just 23 companies (Svelati i proprietari segreti delle VPN: 101 prodotti per VPN gestiti da sole 23 aziende)](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [This Chinese company is secretly behind 24 popular apps seeking dangerous permissions (Questa azienda cinese è segretamente dietro 24 app popolari che cercano autorizzazioni pericolose)](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - a Very Precarious Narrative (VPN - una narrazione molto precaria)](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) di Dennis Schubert
diff --git a/i18n/it/desktop.md b/i18n/it/desktop.md
index b138f1fd..d950a43b 100644
--- a/i18n/it/desktop.md
+++ b/i18n/it/desktop.md
@@ -120,11 +120,9 @@ Nix è un gestore di pacchetti basato sul codice sorgente; se non ne esiste alcu
Whonix è pensato per operare come due macchine virtuali: una "Workstation" e un "Gateway" di Tor. Tutte le comunicazioni dalla Workstation devono passare per il gateway di Tor. Ciò significa che, anche se la Workstation fosse compromessa da un malware di qualche tipo, il vero indirizzo IP rimarrebbe nascosto.
-Alcune delle sue funzionalità includono l'Isolamento del Flusso di Tor, l'[anonimato di battitura](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), lo [swap crittografato](https://github.com/Whonix/swap-file-creator) e un allocatore di memoria rafforzato.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Le versioni future di Whonix potrebbero includere [politiche di sistema complete di AppArmor](https://github.com/Whonix/apparmor-profile-everything) e un [launcher di app sandbox](https://www.whonix.org/wiki/Sandbox-app-launcher), per confinare completamente tutti i processi sul sistema.
-
-Whonix è meglio utilizzato [insieme a Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix presenta svariati [svantaggi](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) rispetto ad altri hypervisor.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/it/device-integrity.md b/i18n/it/device-integrity.md
new file mode 100644
index 00000000..dd7ba5c3
--- /dev/null
+++ b/i18n/it/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger "Attenzione"
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning "Attenzione"
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning "Attenzione"
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning "Attenzione"
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/it/os/qubes-overview.md b/i18n/it/os/qubes-overview.md
index 1d971278..0b40f792 100644
--- a/i18n/it/os/qubes-overview.md
+++ b/i18n/it/os/qubes-overview.md
@@ -49,6 +49,22 @@ Per copiare e incollare file e cartelle da una *qube* a un'altra, puoi usare l'o
Il [framework qrexec](https://www.qubes-os.org/doc/qrexec/) è una parte fondamentale di Qubes che consente la comunicazione tra i domini. Si basa sulla libreria di Xen *vchan*, che facilita l'[isolamento tramite politiche](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Risorse aggiuntive
Per ulteriori informazioni si consiglia di consultare le ampie pagine di documentazione di Qubes OS presenti sul [sito web di Qubes OS](https://www.qubes-os.org/doc/). Le copie offline sono scaricabili dal [repository della documentazione](https://github.com/QubesOS/qubes-doc) di Qubes OS.
diff --git a/i18n/it/tools.md b/i18n/it/tools.md
index 9b2f9c2f..f896f027 100644
--- a/i18n/it/tools.md
+++ b/i18n/it/tools.md
@@ -157,6 +157,7 @@ Per ulteriori dettagli su ogni progetto, perché è stato scelto e ulteriori con
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[Scopri di più :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -429,12 +430,11 @@ Per ulteriori dettagli su ogni progetto, perché è stato scelto e ulteriori con
-- { .twemoji } [Obtainium (Gestore di app)](android.md#obtainium)
-- { .twemoji } [Aurora Store (Client di Google Play)](android.md#aurora-store)
-- { .twemoji } [Shelter (Profili di lavoro)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Dispositivi Supportati)](android.md#auditor)
-- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
-- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
+- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
+- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
+- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
+- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
+- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ Per ulteriori dettagli su ogni progetto, perché è stato scelto e ulteriori con
[Scopri di più :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[Scopri di più :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/it/tor.md b/i18n/it/tor.md
index 7e1bf177..2ef4e299 100644
--- a/i18n/it/tor.md
+++ b/i18n/it/tor.md
@@ -39,7 +39,15 @@ Tor funziona instradando il traffico tramite questi server gestiti da volontari,
## Connessione a Tor
-Esistono svariati modi per connettersi alla rete di Tor dal tuo dispositivo, il più comunemente utilizzato dei quali è **Tor Browser**, una biforcazione di Firefox progettata per la navigazione anonima per i computer desktop e per Android. Oltre alle seguenti app, esistono inoltre dei sistemi operativi progettati specificamente per connettersi alla rete di Tor, come [Whonix](desktop.md#whonix) su [Qubes OS](desktop.md#qubes-os), che forniscono sicurezza e protezioni persino maggiori del Tor Browser standard.
+!!! tip "Suggerimento"
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+Esistono svariati modi per connettersi alla rete di Tor dal tuo dispositivo, il più comunemente utilizzato dei quali è **Tor Browser**, una biforcazione di Firefox progettata per la navigazione anonima per i computer desktop e per Android.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor Browser
@@ -69,6 +77,8 @@ Esistono svariati modi per connettersi alla rete di Tor dal tuo dispositivo, il
Tor Browser è progettato per impedire il fingerprinting, o la tua identificazione secondo la configurazione del tuo browser. Dunque, è indispensabile che tu **non** modifichi il browser oltre ai [livelli di sicurezza](https://tb-manual.torproject.org/security-settings/) predefiniti.
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! recommendation
diff --git a/i18n/ja/advanced/tor-overview.md b/i18n/ja/advanced/tor-overview.md
index b89aaf85..a3df5dbe 100644
--- a/i18n/ja/advanced/tor-overview.md
+++ b/i18n/ja/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Torは、可能な限りプライバシーを守ってインター
Torは、可能な限りプライバシーを守ってインターネットを利用するために設計された、自由に利用できる分散型ネットワークです。 適切に使用すれば、プライベートで匿名のブラウジングや通信を行うことができます。
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## クリアネット・サービスへの通路の構築
「クリアネット・サービス」とは、 [privacyguides.org](https://www.privacyguides.org)のように、どのブラウザーでもアクセスできるウェブサイトのことです。 Torは、ノード(またはリレー)と呼ばれる、ボランティアが運営する何千ものサーバーで構成されるネットワークを経由してトラフィックをルーティングすることにより、匿名でこれらのウェブサイトに接続することができます。
@@ -76,13 +156,34 @@ Torを使えば、誰にも全経路を知られることなくサーバーに
Torはプライバシーを強力に保証していますが、Torが完璧ではないことに注意する必要があります。
-- Well-funded adversaries with the capability to passively watch most network traffic over the globe have a chance of deanonymizing Tor users by means of advanced traffic analysis. Nor does Tor protect you from exposing yourself by mistake, such as if you share too much information about your real identity.
-- Tor exit nodes can also monitor traffic that passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be recorded and monitored. If such traffic contains personally identifiable information, then it can deanonymize you to that exit node. Thus, we recommend using HTTPS over Tor where possible.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Tor exit nodes can also monitor traffic that passes through them. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
If you wish to use Tor for browsing the web, we only recommend the **official** Tor Browser—it is designed to prevent fingerprinting.
- [Torブラウザー :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## その他の資料
- [Torブラウザーのユーザーマニュアル](https://tb-manual.torproject.org)
diff --git a/i18n/ja/android.md b/i18n/ja/android.md
index 5b8a0f05..7627c21d 100644
--- a/i18n/ja/android.md
+++ b/i18n/ja/android.md
@@ -215,39 +215,6 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
-
- ??? downloads
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor performs attestation and intrusion detection by:
-
-- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
-- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
-- The *auditor* records the current state and configuration of the *auditee*.
-- Should tampering with the operating system of the *auditee* happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
-- You will be alerted to the change.
-
-No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
-
-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
-
### Secure Camera
!!! recommendation
@@ -347,7 +314,7 @@ Aurora Store does not allow you to download paid apps with their anonymous accou
### Manually with RSS Notifications
-For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](/news-aggregators) that will help you keep track of new releases.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/ja/basics/common-threats.md b/i18n/ja/basics/common-threats.md
index 3c294424..55d7fe4b 100644
--- a/i18n/ja/basics/common-threats.md
+++ b/i18n/ja/basics/common-threats.md
@@ -39,7 +39,7 @@ To minimize the damage that a malicious piece of software *could* do, you should
Mobile operating systems generally have better application sandboxing than desktop operating systems: Apps can't obtain root access, and require permission for access to system resources.
- Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../../desktop/#qubes-os).
+ Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Targeted Attacks
diff --git a/i18n/ja/basics/vpn-overview.md b/i18n/ja/basics/vpn-overview.md
index a049ad23..32806ae6 100644
--- a/i18n/ja/basics/vpn-overview.md
+++ b/i18n/ja/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Virtual Private Networks shift risk away from your ISP to a third-party you trust. You should keep these things in mind.
---
-Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world. An ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-A VPN can help as it can shift trust to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing into it.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! メモ
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## VPNを使うべきですか?
-**Yes**, unless you are already using Tor. A VPN does two things: shifting the risks from your Internet Service Provider to itself and hiding your IP from a third-party service.
-
-VPNs cannot encrypt data outside of the connection between your device and the VPN server. VPN providers can see and modify your traffic the same way your ISP could. And there is no way to verify a VPN provider's "no logging" policies in any way.
-
-However, they do hide your actual IP from a third-party service, provided that there are no IP leaks. They help you blend in with others and mitigate IP based tracking.
-
-## VPNを使うべきでない場合
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
-
-## 暗号化については?
-
-Encryption offered by VPN providers are between your devices and their servers. It guarantees that this specific link is secure. This is a step up from using unencrypted proxies where an adversary on the network can intercept the communications between your devices and said proxies and modify them. However, encryption between your apps or browsers with the service providers are not handled by this encryption.
-
-In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider. Consider enabling "HTTPS everywhere" in your browser to mitigate downgrade attacks like [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Should I use encrypted DNS with a VPN?
-
-Unless your VPN provider hosts the encrypted DNS servers, **no**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust and does **absolutely nothing** to improve your privacy/security. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. Instead of just trusting your VPN provider, you are now trusting both the VPN provider and the DNS provider.
-
-暗号化されたDNSを推奨する一般的な理由は、DNSスプーフィングに役立つためです。 However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
-
-Needless to say, **you shouldn't use encrypted DNS with Tor**. This would direct all of your DNS requests through a single circuit and would allow the encrypted DNS provider to deanonymize you.
-
-## Should I use Tor *and* a VPN?
-
-By using a VPN with Tor, you're creating essentially a permanent entry node, often with a money trail attached. This provides zero additional benefits to you, while increasing the attack surface of your connection dramatically. If you wish to hide your Tor usage from your ISP or your government, Tor has a built-in solution for that: Tor bridges. [Read more about Tor bridges and why using a VPN is not necessary](../advanced/tor-overview.md).
-
-## 匿名性が必要な場合は?
-
-VPNを使用しても匿名性は手に入りません。 Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data. Use [Tor](https://www.torproject.org/) instead.
-
-## What about VPN providers that provide Tor nodes?
-
-Do not use that feature. The point of using Tor is that you do not trust your VPN provider. Currently Tor only supports the [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
-
-The feature should be viewed as a convenient way to access the Tor Network, not to stay anonymous. For proper anonymity, use the Tor Browser, TorSocks, or a Tor gateway.
-
-## VPNはいつ役に立ちますか?
-
-A VPN may still be useful to you in a variety of scenarios, such as:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Hiding your traffic from **only** your Internet Service Provider.
1. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
-1. Hiding your IP from third-party websites and services, preventing IP based tracking.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-For situations like these, or if you have another compelling reason, the VPN providers we listed above are who we think are the most trustworthy. However, using a VPN provider still means you're *trusting* the provider. In pretty much any other scenario you should be using a secure**-by-design** tool such as Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Sources and Further Reading
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. And there is no way to verify a VPN provider's "no logging" policies in any way.
-1. [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
-1. [Torネットワークの概要](../advanced/tor-overview.md)
-1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-1. ["Do I need a VPN?"](https://www.doineedavpn.com), a tool developed by IVPN to challenge aggressive VPN marketing by helping individuals decide if a VPN is right for them.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Should I use encrypted DNS with a VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
+
+## Should I use Tor *and* a VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Related VPN Information
@@ -76,3 +112,4 @@ For situations like these, or if you have another compelling reason, the VPN pro
- [Free VPN App Investigation](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Hidden VPN owners unveiled: 101 VPN products run by just 23 companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [This Chinese company is secretly behind 24 popular apps seeking dangerous permissions](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
diff --git a/i18n/ja/desktop.md b/i18n/ja/desktop.md
index 1f950f99..b483f5ea 100644
--- a/i18n/ja/desktop.md
+++ b/i18n/ja/desktop.md
@@ -120,11 +120,9 @@ Nix is a source-based package manager; if there’s no pre-built available in th
Whonix is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden.
-Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-
-Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix has various [disadvantages](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) when compared to other hypervisors.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/ja/device-integrity.md b/i18n/ja/device-integrity.md
new file mode 100644
index 00000000..38e964f3
--- /dev/null
+++ b/i18n/ja/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! 警告
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! 警告
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! 警告
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! 警告
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/ja/os/qubes-overview.md b/i18n/ja/os/qubes-overview.md
index ca669dc7..4f8b973c 100644
--- a/i18n/ja/os/qubes-overview.md
+++ b/i18n/ja/os/qubes-overview.md
@@ -49,6 +49,22 @@ To copy and paste files and directories (folders) from one *qube* to another, yo
The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Qubes which allows communication between domains. It is built on top of the Xen library *vchan*, which facilitates [isolation through policies](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## その他の資料
For additional information we encourage you to consult the extensive Qubes OS documentation pages located on the [Qubes OS Website](https://www.qubes-os.org/doc/). Offline copies can be downloaded from the Qubes OS [documentation repository](https://github.com/QubesOS/qubes-doc).
diff --git a/i18n/ja/tools.md b/i18n/ja/tools.md
index 945c7cf4..058758f0 100644
--- a/i18n/ja/tools.md
+++ b/i18n/ja/tools.md
@@ -157,6 +157,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[詳細 :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
[詳細 :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[詳細 :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/ja/tor.md b/i18n/ja/tor.md
index 451b3b3d..e41ecd17 100644
--- a/i18n/ja/tor.md
+++ b/i18n/ja/tor.md
@@ -39,7 +39,15 @@ Tor works by routing your internet traffic through those volunteer-operated serv
## Torへの接続
-デバイスからTorネットワークに接続する様々な方法がありますが、 デスクトップコンピューターやAndroid用の匿名ブラウジング用に設計された、Firefoxのフォークの**Tor Browser**が最も一般的に使用されています。 In addition to the apps listed below, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser.
+!!! ヒント
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+デバイスからTorネットワークに接続する様々な方法がありますが、 デスクトップコンピューターやAndroid用の匿名ブラウジング用に設計された、Firefoxのフォークの**Tor Browser**が最も一般的に使用されています。
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor Browser
@@ -69,6 +77,8 @@ Tor works by routing your internet traffic through those volunteer-operated serv
Tor Browserはフィンガープリントを防止するよう設計されており、不用意にブラウザの設定を変更するとあなたは特定されやすくなってしまいます。 したがって、デフォルトの[セキュリティーレベル](https://tb-manual.torproject.org/security-settings/)を調整する以外の変更は、**決して**行うべきではありません。
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! recommendation
diff --git a/i18n/ko/advanced/tor-overview.md b/i18n/ko/advanced/tor-overview.md
index bfd967d0..0ddc0efd 100644
--- a/i18n/ko/advanced/tor-overview.md
+++ b/i18n/ko/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor는 무료로 이용 가능한 탈중앙화 네트워크입니
Tor는 무료로 이용 가능한 탈중앙화 네트워크입니다. 최대한 프라이버시를 보호하면서 인터넷을 이용할 수 있도록 설계되었습니다. Tor 네트워크를 올바르게 사용하면 비공개 및 익명 웹 탐색과 커뮤니케이션이 가능합니다.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Clearnet 서비스 경로 구축 방식
클리어넷(Clearnet) 서비스란, 모든 브라우저로 접근 가능한 웹사이트(예시: [privacyguides.org](https://www.privacyguides.org))를 말합니다. 클리어넷 서비스의 동의어로 '표면 웹(Surface Web)'이 쓰이기도 합니다. Tor는 '노드'(혹은 '릴레이')라고 하는 자원 봉사 운영 서버 수천 개로 구성된 네트워크를 통해 트래픽을 라우팅하여, 웹사이트를 익명으로 연결할 수 있도록 합니다.
@@ -76,13 +156,34 @@ Tor를 이용하면 단일 주체에게 전체 경로를 노출하지 않고도
Tor는 강력한 프라이버시를 보장하지만, 완벽하지는 않습니다:
-- 전 세계 대부분의 네트워크 트래픽을 수동적으로 감시하는 능력과 자금을 갖춘 공격자는 고급 트래픽 분석을 통해 Tor 사용자의 익명성을 무효화할 수 있습니다. 또한, Tor는 사용자가 자신의 실수로 신원 정보를 노출하는 것으로부터 보호하지는 못합니다.
-- Tor 출구 노드가 직접 트래픽을 모니터링하고 있을 수도 있습니다. 즉, 일반 HTTP 트래픽 등 암호화되지 않은 트래픽은 기록, 모니터링될 수 있습니다. 암호화되지 않은 트래픽에 개인 식별 정보가 포함된 경우 해당 출구 노드로 사용자의 익명성을 무효화할 수 있습니다. 따라서, Tor에서 HTTPS를 사용할 것을 권장합니다.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Tor 출구 노드가 직접 트래픽을 모니터링하고 있을 수도 있습니다. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
웹 탐색 용도로 Tor를 이용하고자 하실 경우, 핑거프린팅을 방지하도록 설계된 **공식** Tor 브라우저만 사용하실 것을 권장드립니다.
- [Tor 브라우저 :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## 추가 자료
- [Tor 브라우저 사용자 설명서](https://tb-manual.torproject.org)
diff --git a/i18n/ko/android.md b/i18n/ko/android.md
index 6c4787cc..6cf24ed3 100644
--- a/i18n/ko/android.md
+++ b/i18n/ko/android.md
@@ -215,39 +215,6 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
-
- [:octicons-home-16: 홈페이지](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="프라이버시 정책" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=문서}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="소스 코드" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=기부 }
-
- ??? downloads "다운로드"
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor performs attestation and intrusion detection by:
-
-- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
-- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
-- The *auditor* records the current state and configuration of the *auditee*.
-- Should tampering with the operating system of the *auditee* happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
-- You will be alerted to the change.
-
-No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
-
-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
-
### Secure Camera
!!! recommendation
@@ -347,7 +314,7 @@ Aurora Store에서는 익명 계정 기능을 사용해 유료 앱은 다운로
### Manually with RSS Notifications
-GitHub, GitLab 등의 플랫폼에서 릴리즈되는 앱은 [뉴스 애그리게이터](/news-aggregators)에 RSS 피드를 추가해 새로운 릴리즈를 확인할 수 있습니다.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/ko/basics/common-threats.md b/i18n/ko/basics/common-threats.md
index 13ec9d5b..ec1a0d8b 100644
--- a/i18n/ko/basics/common-threats.md
+++ b/i18n/ko/basics/common-threats.md
@@ -39,7 +39,7 @@ description: 위협 모델은 개개인마다 다르지만, 이 사이트의 방
일반적으로 모바일 운영 체제는 데스크톱 운영 체제보다 애플리케이션 샌드박스 기능이 뛰어납니다. 모바일 운영체제에서는 앱이 루트 권한을 얻을 수 없고, 시스템 리소스에 접근하려면 권한이 필요합니다.
- 데스크톱 운영 체제는 보통 적절한 샌드박스 기능 면에서 뒤처집니다. ChromeOS는 Android와 유사한 샌드박스 기능을 제공하며, macOS는 전체 시스템 권한 제어 기능을 제공합니다(개발자는 애플리케이션의 샌드박스를 적용 여부를 선택할 수 있습니다). 하지만 이러한 운영 체제는 식별 정보를 각 OEM에 전송합니다. Linux는 대체로 시스템 공급 업체에 정보를 보내지 않지만, 취약점 및 악성 앱으로부터의 보호 기능은 미흡합니다. 이 문제는 [Qubes OS](../../desktop/#qubes-os) 등, 가상 머신/컨테이너를 적극적으로 사용하도록 특화된 배포판에서는 완화될 수 있습니다.
+ 데스크톱 운영 체제는 보통 적절한 샌드박스 기능 면에서 뒤처집니다. ChromeOS는 Android와 유사한 샌드박스 기능을 제공하며, macOS는 전체 시스템 권한 제어 기능을 제공합니다(개발자는 애플리케이션의 샌드박스를 적용 여부를 선택할 수 있습니다). 하지만 이러한 운영 체제는 식별 정보를 각 OEM에 전송합니다. Linux는 대체로 시스템 공급 업체에 정보를 보내지 않지만, 취약점 및 악성 앱으로부터의 보호 기능은 미흡합니다. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: 표적 공격(Targeted Attacks)
diff --git a/i18n/ko/basics/vpn-overview.md b/i18n/ko/basics/vpn-overview.md
index 0083fcbe..91642e43 100644
--- a/i18n/ko/basics/vpn-overview.md
+++ b/i18n/ko/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Virtual Private Networks shift risk away from your ISP to a third-party you trust. You should keep these things in mind.
---
-Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world. An ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-A VPN can help as it can shift trust to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing into it.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## VPN을 사용해야 하나요?
-**Yes**, unless you are already using Tor. A VPN does two things: shifting the risks from your Internet Service Provider to itself and hiding your IP from a third-party service.
-
-VPNs cannot encrypt data outside of the connection between your device and the VPN server. VPN providers can see and modify your traffic the same way your ISP could. And there is no way to verify a VPN provider's "no logging" policies in any way.
-
-However, they do hide your actual IP from a third-party service, provided that there are no IP leaks. They help you blend in with others and mitigate IP based tracking.
-
-## VPN을 사용하지 말아야 할 때는 언제인가요?
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
-
-## What about encryption?
-
-Encryption offered by VPN providers are between your devices and their servers. It guarantees that this specific link is secure. This is a step up from using unencrypted proxies where an adversary on the network can intercept the communications between your devices and said proxies and modify them. However, encryption between your apps or browsers with the service providers are not handled by this encryption.
-
-In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider. Consider enabling "HTTPS everywhere" in your browser to mitigate downgrade attacks like [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Should I use encrypted DNS with a VPN?
-
-Unless your VPN provider hosts the encrypted DNS servers, **no**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust and does **absolutely nothing** to improve your privacy/security. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. Instead of just trusting your VPN provider, you are now trusting both the VPN provider and the DNS provider.
-
-A common reason to recommend encrypted DNS is that it helps against DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
-
-Needless to say, **you shouldn't use encrypted DNS with Tor**. This would direct all of your DNS requests through a single circuit and would allow the encrypted DNS provider to deanonymize you.
-
-## Tor를 사용할 때에도 VPN을 사용해야 하나요?
-
-By using a VPN with Tor, you're creating essentially a permanent entry node, often with a money trail attached. This provides zero additional benefits to you, while increasing the attack surface of your connection dramatically. If you wish to hide your Tor usage from your ISP or your government, Tor has a built-in solution for that: Tor bridges. [Read more about Tor bridges and why using a VPN is not necessary](../advanced/tor-overview.md).
-
-## 익명성이 필요하다면 어떻게 해야 하나요?
-
-VPNs cannot provide anonymity. Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data. VPN 대신 [Tor](https://www.torproject.org/)를 사용하세요.
-
-## What about VPN providers that provide Tor nodes?
-
-Do not use that feature. The point of using Tor is that you do not trust your VPN provider. Currently Tor only supports the [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
-
-The feature should be viewed as a convenient way to access the Tor Network, not to stay anonymous. For proper anonymity, use the Tor Browser, TorSocks, or a Tor gateway.
-
-## VPN은 어떤 상황에 유용한가요?
-
-A VPN may still be useful to you in a variety of scenarios, such as:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Hiding your traffic from **only** your Internet Service Provider.
1. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
-1. Hiding your IP from third-party websites and services, preventing IP based tracking.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-For situations like these, or if you have another compelling reason, the VPN providers we listed above are who we think are the most trustworthy. However, using a VPN provider still means you're *trusting* the provider. In pretty much any other scenario you should be using a secure**-by-design** tool such as Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Sources and Further Reading
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. And there is no way to verify a VPN provider's "no logging" policies in any way.
-1. (영문) Dennis Schubert - [VPN - 매우 위험한 홍보 문구(Very Precarious Narrative)](https://schub.io/blog/2019/04/08/very-precarious-narrative.html)
-1. [Tor 네트워크 개요](../advanced/tor-overview.md)
-1. [(영문) IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-1. (영문) ["Do I need a VPN?"](https://www.doineedavpn.com)은 IVPN에서 타 VPN 서비스들의 공격적인 마케팅을 저지하기 위해 제작한 사이트로, '자신은 VPN을 사용해야 하는가'를 판단하기 어려운 사람들에게 유용한 사이트입니다.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Should I use encrypted DNS with a VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
+
+## Tor를 사용할 때에도 VPN을 사용해야 하나요?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## VPN 관련 추가 정보
@@ -76,3 +112,4 @@ For situations like these, or if you have another compelling reason, the VPN pro
- [(영문) 무료 VPN 앱 조사 내용](https://www.top10vpn.com/free-vpn-app-investigation/)
- [(영문) 드러나지 않았던 VPN 운영의 실체: 단 23개의 회사가 101개 VPN 제품을 운영하고 있습니다](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [(영문) 인기 앱 24개에 파고들어 위험한 권한을 요구하고 있는 어떤 중국 회사](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- (영문) Dennis Schubert - [VPN - 매우 위험한 홍보 문구(Very Precarious Narrative)](https://schub.io/blog/2019/04/08/very-precarious-narrative.html)
diff --git a/i18n/ko/desktop.md b/i18n/ko/desktop.md
index fef6e2c8..a26b33ad 100644
--- a/i18n/ko/desktop.md
+++ b/i18n/ko/desktop.md
@@ -120,11 +120,9 @@ Nix is a source-based package manager; if there’s no pre-built available in th
Whonix는 'Workstation'과 Tor 'Gateway'라는 두 개의 가상 머신으로 구성되어 실행됩니다. Workstation 에서 발생하는 모든 통신은 반드시 Tor Gateway를 통과합니다. 즉, Workstation이 만약 멀웨어에 의해 손상된다 할지라도, 실제 IP 주소는 노출되지 않습니다.
-Whonix는 다양한 기능을 제공합니다. 예시로는 Tor 스트림 격리, [키 입력 익명화](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [암호화 Swap](https://github.com/Whonix/swap-file-creator), 메모리 할당 보안 강화 등이 있습니다.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Whonix 향후 버전에서는 [전체 시스템 AppArmor 정책](https://github.com/Whonix/apparmor-profile-everything), [샌드박스 앱 런처](https://www.whonix.org/wiki/Sandbox-app-launcher) 등 시스템 내 모든 프로세스의 완전한 격리가 추가될 예정입니다.
-
-Whonix는 [Qubes와 결합해 사용하는 것이 가장 뛰어납니다](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). 하지만, Qubes-Whonix는 다른 하이퍼바이저와 비교했을 때 [여러 단점](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) 또한 가지고 있습니다.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/ko/device-integrity.md b/i18n/ko/device-integrity.md
new file mode 100644
index 00000000..7dc2b0ee
--- /dev/null
+++ b/i18n/ko/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger "위험"
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning "경고"
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning "경고"
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning "경고"
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/ko/os/qubes-overview.md b/i18n/ko/os/qubes-overview.md
index a255bd21..0a3a095a 100644
--- a/i18n/ko/os/qubes-overview.md
+++ b/i18n/ko/os/qubes-overview.md
@@ -49,6 +49,22 @@ To copy and paste files and directories (folders) from one *qube* to another, yo
The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Qubes which allows communication between domains. It is built on top of the Xen library *vchan*, which facilitates [isolation through policies](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Additional Resources
For additional information we encourage you to consult the extensive Qubes OS documentation pages located on the [Qubes OS Website](https://www.qubes-os.org/doc/). Offline copies can be downloaded from the Qubes OS [documentation repository](https://github.com/QubesOS/qubes-doc).
diff --git a/i18n/ko/tools.md b/i18n/ko/tools.md
index 20957da9..5dfbd640 100644
--- a/i18n/ko/tools.md
+++ b/i18n/ko/tools.md
@@ -157,6 +157,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[자세히 알아보기 :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
[자세히 알아보기 :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[자세히 알아보기 :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/ko/tor.md b/i18n/ko/tor.md
index 7d30ea48..71ef34a6 100644
--- a/i18n/ko/tor.md
+++ b/i18n/ko/tor.md
@@ -39,7 +39,15 @@ Tor는 방문하려는 사이트에 직접 연결하는 방식이 아닌, 자원
## Tor 연결하기
-기기에서 Tor 네트워크에 연결하는 방법은 다양합니다. 가장 일반적으로 사용하는 방법은 데스크톱 PC와 Android 용으로 만들어진 **Tor 브라우저**(익명 브라우징을 위해 설계된 Firefox 포크)입니다. 여기에 나열된 앱 외에도, 표준 Tor 브라우저보다 훨씬 더 강력한 보안 및 보호 기능을 제공하는 [Whonix](desktop.md#whonix) + [Qubes OS](desktop.md#qubes-os) 처럼 Tor 네트워크에 연결하도록 특별히 설계된 운영 체제도 존재합니다.
+!!! tip "도움말"
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+기기에서 Tor 네트워크에 연결하는 방법은 다양합니다. 가장 일반적으로 사용하는 방법은 데스크톱 PC와 Android 용으로 만들어진 **Tor 브라우저**(익명 브라우징을 위해 설계된 Firefox 포크)입니다.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor 브라우저
@@ -69,6 +77,8 @@ Tor는 방문하려는 사이트에 직접 연결하는 방식이 아닌, 자원
Tor 브라우저는 핑거프린팅 및 브라우저 설정 기반 사용자 식별을 방지하도록 설계되었습니다. 따라서, 브라우저를 기본 [보안 수준](https://tb-manual.torproject.org/security-settings/)을 벗어나는 수정을 해서는 **안 됩니다**.
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! recommendation
diff --git a/i18n/ku-IQ/advanced/tor-overview.md b/i18n/ku-IQ/advanced/tor-overview.md
index e0c5b08b..3a642929 100644
--- a/i18n/ku-IQ/advanced/tor-overview.md
+++ b/i18n/ku-IQ/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor is a free to use, decentralized network designed for using the
Tor is a free to use, decentralized network designed for using the internet with as much privacy as possible. If used properly, the network enables private and anonymous browsing and communications.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Path Building to Clearnet Services
"Clearnet services" are websites which you can access with any browser, like [privacyguides.org](https://www.privacyguides.org). Tor lets you connect to these websites anonymously by routing your traffic through a network comprised of thousands of volunteer-run servers called nodes (or relays).
@@ -76,13 +156,34 @@ Tor allows us to connect to a server without any single party knowing the entire
Though Tor does provide strong privacy guarantees, one must be aware that Tor is not perfect:
-- Well-funded adversaries with the capability to passively watch most network traffic over the globe have a chance of deanonymizing Tor users by means of advanced traffic analysis. Nor does Tor protect you from exposing yourself by mistake, such as if you share too much information about your real identity.
-- Tor exit nodes can also monitor traffic that passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be recorded and monitored. If such traffic contains personally identifiable information, then it can deanonymize you to that exit node. Thus, we recommend using HTTPS over Tor where possible.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Tor exit nodes can also monitor traffic that passes through them. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
If you wish to use Tor for browsing the web, we only recommend the **official** Tor Browser—it is designed to prevent fingerprinting.
- [Tor Browser :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Additional Resources
- [Tor Browser User Manual](https://tb-manual.torproject.org)
diff --git a/i18n/ku-IQ/android.md b/i18n/ku-IQ/android.md
index 3051cc98..ca7f88b4 100644
--- a/i18n/ku-IQ/android.md
+++ b/i18n/ku-IQ/android.md
@@ -215,39 +215,6 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
-
- ??? downloads
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor performs attestation and intrusion detection by:
-
-- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
-- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
-- The *auditor* records the current state and configuration of the *auditee*.
-- Should tampering with the operating system of the *auditee* happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
-- You will be alerted to the change.
-
-No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
-
-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
-
### Secure Camera
!!! recommendation
@@ -347,7 +314,7 @@ Aurora Store does not allow you to download paid apps with their anonymous accou
### Manually with RSS Notifications
-For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](/news-aggregators) that will help you keep track of new releases.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/ku-IQ/basics/common-threats.md b/i18n/ku-IQ/basics/common-threats.md
index e278c0cb..9776a47b 100644
--- a/i18n/ku-IQ/basics/common-threats.md
+++ b/i18n/ku-IQ/basics/common-threats.md
@@ -39,7 +39,7 @@ To minimize the damage that a malicious piece of software *could* do, you should
Mobile operating systems generally have better application sandboxing than desktop operating systems: Apps can't obtain root access, and require permission for access to system resources.
- Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../../desktop/#qubes-os).
+ Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Targeted Attacks
diff --git a/i18n/ku-IQ/basics/vpn-overview.md b/i18n/ku-IQ/basics/vpn-overview.md
index d057a1ae..2f34dd6e 100644
--- a/i18n/ku-IQ/basics/vpn-overview.md
+++ b/i18n/ku-IQ/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Virtual Private Networks shift risk away from your ISP to a third-party you trust. You should keep these things in mind.
---
-Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world. An ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-A VPN can help as it can shift trust to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing into it.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## Should I use a VPN?
-**Yes**, unless you are already using Tor. A VPN does two things: shifting the risks from your Internet Service Provider to itself and hiding your IP from a third-party service.
-
-VPNs cannot encrypt data outside of the connection between your device and the VPN server. VPN providers can see and modify your traffic the same way your ISP could. And there is no way to verify a VPN provider's "no logging" policies in any way.
-
-However, they do hide your actual IP from a third-party service, provided that there are no IP leaks. They help you blend in with others and mitigate IP based tracking.
-
-## When shouldn't I use a VPN?
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
-
-## What about encryption?
-
-Encryption offered by VPN providers are between your devices and their servers. It guarantees that this specific link is secure. This is a step up from using unencrypted proxies where an adversary on the network can intercept the communications between your devices and said proxies and modify them. However, encryption between your apps or browsers with the service providers are not handled by this encryption.
-
-In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider. Consider enabling "HTTPS everywhere" in your browser to mitigate downgrade attacks like [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Should I use encrypted DNS with a VPN?
-
-Unless your VPN provider hosts the encrypted DNS servers, **no**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust and does **absolutely nothing** to improve your privacy/security. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. Instead of just trusting your VPN provider, you are now trusting both the VPN provider and the DNS provider.
-
-A common reason to recommend encrypted DNS is that it helps against DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
-
-Needless to say, **you shouldn't use encrypted DNS with Tor**. This would direct all of your DNS requests through a single circuit and would allow the encrypted DNS provider to deanonymize you.
-
-## Should I use Tor *and* a VPN?
-
-By using a VPN with Tor, you're creating essentially a permanent entry node, often with a money trail attached. This provides zero additional benefits to you, while increasing the attack surface of your connection dramatically. If you wish to hide your Tor usage from your ISP or your government, Tor has a built-in solution for that: Tor bridges. [Read more about Tor bridges and why using a VPN is not necessary](../advanced/tor-overview.md).
-
-## What if I need anonymity?
-
-VPNs cannot provide anonymity. Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data. Use [Tor](https://www.torproject.org/) instead.
-
-## What about VPN providers that provide Tor nodes?
-
-Do not use that feature. The point of using Tor is that you do not trust your VPN provider. Currently Tor only supports the [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
-
-The feature should be viewed as a convenient way to access the Tor Network, not to stay anonymous. For proper anonymity, use the Tor Browser, TorSocks, or a Tor gateway.
-
-## When are VPNs useful?
-
-A VPN may still be useful to you in a variety of scenarios, such as:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Hiding your traffic from **only** your Internet Service Provider.
1. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
-1. Hiding your IP from third-party websites and services, preventing IP based tracking.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-For situations like these, or if you have another compelling reason, the VPN providers we listed above are who we think are the most trustworthy. However, using a VPN provider still means you're *trusting* the provider. In pretty much any other scenario you should be using a secure**-by-design** tool such as Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Sources and Further Reading
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. And there is no way to verify a VPN provider's "no logging" policies in any way.
-1. [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
-1. [Tor Network Overview](../advanced/tor-overview.md)
-1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-1. ["Do I need a VPN?"](https://www.doineedavpn.com), a tool developed by IVPN to challenge aggressive VPN marketing by helping individuals decide if a VPN is right for them.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Should I use encrypted DNS with a VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
+
+## Should I use Tor *and* a VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Related VPN Information
@@ -76,3 +112,4 @@ For situations like these, or if you have another compelling reason, the VPN pro
- [Free VPN App Investigation](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Hidden VPN owners unveiled: 101 VPN products run by just 23 companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [This Chinese company is secretly behind 24 popular apps seeking dangerous permissions](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
diff --git a/i18n/ku-IQ/desktop.md b/i18n/ku-IQ/desktop.md
index c2b5515a..5f937ed1 100644
--- a/i18n/ku-IQ/desktop.md
+++ b/i18n/ku-IQ/desktop.md
@@ -120,11 +120,9 @@ Nix is a source-based package manager; if there’s no pre-built available in th
Whonix is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden.
-Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-
-Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix has various [disadvantages](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) when compared to other hypervisors.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/ku-IQ/device-integrity.md b/i18n/ku-IQ/device-integrity.md
new file mode 100644
index 00000000..76da114e
--- /dev/null
+++ b/i18n/ku-IQ/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/ku-IQ/os/qubes-overview.md b/i18n/ku-IQ/os/qubes-overview.md
index a255bd21..0a3a095a 100644
--- a/i18n/ku-IQ/os/qubes-overview.md
+++ b/i18n/ku-IQ/os/qubes-overview.md
@@ -49,6 +49,22 @@ To copy and paste files and directories (folders) from one *qube* to another, yo
The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Qubes which allows communication between domains. It is built on top of the Xen library *vchan*, which facilitates [isolation through policies](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Additional Resources
For additional information we encourage you to consult the extensive Qubes OS documentation pages located on the [Qubes OS Website](https://www.qubes-os.org/doc/). Offline copies can be downloaded from the Qubes OS [documentation repository](https://github.com/QubesOS/qubes-doc).
diff --git a/i18n/ku-IQ/tools.md b/i18n/ku-IQ/tools.md
index 3603abf6..cac9bc4c 100644
--- a/i18n/ku-IQ/tools.md
+++ b/i18n/ku-IQ/tools.md
@@ -157,6 +157,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[Learn more :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
[Learn more :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[Learn more :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/ku-IQ/tor.md b/i18n/ku-IQ/tor.md
index d4293334..49b297da 100644
--- a/i18n/ku-IQ/tor.md
+++ b/i18n/ku-IQ/tor.md
@@ -39,7 +39,15 @@ Tor works by routing your internet traffic through those volunteer-operated serv
## Connecting to Tor
-There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android. In addition to the apps listed below, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser.
+!!! tip
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor Browser
@@ -69,6 +77,8 @@ There are a variety of ways to connect to the Tor network from your device, the
The Tor Browser is designed to prevent fingerprinting, or identifying you based on your browser configuration. Therefore, it is imperative that you do **not** modify the browser beyond the default [security levels](https://tb-manual.torproject.org/security-settings/).
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! recommendation
diff --git a/i18n/nl/advanced/tor-overview.md b/i18n/nl/advanced/tor-overview.md
index 4a31576e..5d63a87a 100644
--- a/i18n/nl/advanced/tor-overview.md
+++ b/i18n/nl/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor is een gratis te gebruiken, gedecentraliseerd netwerk dat is on
Tor is een gratis te gebruiken, gedecentraliseerd netwerk dat is ontworpen om het internet met zoveel mogelijk privacy te gebruiken. Bij correct gebruik maakt het netwerk privé en anoniem browsen en communicatie mogelijk.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Opbouw van het pad naar Clearnet diensten
"Clearnet diensten" zijn websites die je met elke browser kunt bezoeken, zoals [privacyguides.org](https://www.privacyguides.org). Met Tor kun je anoniem verbinding maken met deze websites door je verkeer door een netwerk te leiden dat bestaat uit duizenden vrijwillig gerunde servers die nodes (of relays) worden genoemd.
@@ -76,13 +156,34 @@ Met Tor kunnen we verbinding maken met een server zonder dat een enkele partij h
Hoewel Tor sterke privacygaranties biedt, moet men beseffen dat Tor niet perfect is:
-- Goed gefinancierde tegenstanders met de mogelijkheid om passief het meeste netwerkverkeer over de hele wereld te bekijken, hebben een kans om Tor-gebruikers te deanonimiseren door middel van geavanceerde verkeersanalyse. Tor beschermt je ook niet tegen het per ongeluk blootstellen van jezelf, bijvoorbeeld als je te veel informatie over je echte identiteit deelt.
-- Tor exit nodes kunnen ook het verkeer controleren dat via hen verloopt. Dit betekent dat verkeer dat niet versleuteld is, zoals gewoon HTTP-verkeer, kan worden geregistreerd en gecontroleerd. Als dergelijk verkeer persoonlijk identificeerbare informatie bevat, kan het u deanonimiseren tot dat exit-knooppunt. Daarom raden wij aan waar mogelijk HTTPS over Tor te gebruiken.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Tor exit nodes kunnen ook het verkeer controleren dat via hen verloopt. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
Als je Tor wilt gebruiken om op het web te surfen, raden we alleen de **officiële** Tor Browser aan - deze is ontworpen om vingerafdrukken te voorkomen.
- [Tor Browser :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Extra bronnen
- [Tor Browser Gebruikershandleiding](https://tb-manual.torproject.org)
diff --git a/i18n/nl/android.md b/i18n/nl/android.md
index 37bc9157..59291229 100644
--- a/i18n/nl/android.md
+++ b/i18n/nl/android.md
@@ -215,39 +215,6 @@ Wij bevelen op deze site een groot aantal Android-apps aan. De hier vermelde app
Wanneer je Shelter gebruikt, stelt je jouw volledige vertrouwen in de ontwikkelaar, aangezien Shelter optreedt als [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) voor het werkprofiel en uitgebreide toegang heeft tot de gegevens die erin zijn opgeslagen.
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor** is een app die hardwarebeveiligingsfuncties gebruikt om de integriteit van het apparaat te bewaken voor [ondersteunde apparaten. Momenteel werkt het alleen met GrapheneOS of het standaard besturingssysteem voor [ondersteunde apparaten](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacybeleid" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentatie}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Broncode" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Bijdragen }
-
- ??? downloads "Downloaden"
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor voert attest en inbraakdetectie uit door:
-
-- Door gebruik te maken van een [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model tussen een *auditor* en *audittee*, stelt het paar een private sleutel op in de [hardwaregebaseerde sleutelbewaarplaats](https://source.android.com/security/keystore/) van de *auditor*.
-- De *auditor* kan een ander exemplaar van de Auditor app zijn of de [Remote Attestation Service](https://attestation.app).
-- De *auditor* registreert de huidige toestand en configuratie van de *auditee*.
-- Mocht er met het besturingssysteem van de *auditee worden geknoeid* nadat de koppeling is voltooid, dan zal de auditor op de hoogte zijn van de verandering in de toestand en de configuraties van het apparaat.
-- Je zult op de hoogte worden gebracht van de wijziging.
-
-Er wordt geen persoonlijk identificeerbare informatie aan de attestatiedienst verstrekt. Wij raden je aan je aan te melden met een anonieme account en attestatie op afstand in te schakelen voor voortdurende controle.
-
-Als jouw [bedreigingsmodel](basics/threat-modeling.md) privacy vereist, kunt je overwegen [Orbot](tor.md#orbot) of een VPN te gebruiken om jouw IP-adres voor de attestatiedienst te verbergen. Om er zeker van te zijn dat jouw hardware en besturingssysteem echt zijn, voert [onmiddellijk na de installatie van het apparaat en vóór elke internetverbinding een lokale attestatie uit:](https://grapheneos.org/install/web#verifying-installation).
-
### Secure Camera
!!! recommendation
@@ -347,7 +314,7 @@ Met de Aurora Store kun je geen betaalde apps downloaden met hun anonieme accoun
### Handmatig met RSS-meldingen
-Voor apps die worden uitgebracht op platforms als GitHub en GitLab, kun je misschien een RSS-feed toevoegen aan je [nieuwsaggregator](/news-aggregators) waarmee je nieuwe releases kunt volgen.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/nl/basics/common-threats.md b/i18n/nl/basics/common-threats.md
index 06a90e65..d58b7124 100644
--- a/i18n/nl/basics/common-threats.md
+++ b/i18n/nl/basics/common-threats.md
@@ -39,7 +39,7 @@ Om de potentiële schade van kwaadaardige software tot een minimum te beperken,
Mobiele besturingssystemen zijn over het algemeen veiliger dan desktopbesturingssystemen als het gaat om sandboxing van toepassingen.
- Apps kunnen geen root-toegang krijgen en hebben alleen toegang tot systeembronnen die je hen verleent. Desktop besturingssystemen lopen over het algemeen achter op het gebied van goede sandboxing. Chrome OS heeft vergelijkbare sandboxing-eigenschappen als Android, en macOS heeft volledige controle over systeemtoestemmingen en opt-in (voor ontwikkelaars) sandboxing voor applicaties, maar deze besturingssystemen geven wel identificerende informatie door aan hun respectieve OEM's. Linux heeft de neiging geen informatie door te geven aan systeemverkopers, maar het heeft een slechte bescherming tegen exploits en kwaadaardige apps. Dit kan enigszins worden ondervangen met gespecialiseerde distributies die veel gebruik maken van virtuele machines of containers, zoals Qubes OS.
+ Apps kunnen geen root-toegang krijgen en hebben alleen toegang tot systeembronnen die je hen verleent. Desktop besturingssystemen lopen over het algemeen achter op het gebied van goede sandboxing. Chrome OS heeft vergelijkbare sandboxing-eigenschappen als Android, en macOS heeft volledige controle over systeemtoestemmingen en opt-in (voor ontwikkelaars) sandboxing voor applicaties, maar deze besturingssystemen geven wel identificerende informatie door aan hun respectieve OEM's. Linux heeft de neiging geen informatie door te geven aan systeemverkopers, maar het heeft een slechte bescherming tegen exploits en kwaadaardige apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Gerichte aanvallen
diff --git a/i18n/nl/basics/vpn-overview.md b/i18n/nl/basics/vpn-overview.md
index 4be018d6..98b2efba 100644
--- a/i18n/nl/basics/vpn-overview.md
+++ b/i18n/nl/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Virtual Private Networks verleggen het risico van jouw ISP naar een derde partij die je vertrouwt. Je moet deze dingen in gedachten houden.
---
-Virtual Private Networks zijn een manier om het einde van jouw netwerk uit te breiden tot een uitgang ergens anders in de wereld. Een ISP kan de stroom van internetverkeer zien dat jouw netwerkaansluitapparaat (d.w.z. modem) binnenkomt en verlaat.
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Encryptieprotocollen zoals HTTPS worden algemeen gebruikt op het internet, zodat zij misschien niet precies kunnen zien wat je post of leest, maar zij kunnen wel een idee krijgen van de [domeinen die je opvraagt](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-Een VPN kan helpen omdat het vertrouwen kan verschuiven naar een server ergens anders in de wereld. Het resultaat is dat de ISP dan alleen ziet dat je verbonden bent met een VPN en niets over de activiteit die je erin doorgeeft.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## Moet ik een VPN gebruiken?
-**Ja**, tenzij je Tor al gebruikt. Een VPN doet twee dingen: het verschuift de risico's van jouw Internet Service Provider naar zichzelf en het verbergt jouw IP voor een dienst van derden.
-
-VPN's kunnen geen gegevens versleutelen buiten de verbinding tussen jouw toestel en de VPN-server. VPN providers kunnen jouw verkeer zien en wijzigen op dezelfde manier als jouw ISP dat kan. En er is geen enkele manier om het "no logging" beleid van een VPN provider te verifiëren.
-
-Zij verbergen echter wel jouw werkelijke IP-adres voor een dienst van derden, op voorwaarde dat er geen IP-lekken zijn. Ze helpen je op te gaan in anderen en IP-gebaseerde opsporing te beperken.
-
-## Wanneer zou ik geen VPN moeten gebruiken?
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-Dit kan spam- en fraudedetectiesystemen alarmeren, zoals wanneer je zou inloggen op de website van uw bank.
-
-## Hoe zit het met encryptie?
-
-De encryptie die door VPN-aanbieders wordt aangeboden, bevindt zich tussen jouw apparaten en hun servers. Het garandeert dat deze specifieke link veilig is. Dit is een stap verder dan het gebruik van onversleutelde proxies, waarbij een tegenstander op het netwerk de communicatie tussen jouw apparaten en deze proxies kan onderscheppen en wijzigen. De versleuteling tussen jouw apps of browsers en de dienstverleners wordt echter niet door deze versleuteling afgehandeld.
-
-Om wat je doet op de websites die je bezoekt privé en veilig te houden, moet je HTTPS gebruiken. Dit houdt jouw wachtwoorden, sessietokens en zoekopdrachten veilig voor de VPN-provider. Overweeg om "HTTPS everywhere" in jouw browser in te schakelen om downgrade-aanvallen zoals [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf)tegen te gaan.
-
-## Moet ik versleutelde DNS gebruiken met een VPN?
-
-Tenzij jouw VPN-provider de versleuteldeDNS-servers host, **nee**. Het gebruik van DOH/DOT (of een andere vorm van versleutelde DNS) met servers van derden zal gewoon meer entiteiten toevoegen om te vertrouwen en doet **absoluut niets** om jouw privacy/veiligheid te verbeteren. Jouw VPN-provider kan nog steeds zien welke websites je bezoekt op basis van de IP-adressen en andere methoden. In plaats van alleen jouw VPN-provider te vertrouwen, vertrouwt je nu zowel de VPN-provider als de DNS-provider.
-
-Een veelgehoorde reden om versleutelde DNS aan te bevelen is dat het helpt tegen DNS spoofing. Jouw browser zou echter al moeten controleren op [TLS-certificaten](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) met **HTTPS** en je daarvoor moeten waarschuwen. Als je **HTTPS** niet gebruikt, dan kan een tegenstander nog steeds gewoon iets anders dan jouw DNS-query's wijzigen en zal het eindresultaat weinig anders zijn.
-
-Niet onnodig te zeggen, **dat je geen versleutelde DNS moet gebruiken met Tor**. Dit zou al jouw DNS-verzoeken via één enkel circuit leiden en de gecodeerde DNS-provider in staat stellen je te deanonimiseren.
-
-## Moet ik Tor *gebruiken en* een VPN?
-
-Door een VPN met Tor te gebruiken, creëer je in wezen een permanent toegangsknooppunt, vaak met een geldspoor eraan vast. Dit levert je geen enkel extra voordeel op, terwijl het aanvalsoppervlak van jouw verbinding drastisch wordt vergroot. Als je je Tor gebruik wilt verbergen voor je ISP of je overheid, dan heeft Tor daar een ingebouwde oplossing voor: Tor bridges. [Lees meer over Tor bridges en waarom het gebruik van een VPN niet nodig is](../advanced/tor-overview.md).
-
-## Wat als ik anonimiteit nodig heb?
-
-VPN's kunnen geen anonimiteit bieden. Jouw VPN-provider ziet nog steeds jouw echte IP-adres, en heeft vaak een geldspoor dat direct naar u kan worden teruggeleid. Je kunt niet vertrouwen op een "no logging"-beleid om jouw gegevens te beschermen. Gebruik in plaats daarvan [Tor](https://www.torproject.org/).
-
-## Hoe zit het met VPN providers die Tor nodes aanbieden?
-
-Gebruik die functie niet. Het punt van het gebruik van Tor is dat je je VPN provider niet vertrouwt. Momenteel ondersteunt Tor alleen het [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (gebruikt in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) voor het delen van spraak en video, het nieuwe [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, enz.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) en andere pakketten zullen worden gedropt. Om dit te compenseren, routeren VPN-aanbieders gewoonlijk alle niet-TCP-pakketten via hun VPN-server (je eerste hop). Dit is het geval met [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Bovendien, wanneer je deze Tor over VPN setup gebruikt, heb je geen controle over andere belangrijke Tor functies zoals [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (een ander Tor circuit gebruiken voor elk domein dat je bezoekt).
-
-De functie moet gezien worden als een handige manier om toegang te krijgen tot het Tor Netwerk, niet om anoniem te blijven. Gebruik voor echte anonimiteit de Tor Browser, TorSocks of een Tor gateway.
-
-## Wanneer zijn VPN's nuttig?
-
-Een VPN kan nog steeds nuttig zijn voor je in een aantal scenario's, zoals:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Het verbergen van jouw verkeer van **is alleen** jouw Internet Service Provider.
1. Het verbergen van je downloads (zoals torrents) voor je ISP en anti-piraterij organisaties.
-1. Het verbergen van jouw IP-adres voor websites en diensten van derden, zodat IP-gebaseerde tracering wordt voorkomen.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-Voor dit soort situaties, of als je een andere dwingende reden hebt, zijn de VPN-providers die we hierboven hebben opgesomd volgens ons de meest betrouwbare. Het gebruik van een VPN-provider betekent echter nog steeds dat je *vertrouwt op* de provider. In vrijwel elk ander scenario zou je een veilige **"by-design"** tool zoals Tor moeten gebruiken.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Bronnen en verdere lectuur
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. En er is geen enkele manier om het "no logging" beleid van een VPN provider te verifiëren.
-1. [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) door Dennis Schubert
-1. [Tor Netwerk Overzicht](../advanced/tor-overview.md)
-1. [IVPN Privacy Gidsen](https://www.ivpn.net/privacy-guides)
-1. ["Heb ik een VPN nodig?"](https://www.doineedavpn.com), een tool ontwikkeld door IVPN om agressieve VPN-marketing uit te dagen door mensen te helpen beslissen of een VPN geschikt is voor hen.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Dit kan spam- en fraudedetectiesystemen alarmeren, zoals wanneer je zou inloggen op de website van uw bank.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. Om wat je doet op de websites die je bezoekt privé en veilig te houden, moet je HTTPS gebruiken. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Moet ik versleutelde DNS gebruiken met een VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Jouw VPN-provider kan nog steeds zien welke websites je bezoekt op basis van de IP-adressen en andere methoden. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. Jouw browser zou echter al moeten controleren op [TLS-certificaten](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) met **HTTPS** en je daarvoor moeten waarschuwen. Als je **HTTPS** niet gebruikt, dan kan een tegenstander nog steeds gewoon iets anders dan jouw DNS-query's wijzigen en zal het eindresultaat weinig anders zijn.
+
+## Moet ik Tor *gebruiken en* een VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. Om dit te compenseren, routeren VPN-aanbieders gewoonlijk alle niet-TCP-pakketten via hun VPN-server (je eerste hop). Dit is het geval met [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Bovendien, wanneer je deze Tor over VPN setup gebruikt, heb je geen controle over andere belangrijke Tor functies zoals [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (een ander Tor circuit gebruiken voor elk domein dat je bezoekt).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Verwante VPN-informatie
@@ -76,3 +112,4 @@ Voor dit soort situaties, of als je een andere dwingende reden hebt, zijn de VPN
- [Gratis VPN-app onderzoek](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Verborgen VPN-eigenaars onthuld: 101 VPN-producten van slechts 23 bedrijven](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [Dit Chinese bedrijf zit in het geheim achter 24 populaire apps die gevaarlijke toestemmingen zoeken](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) door Dennis Schubert
diff --git a/i18n/nl/desktop.md b/i18n/nl/desktop.md
index 8ebf2e65..4a127269 100644
--- a/i18n/nl/desktop.md
+++ b/i18n/nl/desktop.md
@@ -120,11 +120,9 @@ Nix is een source-based package manager; als er geen pre-built beschikbaar is in
Whonix is bedoeld om te draaien als twee virtuele machines: een "Workstation" en een Tor "Gateway" Alle communicatie van het werkstation moet via de Tor-gateway gaan. Dit betekent dat zelfs als het werkstation wordt gecompromitteerd door malware, het ware IP-adres verborgen blijft.
-Enkele van de functies zijn Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), en een hardened memory allocator.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Toekomstige versies van Whonix zullen waarschijnlijk [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) en een [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) bevatten om alle processen op het systeem volledig in te perken.
-
-Whonix wordt het best gebruikt [in combinatie met Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix heeft diverse [nadelen](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) in vergelijking met andere hypervisors.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/nl/device-integrity.md b/i18n/nl/device-integrity.md
new file mode 100644
index 00000000..261aa9d6
--- /dev/null
+++ b/i18n/nl/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger "Gevaar"
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/nl/os/qubes-overview.md b/i18n/nl/os/qubes-overview.md
index 2619627b..92caac93 100644
--- a/i18n/nl/os/qubes-overview.md
+++ b/i18n/nl/os/qubes-overview.md
@@ -49,6 +49,22 @@ To copy and paste files and directories (folders) from one *qube* to another, yo
The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Qubes which allows communication between domains. Het is gebouwd bovenop de Xen-bibliotheek *vchan*, die [isolatie vergemakkelijkt door middel van beleid](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Extra bronnen
Voor aanvullende informatie raden wij je aan de uitgebreide Qubes OS documentatie pagina's te raadplegen op de [Qubes OS Website](https://www.qubes-os.org/doc/). Offline kopieën kunnen worden gedownload van het Qubes OS [documentatie archief](https://github.com/QubesOS/qubes-doc).
diff --git a/i18n/nl/tools.md b/i18n/nl/tools.md
index 7ea422ae..f6cb8040 100644
--- a/i18n/nl/tools.md
+++ b/i18n/nl/tools.md
@@ -157,6 +157,7 @@ Wij [bevelen](dns.md#recommended-providers) een aantal versleutelde DNS servers
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[Meer informatie :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ Wij [bevelen](dns.md#recommended-providers) een aantal versleutelde DNS servers
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ Wij [bevelen](dns.md#recommended-providers) een aantal versleutelde DNS servers
[Meer informatie :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[Meer informatie :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/nl/tor.md b/i18n/nl/tor.md
index cf8a9e5b..a504cbaf 100644
--- a/i18n/nl/tor.md
+++ b/i18n/nl/tor.md
@@ -39,7 +39,15 @@ Tor werkt door je internetverkeer om te leiden via deze door vrijwilligers behee
## Verbinding maken met Tor
-Er zijn verschillende manieren om verbinding te maken met het Tor-netwerk vanaf je apparaat. De meest gebruikte is de **Tor Browser**, een fork van Firefox ontworpen voor anoniem browsen voor desktop computers en Android. Naast de onderstaande apps zijn er ook besturingssystemen die speciaal zijn ontworpen om verbinding te maken met het Tor-netwerk, zoals [Whonix](desktop.md#whonix) op [Qubes OS](desktop.md#qubes-os), die nog meer veiligheid en bescherming bieden dan de standaard Tor Browser.
+!!! tip
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+Er zijn verschillende manieren om verbinding te maken met het Tor-netwerk vanaf je apparaat. De meest gebruikte is de **Tor Browser**, een fork van Firefox ontworpen voor anoniem browsen voor desktop computers en Android.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor Browser
@@ -69,6 +77,8 @@ Er zijn verschillende manieren om verbinding te maken met het Tor-netwerk vanaf
De Tor Browser is ontworpen om fingerprinting, of het identificeren van jou op basis van je browserconfiguratie, te voorkomen. **Daarom is het absoluut noodzakelijk dat je** de browser niet wijzigt buiten de standaard [beveiligingsniveaus](https://tb-manual.torproject.org/security-settings/).
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! recommendation
diff --git a/i18n/pl/advanced/tor-overview.md b/i18n/pl/advanced/tor-overview.md
index 379f6fe0..5901ce73 100644
--- a/i18n/pl/advanced/tor-overview.md
+++ b/i18n/pl/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor is a free to use, decentralized network designed for using the
Tor is a free to use, decentralized network designed for using the internet with as much privacy as possible. If used properly, the network enables private and anonymous browsing and communications.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Path Building to Clearnet Services
"Clearnet services" are websites which you can access with any browser, like [privacyguides.org](https://www.privacyguides.org). Tor lets you connect to these websites anonymously by routing your traffic through a network comprised of thousands of volunteer-run servers called nodes (or relays).
@@ -76,13 +156,34 @@ Tor allows us to connect to a server without any single party knowing the entire
Though Tor does provide strong privacy guarantees, one must be aware that Tor is not perfect:
-- Well-funded adversaries with the capability to passively watch most network traffic over the globe have a chance of deanonymizing Tor users by means of advanced traffic analysis. Nor does Tor protect you from exposing yourself by mistake, such as if you share too much information about your real identity.
-- Tor exit nodes can also monitor traffic that passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be recorded and monitored. If such traffic contains personally identifiable information, then it can deanonymize you to that exit node. Thus, we recommend using HTTPS over Tor where possible.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Tor exit nodes can also monitor traffic that passes through them. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
If you wish to use Tor for browsing the web, we only recommend the **official** Tor Browser—it is designed to prevent fingerprinting.
- [Tor Browser :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Android
- [Tor Browser User Manual](https://tb-manual.torproject.org)
diff --git a/i18n/pl/android.md b/i18n/pl/android.md
index e77c44fc..c1a5d7ad 100644
--- a/i18n/pl/android.md
+++ b/i18n/pl/android.md
@@ -215,39 +215,6 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
-### Auditor
-
-!!! rekomendacja
-
- { align=right }
- { align=right }
-
- **Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
-
- ??? downloads
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor performs attestation and intrusion detection by:
-
-- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
-- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
-- The *auditor* records the current state and configuration of the *auditee*.
-- Should tampering with the operating system of the *auditee* happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
-- You will be alerted to the change.
-
-No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
-
-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
-
### Secure Camera
!!! rekomendacja
@@ -347,7 +314,7 @@ Aurora Store does not allow you to download paid apps with their anonymous accou
### GrapheneOS App Store
-For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](/news-aggregators) that will help you keep track of new releases.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/pl/basics/common-threats.md b/i18n/pl/basics/common-threats.md
index e278c0cb..9776a47b 100644
--- a/i18n/pl/basics/common-threats.md
+++ b/i18n/pl/basics/common-threats.md
@@ -39,7 +39,7 @@ To minimize the damage that a malicious piece of software *could* do, you should
Mobile operating systems generally have better application sandboxing than desktop operating systems: Apps can't obtain root access, and require permission for access to system resources.
- Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../../desktop/#qubes-os).
+ Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Targeted Attacks
diff --git a/i18n/pl/basics/vpn-overview.md b/i18n/pl/basics/vpn-overview.md
index d057a1ae..2f34dd6e 100644
--- a/i18n/pl/basics/vpn-overview.md
+++ b/i18n/pl/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Virtual Private Networks shift risk away from your ISP to a third-party you trust. You should keep these things in mind.
---
-Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world. An ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-A VPN can help as it can shift trust to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing into it.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## Should I use a VPN?
-**Yes**, unless you are already using Tor. A VPN does two things: shifting the risks from your Internet Service Provider to itself and hiding your IP from a third-party service.
-
-VPNs cannot encrypt data outside of the connection between your device and the VPN server. VPN providers can see and modify your traffic the same way your ISP could. And there is no way to verify a VPN provider's "no logging" policies in any way.
-
-However, they do hide your actual IP from a third-party service, provided that there are no IP leaks. They help you blend in with others and mitigate IP based tracking.
-
-## When shouldn't I use a VPN?
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
-
-## What about encryption?
-
-Encryption offered by VPN providers are between your devices and their servers. It guarantees that this specific link is secure. This is a step up from using unencrypted proxies where an adversary on the network can intercept the communications between your devices and said proxies and modify them. However, encryption between your apps or browsers with the service providers are not handled by this encryption.
-
-In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider. Consider enabling "HTTPS everywhere" in your browser to mitigate downgrade attacks like [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Should I use encrypted DNS with a VPN?
-
-Unless your VPN provider hosts the encrypted DNS servers, **no**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust and does **absolutely nothing** to improve your privacy/security. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. Instead of just trusting your VPN provider, you are now trusting both the VPN provider and the DNS provider.
-
-A common reason to recommend encrypted DNS is that it helps against DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
-
-Needless to say, **you shouldn't use encrypted DNS with Tor**. This would direct all of your DNS requests through a single circuit and would allow the encrypted DNS provider to deanonymize you.
-
-## Should I use Tor *and* a VPN?
-
-By using a VPN with Tor, you're creating essentially a permanent entry node, often with a money trail attached. This provides zero additional benefits to you, while increasing the attack surface of your connection dramatically. If you wish to hide your Tor usage from your ISP or your government, Tor has a built-in solution for that: Tor bridges. [Read more about Tor bridges and why using a VPN is not necessary](../advanced/tor-overview.md).
-
-## What if I need anonymity?
-
-VPNs cannot provide anonymity. Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data. Use [Tor](https://www.torproject.org/) instead.
-
-## What about VPN providers that provide Tor nodes?
-
-Do not use that feature. The point of using Tor is that you do not trust your VPN provider. Currently Tor only supports the [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
-
-The feature should be viewed as a convenient way to access the Tor Network, not to stay anonymous. For proper anonymity, use the Tor Browser, TorSocks, or a Tor gateway.
-
-## When are VPNs useful?
-
-A VPN may still be useful to you in a variety of scenarios, such as:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Hiding your traffic from **only** your Internet Service Provider.
1. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
-1. Hiding your IP from third-party websites and services, preventing IP based tracking.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-For situations like these, or if you have another compelling reason, the VPN providers we listed above are who we think are the most trustworthy. However, using a VPN provider still means you're *trusting* the provider. In pretty much any other scenario you should be using a secure**-by-design** tool such as Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Sources and Further Reading
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. And there is no way to verify a VPN provider's "no logging" policies in any way.
-1. [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
-1. [Tor Network Overview](../advanced/tor-overview.md)
-1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-1. ["Do I need a VPN?"](https://www.doineedavpn.com), a tool developed by IVPN to challenge aggressive VPN marketing by helping individuals decide if a VPN is right for them.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Should I use encrypted DNS with a VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
+
+## Should I use Tor *and* a VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Related VPN Information
@@ -76,3 +112,4 @@ For situations like these, or if you have another compelling reason, the VPN pro
- [Free VPN App Investigation](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Hidden VPN owners unveiled: 101 VPN products run by just 23 companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [This Chinese company is secretly behind 24 popular apps seeking dangerous permissions](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
diff --git a/i18n/pl/desktop.md b/i18n/pl/desktop.md
index 7c2311dd..385c6c61 100644
--- a/i18n/pl/desktop.md
+++ b/i18n/pl/desktop.md
@@ -120,11 +120,9 @@ Nix is a source-based package manager; if there’s no pre-built available in th
Whonix is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden.
-Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-
-Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix has various [disadvantages](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) when compared to other hypervisors.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/pl/device-integrity.md b/i18n/pl/device-integrity.md
new file mode 100644
index 00000000..2eb2a963
--- /dev/null
+++ b/i18n/pl/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! rekomendacja
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! rekomendacja
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! rekomendacja
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! rekomendacja
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! rekomendacja
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/pl/os/qubes-overview.md b/i18n/pl/os/qubes-overview.md
index 451cebc9..5a4fc46e 100644
--- a/i18n/pl/os/qubes-overview.md
+++ b/i18n/pl/os/qubes-overview.md
@@ -49,6 +49,22 @@ To copy and paste files and directories (folders) from one *qube* to another, yo
The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Qubes which allows communication between domains. It is built on top of the Xen library *vchan*, which facilitates [isolation through policies](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Android
For additional information we encourage you to consult the extensive Qubes OS documentation pages located on the [Qubes OS Website](https://www.qubes-os.org/doc/). Offline copies can be downloaded from the Qubes OS [documentation repository](https://github.com/QubesOS/qubes-doc).
diff --git a/i18n/pl/tools.md b/i18n/pl/tools.md
index 6ac4c111..9ac28bd1 100644
--- a/i18n/pl/tools.md
+++ b/i18n/pl/tools.md
@@ -157,6 +157,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[Dowiedz się więcej :hero-arrow-circle-right-fill:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
[Dowiedz się więcej :hero-arrow-circle-right-fill:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[Dowiedz się więcej :hero-arrow-circle-right-fill:](device-integrity.md)
diff --git a/i18n/pl/tor.md b/i18n/pl/tor.md
index 5722f67f..c087c189 100644
--- a/i18n/pl/tor.md
+++ b/i18n/pl/tor.md
@@ -39,7 +39,15 @@ Tor works by routing your internet traffic through those volunteer-operated serv
## Connecting to Tor
-There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android. In addition to the apps listed below, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser.
+!!! tip
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor Browser
@@ -69,6 +77,8 @@ There are a variety of ways to connect to the Tor network from your device, the
The Tor Browser is designed to prevent fingerprinting, or identifying you based on your browser configuration. Therefore, it is imperative that you do **not** modify the browser beyond the default [security levels](https://tb-manual.torproject.org/security-settings/).
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! rekomendacja
diff --git a/i18n/pt-BR/advanced/tor-overview.md b/i18n/pt-BR/advanced/tor-overview.md
index b0548594..4ffb5777 100644
--- a/i18n/pt-BR/advanced/tor-overview.md
+++ b/i18n/pt-BR/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor é uma rede descentralizada de uso gratuito, projetada para usa
Tor é uma rede descentralizada de uso gratuito, projetada para usar a Internet com o máximo de privacidade possível. Se usada corretamente, a rede permite navegação e comunicações privadas e anônimas.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Path Building to Clearnet Services
"Clearnet services" are websites which you can access with any browser, like [privacyguides.org](https://www.privacyguides.org). Tor lets you connect to these websites anonymously by routing your traffic through a network comprised of thousands of volunteer-run servers called nodes (or relays).
@@ -76,13 +156,34 @@ Tor allows us to connect to a server without any single party knowing the entire
Though Tor does provide strong privacy guarantees, one must be aware that Tor is not perfect:
-- Well-funded adversaries with the capability to passively watch most network traffic over the globe have a chance of deanonymizing Tor users by means of advanced traffic analysis. Nor does Tor protect you from exposing yourself by mistake, such as if you share too much information about your real identity.
-- Tor exit nodes can also monitor traffic that passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be recorded and monitored. If such traffic contains personally identifiable information, then it can deanonymize you to that exit node. Thus, we recommend using HTTPS over Tor where possible.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Tor exit nodes can also monitor traffic that passes through them. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
If you wish to use Tor for browsing the web, we only recommend the **official** Tor Browser—it is designed to prevent fingerprinting.
- [Tor Browser :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Recursos Adicionais
- [Tor Browser User Manual](https://tb-manual.torproject.org)
diff --git a/i18n/pt-BR/android.md b/i18n/pt-BR/android.md
index 9841a226..29470b2f 100644
--- a/i18n/pt-BR/android.md
+++ b/i18n/pt-BR/android.md
@@ -215,39 +215,6 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
-
- ??? downloads
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor performs attestation and intrusion detection by:
-
-- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
-- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
-- The *auditor* records the current state and configuration of the *auditee*.
-- Should tampering with the operating system of the *auditee* happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
-- You will be alerted to the change.
-
-No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
-
-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
-
### Secure Camera
!!! recommendation
@@ -347,7 +314,7 @@ Aurora Store não permite que você baixe aplicativos pagos com o recurso de con
### Manualmente com Notificações RSS
-For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](/news-aggregators) that will help you keep track of new releases.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/pt-BR/basics/common-threats.md b/i18n/pt-BR/basics/common-threats.md
index c3d94837..557936d4 100644
--- a/i18n/pt-BR/basics/common-threats.md
+++ b/i18n/pt-BR/basics/common-threats.md
@@ -39,7 +39,7 @@ Para minimizar os danos que um aplicativo malicioso *pode* causar, você deve us
Sistemas operacionais móveis geralmente têm um isolamento (sandboxing) de aplicativos melhor do que os sistemas operacionais de mesa (desktop): Aplicativos não podem obter acesso à raiz e precisam de permissão para acessar os recursos do sistema.
- Sistemas operacionais de mesa geralmente ficam para trás em termos de isolamento adequado. ChromeOS tem recursos de isolamento semelhantes aos do Android, e o macOS tem controle total de permissões do sistema (e os desenvolvedores podem optar pelo isolamento para aplicativos). No entanto, esses sistemas operacionais transmitem informações de identificação para seus respectivos OEMs. Linux tende a não enviar informações aos fornecedores de sistemas, mas tem pouca proteção contra explorações e aplicativos mal-intencionados. Isso pode ser amenizado de alguma forma com distribuições especializadas que fazem uso significativo de máquinas virtuais ou contêineres, como o [Qubes OS](../../desktop/#qubes-os).
+ Sistemas operacionais de mesa geralmente ficam para trás em termos de isolamento adequado. ChromeOS tem recursos de isolamento semelhantes aos do Android, e o macOS tem controle total de permissões do sistema (e os desenvolvedores podem optar pelo isolamento para aplicativos). No entanto, esses sistemas operacionais transmitem informações de identificação para seus respectivos OEMs. Linux tende a não enviar informações aos fornecedores de sistemas, mas tem pouca proteção contra explorações e aplicativos mal-intencionados. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Ataques Direcionados
diff --git a/i18n/pt-BR/basics/vpn-overview.md b/i18n/pt-BR/basics/vpn-overview.md
index 80c009d5..ed0b3f85 100644
--- a/i18n/pt-BR/basics/vpn-overview.md
+++ b/i18n/pt-BR/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: As Redes Privadas Virtuais transferem o risco do seu ISP para um terceiro em quem você confia. Você deve ter isso em mente.
---
-Redes Privadas Virtuais são uma forma de estender o fim da sua conexão para sair de outro lugar do mundo. Um provedor de serviços de internet (ISP) pode ver o fluxo de tráfego da Internet que entra e sai do seu dispositivo de terminação de rede (por exemplo, o modem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Protocolos de criptografia, como o HTTPS, são frequentemente usados na Internet, de modo que eles não consigam ver exatamente o que você está postando ou lendo, mas eles podem ter uma ideia dos [domínios que você solicita](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-Uma VPN pode ajudar, visto que transfere a confiança para um servidor em outro lugar do mundo. Como resultado, seu provedor de Internet só vê que você está conectado a uma VPN e nada sobre a atividade que você está transmitindo através dela.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## Devo Usar Uma VPN?
-**Sim**, a menos que você já esteja usando o Tor. Uma VPN faz duas coisas: transfere os riscos do seu Provedor de Serviços de Internet para você mesmo e oculta seu IP de um serviço de terceiros.
-
-VPNs não podem criptografar dados fora da conexão entre o seu dispositivo e o servidor VPN. Provedores de VPN podem ver e modificar seu tráfego da mesma forma que seu provedor de internet pode. E não há nenhuma maneira de verificar as políticas de "não registro" dos provedores de VPN.
-
-No entanto, eles ocultam seu IP real de um serviço de terceiros, desde que não haja vazamentos de IP. Ajudam a misturar-se com os outros e a diminuir o rastreio baseado no IP.
-
-## Quando não deveria usar uma VPN?
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-Fazê-lo pode acionar sistemas de detecção de fraude e “spam”, como se você logasse no site do seu banco.
-
-## E Quanto à Criptografia?
-
-A criptografia oferecida por provedores de VPN está presente entre seus dispositivos e os servidores deles. Isso garante que esse link específico entre cliente-servidor é seguro. Isso já é um avanço em relação a utilizar “proxies” descriptografados onde um adversário na rede pode interceptar as comunicações entre seus dispositivos e os respectivos “proxies”, modificando-as. No entanto, a criptografia entre seus aplicativos e navegadores com os provedores de serviço não é tratada por essa criptografia.
-
-Para manter realmente privado e seguro o que você faz nos sites que visita, você precisa utilizar HTTPS. Isso irá manter suas senhas, “tokens” de seção, e consultas seguras do seu provedor de VPN. Considere habilitar a opção “HTTPS automático” no seu navegador para mitigar ataques de “downgrade” como o [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Devo usar DNS criptografado com uma VPN?
-
-A menos que seu próprio provedor de VPN hospede os servidores de DNS criptografados, **não**. Usar “DOH/DOT” (ou qualquer outra forma de DNS criptografado) com um servidor terceiro irá simplesmente adicionar mais entidades para confiar e não faz **absolutamente nada** para melhorar sua privacidade/segurança. Seu provedor VPN ainda pode ver quais sites você visita baseado nos seus endereços IP e outros métodos. Ao invés de confiar apenas no seu provedor VPN, você agora estará confiando nele e no provedor DNS escolhido.
-
-Uma razão comum para recomendar DNS criptografado é que ajuda contra a falsificação de DNS (ou “DNS spoofing”). No entanto, seu navegador já deve estar checando por [certificados TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) com **HTTPS** e te informar sobre. Se você não está usando **HTTPS**, então um adversário pode simplesmente modificar qualquer coisa diferente das suas consultas DNS e o resultado será pouco diferente.
-
-Needless to say, **you shouldn't use encrypted DNS with Tor**. This would direct all of your DNS requests through a single circuit and would allow the encrypted DNS provider to deanonymize you.
-
-## Devo usar Tor *e* uma VPN?
-
-Ao usar uma VPN com Tor, você cria essencialmente um node de entrada permanente, geralmente com um rastro de dinheiro anexado. Isso não oferece nenhum benefício adicional para você, enquanto aumenta drasticamente a superfície de ataque da sua conexão. Se você deseja ocultar o uso do Tor do seu ISP ou do governo, o Tor tem uma solução integrada para isso: Tor bridges. [Leia mais sobre Tor bridges e por que não é necessário usar uma VPN](../advanced/tor-overview.md).
-
-## E se eu precisar de anonimato?
-
-As VPNs não podem fornecer anonimato. Seu provedor de VPN ainda verá seu endereço IP real e geralmente possui um rastro de dinheiro que pode ser vinculado diretamente a você. Você não pode confiar em políticas de “no logging” para proteger seus dados. Use [Tor](https://www.torproject.org/) em vez disso.
-
-## E os provedores de VPN que fornecem nós Tor?
-
-Não use esse recurso. O objetivo de usar o Tor é que você não confia no seu provedor de VPN. Currently Tor only supports the [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
-
-The feature should be viewed as a convenient way to access the Tor Network, not to stay anonymous. For proper anonymity, use the Tor Browser, TorSocks, or a Tor gateway.
-
-## Quando VPNs são úteis?
-
-A VPN may still be useful to you in a variety of scenarios, such as:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Hiding your traffic from **only** your Internet Service Provider.
1. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
-1. Hiding your IP from third-party websites and services, preventing IP based tracking.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-For situations like these, or if you have another compelling reason, the VPN providers we listed above are who we think are the most trustworthy. However, using a VPN provider still means you're *trusting* the provider. In pretty much any other scenario you should be using a secure**-by-design** tool such as Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Fontes e Leituras Adicionais
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. E não há nenhuma maneira de verificar as políticas de "não registro" dos provedores de VPN.
-1. [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
-1. [Tor Network Overview](../advanced/tor-overview.md)
-1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-1. ["Do I need a VPN?"](https://www.doineedavpn.com), a tool developed by IVPN to challenge aggressive VPN marketing by helping individuals decide if a VPN is right for them.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Fazê-lo pode acionar sistemas de detecção de fraude e “spam”, como se você logasse no site do seu banco.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. Para manter realmente privado e seguro o que você faz nos sites que visita, você precisa utilizar HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Devo usar DNS criptografado com uma VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Seu provedor VPN ainda pode ver quais sites você visita baseado nos seus endereços IP e outros métodos. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. No entanto, seu navegador já deve estar checando por [certificados TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) com **HTTPS** e te informar sobre. Se você não está usando **HTTPS**, então um adversário pode simplesmente modificar qualquer coisa diferente das suas consultas DNS e o resultado será pouco diferente.
+
+## Devo usar Tor *e* uma VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Informações Relacionadas a VPN
@@ -76,3 +112,4 @@ For situations like these, or if you have another compelling reason, the VPN pro
- [Investigação de Aplicativos VPN Gratuitos](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Proprietários Secretos de VPN revelados: 101 produtos VPN operados por apenas 23 empresas](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [Esta empresa chinesa está secretamente por trás de 24 aplicativos populares que pedem permissões perigosas](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
diff --git a/i18n/pt-BR/desktop.md b/i18n/pt-BR/desktop.md
index 9d01b2bb..cee56d52 100644
--- a/i18n/pt-BR/desktop.md
+++ b/i18n/pt-BR/desktop.md
@@ -120,11 +120,9 @@ Nix is a source-based package manager; if there’s no pre-built available in th
Whonix is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden.
-Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-
-Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix has various [disadvantages](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) when compared to other hypervisors.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/pt-BR/device-integrity.md b/i18n/pt-BR/device-integrity.md
new file mode 100644
index 00000000..76da114e
--- /dev/null
+++ b/i18n/pt-BR/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/pt-BR/os/qubes-overview.md b/i18n/pt-BR/os/qubes-overview.md
index 05aa2d9e..29f23e2c 100644
--- a/i18n/pt-BR/os/qubes-overview.md
+++ b/i18n/pt-BR/os/qubes-overview.md
@@ -49,6 +49,22 @@ To copy and paste files and directories (folders) from one *qube* to another, yo
The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Qubes which allows communication between domains. It is built on top of the Xen library *vchan*, which facilitates [isolation through policies](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Recursos Adicionais
For additional information we encourage you to consult the extensive Qubes OS documentation pages located on the [Qubes OS Website](https://www.qubes-os.org/doc/). Offline copies can be downloaded from the Qubes OS [documentation repository](https://github.com/QubesOS/qubes-doc).
diff --git a/i18n/pt-BR/tools.md b/i18n/pt-BR/tools.md
index e882dc78..2fc006f1 100644
--- a/i18n/pt-BR/tools.md
+++ b/i18n/pt-BR/tools.md
@@ -157,6 +157,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[Saiba mais :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
[Saiba mais :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[Saiba mais :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/pt-BR/tor.md b/i18n/pt-BR/tor.md
index 05213535..d3eb8343 100644
--- a/i18n/pt-BR/tor.md
+++ b/i18n/pt-BR/tor.md
@@ -39,7 +39,15 @@ O Tor funciona roteando seu tráfego de internet através desses servidores oper
## Conectando-se ao Tor
-Existem várias maneiras de se conectar à rede Tor a partir do seu dispositivo, a mais usada é o **Navegador Tor**, um garfo do Firefox projetado para navegação anônima em computadores e em celulares Android. Além dos aplicativos listados abaixo, também existem sistemas operacionais projetados especificamente para se conectar à rede Tor, como [Whonix](desktop.md#whonix) no [Qubes OS](desktop.md#qubes-os), que proporcionam ainda mais segurança e proteção do que o tradicional Navegador Tor.
+!!! tip
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+Existem várias maneiras de se conectar à rede Tor a partir do seu dispositivo, a mais usada é o **Navegador Tor**, um garfo do Firefox projetado para navegação anônima em computadores e em celulares Android.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Navegador Tor
@@ -75,6 +83,8 @@ Existem várias maneiras de se conectar à rede Tor a partir do seu dispositivo,
Este navegador dá acesso às Pontes Tor (Tor Bridges) e a \[Rede Tor\](https://en.wikipedia.org/wiki/Tor_(rede)), juntamente com extensões que podem ser configuradas automaticamente para se adaptarem aos três níveis de segurança propostos - *Standard*, *Safer* e *Safest*. Portanto, é importante que você **não** modifique o navegador fora dos [níveis de segurança disponíveis](https://tb-manual.torproject.org/security-settings/).
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! recommendation
diff --git a/i18n/pt/advanced/tor-overview.md b/i18n/pt/advanced/tor-overview.md
index f0422ed0..7da73ee7 100644
--- a/i18n/pt/advanced/tor-overview.md
+++ b/i18n/pt/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor é uma rede descentralizada e de utilização gratuita, concebi
Tor é uma rede descentralizada e de utilização gratuita, concebida para utilizar a Internet com o máximo de privacidade possível. Se utilizada corretamente, a rede permite a navegação e as comunicações privadas e anónimas.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Construção de caminhos para os serviços Clearnet
Os "serviços Clearnet" são sites a que pode aceder com qualquer browser, como é o caso do [privacyguides.org](https://www.privacyguides.org). O Tor permite-lhe ligar-se a estes sites de forma anónima, encaminhando o seu tráfego através de uma rede composta por milhares de servidores geridos por voluntários, chamados nós (ou relés).
@@ -76,13 +156,34 @@ O Tor permite-nos ligar a um servidor sem que alguma das partes conheça todo o
Embora o Tor ofereça fortes garantias de privacidade, é preciso estar ciente de que ele não é perfeito:
-- Adversários bem financiados, com a capacidade de observar passivamente a maior parte do tráfego de rede em todo o mundo, têm a possibilidade de desanonimizar os utilizadores do Tor através de uma análise de tráfego avançada. O Tor também não o protege de se expor inadvertidamente, como quando partilha demasiadas informações sobre a sua verdadeira identidade.
-- Os nós de saída do Tor também podem monitorizar o tráfego que passa por eles. Isto significa que o tráfego que não está encriptado, como o tráfego HTTP simples, pode ser registado e monitorizado. Se esse tráfego contiver informações de identificação pessoal, pode retirar o anonimato do utilizador para esse nó de saída. Assim, recomendamos a utilização de HTTPS sobre Tor sempre que possível.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Os nós de saída do Tor também podem monitorizar o tráfego que passa por eles. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
Se pretender utilizar o Tor para navegar na Web, recomendamos apenas o browser Tor **oficial** - foi concebido para evitar a recolha de impressões digitais.
- [Browser Tor :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Recursos Adicionais
- [Manual do utilizador do Tor](https://tb-manual.torproject.org)
diff --git a/i18n/pt/android.md b/i18n/pt/android.md
index 6bdc634f..7e09866a 100644
--- a/i18n/pt/android.md
+++ b/i18n/pt/android.md
@@ -219,40 +219,6 @@ Nós recomendamos uma grande variedade de aplicações Android neste sítio web.
Ao utilizar o Shelter, deposita a total confiança no seu programador, uma vez que o Shelter atua como [Device Admin] (https://developer.android.com/guide/topics/admin/device-admin) para criar o Perfil de Trabalho com um acesso alargado aos dados armazenados no Perfil de Trabalho.
-### Auditor
-
-!!! nota
- Consulte o [Tabela de Hardware](https://openwrt.org/toh/start) para verificar se o seu dispositivo é suportado.
-
- { align=right }
- { align=right }
-
- **Auditor** é uma aplicação que tira partido das funcionalidades de segurança do hardware para fornecer monitorização da integridade do dispositivo, validando ativamente a identidade de um dispositivo e a integridade do seu sistema operativo. Atualmente, só funciona com o GrapheneOS ou com o sistema operativo de stock para [dispositivos suportados] (https://attestation.app/about#device-support).
-
- [:octicons-home-16: Página Inicial](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Política de Privacidade" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentação}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Código fonte" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribuir }
-
- ??? downloads
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-O Auditor efetua a certificação e a deteção de intrusões por:
-
-- Usar um modelo [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) entre um auditor ** e um auditado **, o par estabelece uma chave privada no [keystore suportado por hardware](https://source.android.com/security/keystore/) do *Auditor*.
-- O *auditor* pode ser outra instância da aplicação Auditor ou o [Serviço de Certificação Remota](https://attestation.app).
-- O *auditor* regista o estado e a configuração atuais do *auditado*.
-- Caso ocorra uma adulteração do sistema operativo da entidade *auditada* após a conclusão do emparelhamento, o auditor terá conhecimento da alteração do estado e das configurações do dispositivo.
-- Será alertado para a alteração.
-
-Não são transmitidas ao serviço de atestação quaisquer informações pessoais identificáveis. Recomendamos que se registe com uma conta anónima e que ative o atestado remoto para uma monitorização contínua.
-
-Se o seu [modelo de ameaça](basics/threat-modeling.md) requer privacidade, pode considerar a utilização do [Orbot](tor.md#orbot) ou de uma VPN para ocultar o seu endereço IP do serviço de atestação. Para se certificar de que o seu hardware e sistema operativo são genuínos, realize [uma certificação local](https://grapheneos.org/install/web#verifying-installation) imediatamente após a instalação do dispositivo e antes de qualquer ligação à Internet.
-
### Câmara Segura
!!! nota
@@ -356,7 +322,7 @@ A Aurora Store não permite descarregar aplicações pagas com a sua funcionalid
### Manualmente com notificações RSS
-Para aplicações que são lançadas em plataformas como o GitHub e o GitLab, poderá ser possível adicionar um feed RSS ao seu [agregador de notícias](/news-aggregators) que o ajudará a acompanhar os novos lançamentos.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/pt/basics/common-threats.md b/i18n/pt/basics/common-threats.md
index b19c9f74..9e9c6a26 100644
--- a/i18n/pt/basics/common-threats.md
+++ b/i18n/pt/basics/common-threats.md
@@ -39,7 +39,7 @@ Para minimizar os danos que um software malicioso *pode* causar, deve utilizar a
Os sistemas operativos móveis têm geralmente uma melhor proteção das aplicações do que os sistemas operativos de secretária: as aplicações não podem obter acesso à raiz e necessitam de permissão para aceder aos recursos do sistema.
- Os sistemas operativos para desktop deixam a desejar no que diz respeito a uma adequada proteção. O ChromeOS tem capacidades de sandbox semelhantes às do Android e o macOS tem controlo total das permissões do sistema (e os programadores podem optar pela sandbox para as aplicações). No entanto, estes sistemas operativos transmitem informações de identificação aos respectivos OEMs. O Linux tende a não enviar informações aos fornecedores de sistemas, mas tem uma fraca proteção contra exploits e aplicações maliciosas. Isto pode ser mitigado de alguma forma com distribuições especializadas que fazem uso significativo de máquinas virtuais ou contentores, como o [Qubes OS](../../desktop/#qubes-os).
+ Os sistemas operativos para desktop deixam a desejar no que diz respeito a uma adequada proteção. O ChromeOS tem capacidades de sandbox semelhantes às do Android e o macOS tem controlo total das permissões do sistema (e os programadores podem optar pela sandbox para as aplicações). No entanto, estes sistemas operativos transmitem informações de identificação aos respectivos OEMs. O Linux tende a não enviar informações aos fornecedores de sistemas, mas tem uma fraca proteção contra exploits e aplicações maliciosas. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Ataques direcionados
diff --git a/i18n/pt/basics/vpn-overview.md b/i18n/pt/basics/vpn-overview.md
index d057a1ae..2f34dd6e 100644
--- a/i18n/pt/basics/vpn-overview.md
+++ b/i18n/pt/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Virtual Private Networks shift risk away from your ISP to a third-party you trust. You should keep these things in mind.
---
-Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world. An ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-A VPN can help as it can shift trust to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing into it.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## Should I use a VPN?
-**Yes**, unless you are already using Tor. A VPN does two things: shifting the risks from your Internet Service Provider to itself and hiding your IP from a third-party service.
-
-VPNs cannot encrypt data outside of the connection between your device and the VPN server. VPN providers can see and modify your traffic the same way your ISP could. And there is no way to verify a VPN provider's "no logging" policies in any way.
-
-However, they do hide your actual IP from a third-party service, provided that there are no IP leaks. They help you blend in with others and mitigate IP based tracking.
-
-## When shouldn't I use a VPN?
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
-
-## What about encryption?
-
-Encryption offered by VPN providers are between your devices and their servers. It guarantees that this specific link is secure. This is a step up from using unencrypted proxies where an adversary on the network can intercept the communications between your devices and said proxies and modify them. However, encryption between your apps or browsers with the service providers are not handled by this encryption.
-
-In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider. Consider enabling "HTTPS everywhere" in your browser to mitigate downgrade attacks like [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Should I use encrypted DNS with a VPN?
-
-Unless your VPN provider hosts the encrypted DNS servers, **no**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust and does **absolutely nothing** to improve your privacy/security. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. Instead of just trusting your VPN provider, you are now trusting both the VPN provider and the DNS provider.
-
-A common reason to recommend encrypted DNS is that it helps against DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
-
-Needless to say, **you shouldn't use encrypted DNS with Tor**. This would direct all of your DNS requests through a single circuit and would allow the encrypted DNS provider to deanonymize you.
-
-## Should I use Tor *and* a VPN?
-
-By using a VPN with Tor, you're creating essentially a permanent entry node, often with a money trail attached. This provides zero additional benefits to you, while increasing the attack surface of your connection dramatically. If you wish to hide your Tor usage from your ISP or your government, Tor has a built-in solution for that: Tor bridges. [Read more about Tor bridges and why using a VPN is not necessary](../advanced/tor-overview.md).
-
-## What if I need anonymity?
-
-VPNs cannot provide anonymity. Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data. Use [Tor](https://www.torproject.org/) instead.
-
-## What about VPN providers that provide Tor nodes?
-
-Do not use that feature. The point of using Tor is that you do not trust your VPN provider. Currently Tor only supports the [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
-
-The feature should be viewed as a convenient way to access the Tor Network, not to stay anonymous. For proper anonymity, use the Tor Browser, TorSocks, or a Tor gateway.
-
-## When are VPNs useful?
-
-A VPN may still be useful to you in a variety of scenarios, such as:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Hiding your traffic from **only** your Internet Service Provider.
1. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
-1. Hiding your IP from third-party websites and services, preventing IP based tracking.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-For situations like these, or if you have another compelling reason, the VPN providers we listed above are who we think are the most trustworthy. However, using a VPN provider still means you're *trusting* the provider. In pretty much any other scenario you should be using a secure**-by-design** tool such as Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Sources and Further Reading
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. And there is no way to verify a VPN provider's "no logging" policies in any way.
-1. [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
-1. [Tor Network Overview](../advanced/tor-overview.md)
-1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-1. ["Do I need a VPN?"](https://www.doineedavpn.com), a tool developed by IVPN to challenge aggressive VPN marketing by helping individuals decide if a VPN is right for them.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Should I use encrypted DNS with a VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
+
+## Should I use Tor *and* a VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Related VPN Information
@@ -76,3 +112,4 @@ For situations like these, or if you have another compelling reason, the VPN pro
- [Free VPN App Investigation](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Hidden VPN owners unveiled: 101 VPN products run by just 23 companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [This Chinese company is secretly behind 24 popular apps seeking dangerous permissions](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
diff --git a/i18n/pt/desktop.md b/i18n/pt/desktop.md
index e15aff49..2217ae20 100644
--- a/i18n/pt/desktop.md
+++ b/i18n/pt/desktop.md
@@ -120,11 +120,9 @@ Nix is a source-based package manager; if there’s no pre-built available in th
Whonix is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden.
-As futuras versões da Whonix provavelmente incluirão [políticas completas do sistema Apparmor](https://github.com/Whonix/apparmor-profile-everything) e um [lançador de aplicativos sandbox](https://www.whonix.org/wiki/Sandbox-app-launcher) para confinar totalmente todos os processos no sistema.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Whonix é melhor usado [em conjunto com Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers).
-
-Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix has various [disadvantages](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) when compared to other hypervisors.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Caudas
diff --git a/i18n/pt/device-integrity.md b/i18n/pt/device-integrity.md
new file mode 100644
index 00000000..6f445524
--- /dev/null
+++ b/i18n/pt/device-integrity.md
@@ -0,0 +1,228 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! Isto permite-nos fornecer recomendações completamente objectivas. Desenvolvemos um conjunto claro de requisitos para qualquer provedor de VPN que deseje ser recomendado, incluindo criptografia forte, auditorias de segurança independentes, tecnologia moderna, e muito mais.
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! nota
+Consulte o Tabela de Hardware para verificar se o seu dispositivo é suportado.
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! Recomendamos que você verifique o documentação de Yubico sobre como configurar isso.
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! nota
+Consulte o Tabela de Hardware para verificar se o seu dispositivo é suportado.
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! Recomendamos que você verifique o documentação de Yubico sobre como configurar isso.
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! nota
+Consulte o Tabela de Hardware para verificar se o seu dispositivo é suportado.
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! Recomendamos que você verifique o documentação de Yubico sobre como configurar isso.
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! nota
+Consulte o Tabela de Hardware para verificar se o seu dispositivo é suportado.
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! nota
+Consulte o Tabela de Hardware para verificar se o seu dispositivo é suportado.
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/pt/os/qubes-overview.md b/i18n/pt/os/qubes-overview.md
index a173a22d..820a7d80 100644
--- a/i18n/pt/os/qubes-overview.md
+++ b/i18n/pt/os/qubes-overview.md
@@ -49,6 +49,22 @@ Recomendamos armazenar uma chave de recuperação local em um local seguro, em v
The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Qubes which allows communication between domains. It is built on top of the Xen library *vchan*, which facilitates [isolation through policies](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Recursos Adicionais
For additional information we encourage you to consult the extensive Qubes OS documentation pages located on the [Qubes OS Website](https://www.qubes-os.org/doc/). Offline copies can be downloaded from the Qubes OS [documentation repository](https://github.com/QubesOS/qubes-doc).
diff --git a/i18n/pt/tools.md b/i18n/pt/tools.md
index e99af959..318341a5 100644
--- a/i18n/pt/tools.md
+++ b/i18n/pt/tools.md
@@ -157,6 +157,7 @@ Com base em vários critérios, [recomendamos](dns.md#recommended-providers) uma
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[Saiba mais :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ Recomendamos armazenar uma chave de recuperação local em um local seguro, em v
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ Recomendamos armazenar uma chave de recuperação local em um local seguro, em v
[Saiba mais :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[Saiba mais :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/pt/tor.md b/i18n/pt/tor.md
index 944745a1..c61a95f2 100644
--- a/i18n/pt/tor.md
+++ b/i18n/pt/tor.md
@@ -39,7 +39,16 @@ O Tor encaminha o seu tráfego de Internet através destes servidores operados p
## Ligar ao Tor
-Existem várias formas de se ligar à rede Tor a partir do seu dispositivo, sendo a mais utilizada o **Navegador Tor**, um fork do Firefox concebido para navegação anónima em computadores desktop e em dispositivos Android. Para além das aplicações abaixo listadas, existem também sistemas operativos concebidos especificamente para se ligarem à rede Tor, como o [Whonix](desktop.md#whonix) em [Qubes OS](desktop.md#qubes-os), que fornecem ainda mais segurança e proteções do que o browser Tor padrão.
+!!! aviso
+ Backup `BitLocker-Recovery-Key.txt` em um dispositivo de armazenamento separado.
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+Existem várias formas de se ligar à rede Tor a partir do seu dispositivo, sendo a mais utilizada o **Navegador Tor**, um fork do Firefox concebido para navegação anónima em computadores desktop e em dispositivos Android.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Browser Tor
@@ -70,6 +79,8 @@ Existem várias formas de se ligar à rede Tor a partir do seu dispositivo, send
O Tor foi concebido para evitar a recolha de impressões digitais, ou a sua identificação com base na configuração. Por esse motivo, é imperativo que **não** modifique o browser para além dos níveis de segurança predefinidos [](https://tb-manual.torproject.org/security-settings/).
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! nota
diff --git a/i18n/ru/advanced/tor-overview.md b/i18n/ru/advanced/tor-overview.md
index df23689e..4ca356da 100644
--- a/i18n/ru/advanced/tor-overview.md
+++ b/i18n/ru/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor - это бесплатная в использовании д
Tor - это бесплатная в использовании децентрализованная сеть, разработанная для использования интернета с максимально возможной степенью конфиденциальности. При правильном использовании сеть позволяет осуществлять частный и анонимный браузинг и общение.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Построение пути к сервисам Clearnet
"Сервисы Clearnet" - это веб-сайты, доступ к которым можно получить с помощью любого браузера, например [privacyguides.org](https://www.privacyguides.org). Tor позволяет вам анонимно подключаться к этим сайтам, направляя ваш трафик через сеть, состоящую из тысяч, управляемых волонтёрами, серверов, которые называются узлами (или ретрансляторами).
@@ -76,13 +156,34 @@ Tor позволяет нам подключаться к серверу так,
Хотя Tor обеспечивает надежные гарантии конфиденциальности, следует помнить, что Tor не совершенен:
-- Хорошо финансируемые противники, способные пассивно следить за большинством сетевого трафика по всему миру, имеют шанс деанонимизировать пользователей Tor с помощью продвинутого анализа трафика. Tor также не защищает вас от саморазоблачения по ошибке, например, если вы поделитесь слишком большой информацией о своей настоящей личности.
-- Выходные узлы Tor также могут отслеживать проходящий через них трафик. Это означает, что трафик, который не зашифрован, например, обычный трафик HTTP, можно записывать и отслеживать. Если такой трафик содержит персонально идентифицируемую информацию, то он может деанонимизировать вас для этого выходного узла. Таким образом, мы рекомендуем использовать HTTPS через Tor, где это возможно.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Выходные узлы Tor также могут отслеживать проходящий через них трафик. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
Если вы хотите использовать Tor для просмотра веб-страниц, мы рекомендуем только **официальный ** Tor Browser - он разработан для предотвращения цифровых отпечатков.
- [Tor Browser :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Дополнительные советы
- [Руководство пользователя Tor Browser](https://tb-manual.torproject.org)
diff --git a/i18n/ru/android.md b/i18n/ru/android.md
index f7ac8786..25ffe2bc 100644
--- a/i18n/ru/android.md
+++ b/i18n/ru/android.md
@@ -215,39 +215,6 @@ Google Pixel phones use a TEE OS called Trusty which is [open source](https://so
Используя Shelter, вы полностью доверяете его разработчику, поскольку Shelter действует как [администратор устройства](https://developer.android.com/guide/topics/admin/device-admin) для создания рабочего профиля и имеет широкий доступ к данным, хранящимся в рабочем профиле.
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor** - это приложение, использующее функции аппаратной безопасности для обеспечения контроля целостности устройства путем активного подтверждения личности устройства и целостности его операционной системы. В настоящее время оно работает только с GrapheneOS или стоковой операционной системой для [поддерживаемых устройств](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Домашняя страница](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Политика конфиденциальности" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Документация}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Исходный код" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Поддержать }
-
- ??? downloads "Скачать"
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor осуществляет аттестацию и обнаружение вторжений путем:
-
-- Использования модели [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) между *аудитором* и *аудируемым*, пара устанавливает приватныйключ в [аппаратное хранилище ключей](https://source.android.com/security/keystore/) *Auditor*.
-- *Аудитором* может быть либо другой экземпляр приложения Auditor, либо [Remote Attestation Service](https://attestation.app).
-- *Аудитор* записывает текущее состояние и конфигурацию *аудируемого* девайса.
-- Если операционная система *аудируемого* девайса изменяется после завершения сопряжения, аудитор заметит изменения в состоянии и конфигурации устройства.
-- Вы получите уведомление об изменении.
-
-В службу аттестации не передается информация, позволяющая установить личность. Мы рекомендуем вам зарегистрироваться с анонимной учетной записью и включить удаленную аттестацию для постоянного мониторинга.
-
-Если ваша [модель угроз](basics/threat-modeling.md) требует конфиденциальности, вы можете рассмотреть возможность использования [Orbot](tor.md#orbot) или VPN, чтобы скрыть свой IP-адрес от службы аттестации. Чтобы убедиться в подлинности оборудования и операционной системы, [проведите локальную аттестацию](https://grapheneos.org/install/web#verifying-installation) сразу после настройки устройства и до подключения к Интернету.
-
### Secure Camera
!!! recommendation
@@ -347,7 +314,7 @@ Aurora Store не позволяет загружать платные прил
### Вручную с помощью уведомлений RSS
-Для приложений, которые выпускаются на таких платформах, как GitHub и GitLab, вы можете добавить RSS-ленту в свой [агрегатор новостей](/news-aggregators), которая поможет вам отслеживать новые релизы.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/ru/basics/common-threats.md b/i18n/ru/basics/common-threats.md
index becdb615..2c681ca3 100644
--- a/i18n/ru/basics/common-threats.md
+++ b/i18n/ru/basics/common-threats.md
@@ -39,7 +39,7 @@ description: Модель угрозы уникальна для каждого,
Мобильные операционные системы, как правило, имеют лучшую "песочницу" для приложений, чем настольные операционные системы: приложения не могут получить root-доступ и требуют разрешения на доступ к системным ресурсам.
- Настольные операционные системы, как правило, отстают по части надлежащей "песочницы". ChromeOS имеет возможности "песочницы", аналогичные Android, а macOS имеет полный контроль системных разрешений (и разработчики могут отказаться от "песочницы" для приложений). Однако эти операционные системы передают идентифицирующую информацию своим соответствующим OEM-производителям. Linux, как правило, не предоставляет информацию поставщикам систем, но имеет слабую защиту от эксплойтов и вредоносных приложений. Это можно несколько смягчить с помощью специализированных дистрибутивов, которые в значительной степени используют виртуальные машины или контейнеры, например [Qubes OS](../../desktop/#qubes-os).
+ Настольные операционные системы, как правило, отстают по части надлежащей "песочницы". ChromeOS имеет возможности "песочницы", аналогичные Android, а macOS имеет полный контроль системных разрешений (и разработчики могут отказаться от "песочницы" для приложений). Однако эти операционные системы передают идентифицирующую информацию своим соответствующим OEM-производителям. Linux, как правило, не предоставляет информацию поставщикам систем, но имеет слабую защиту от эксплойтов и вредоносных приложений. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Целевые атаки
diff --git a/i18n/ru/basics/vpn-overview.md b/i18n/ru/basics/vpn-overview.md
index 4ae9050d..d4984918 100644
--- a/i18n/ru/basics/vpn-overview.md
+++ b/i18n/ru/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Виртуальные частные сети переносят риск от вашего провайдера на третью сторону, которой вы доверяете. Вам следует помнить об этих вещах.
---
-Виртуальные частные сети - это способ перенести выход вашей сети куда-либо в мире. Провайдер может видеть поток интернет-трафика, входящего и выходящего сетевого устройства (т.е. модема).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-В интернете широко используются протоколы шифрования, такие как HTTPS, поэтому интернет-провайдеры не могут видеть, что именно вы публикуете или читаете, но они могут получить представление о [посещаемых вами доменах](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-VPN может помочь, поскольку он может сместить доверие на сервер в другой точке мира. В результате провайдер видит только то, что вы подключены к VPN, и ничего о деятельности, которую вы проводите через VPN.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note "Примечание"
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## Следует ли мне использовать VPN?
-**Да**, если только вы уже не используете Tor. VPN делает две вещи: перенимает риски с вашего интернет-провайдера на себя и скрывает ваш IP от сторонних служб.
-
-VPN не могут шифровать данные за пределами соединения между вашим устройством и VPN-сервером. Провайдеры VPN могут видеть и изменять ваш трафик так же, как и ваш интернет-провайдер. И нет никакого способа проверить политику VPN-провайдера "без ведения логов".
-
-Однако они скрывают ваш реальный IP от сторонних служб, если нет утечки IP-адресов. Они помогают вам слиться с окружающими и смягчают отслеживание по IP-адресу.
-
-## Когда мне не следует использовать VPN?
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-Это может привести к срабатыванию систем обнаружения спама и мошенничества, например, если вы зашли на сайт своего банка.
-
-## А как насчет шифрования?
-
-Шифрование, предлагаемое провайдерами VPN, осуществляется между вашими устройствами и их серверами. Это гарантирует, что данная конкретная связь безопасна. Это шаг вперед от использования незашифрованных прокси-серверов, где сетевой противник может перехватить коммуникацию между вашими устройствами и указанными прокси-серверами и изменить её. Однако шифрование между вашими приложениями/браузерами и поставщиками услуг не обрабатывается этим шифрованием.
-
-Чтобы сохранить конфиденциальность и безопасность того, что вы делаете на посещаемых вами сайтах, необходимо использовать HTTPS. Это позволит сохранить ваши пароли, токены сессии и запросы в безопасности от провайдера VPN. Рассмотрите возможность включения "только HTTPS" в вашем браузере для смягчения атак, таких как [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Нужно ли мне использовать зашифрованный DNS вместе с VPN?
-
-Если ваш VPN-провайдер не хостит собственные зашифрованные DNS-серверы, то **нет**. Использование DOH/DOT (или любой другой формы зашифрованного DNS) со сторонними серверами просто добавит еще больше объектов для доверия и не сделает **абсолютно ничего** для улучшения вашей конфиденциальности/безопасности. Ваш провайдер VPN все еще может видеть, какие сайты вы посещаете, основываясь на IP-адресах и других методах. Вместо того чтобы доверять только своему VPN-провайдеру, теперь вы доверяете и VPN-провайдеру, и DNS-провайдеру.
-
-Распространенная причина для рекомендации зашифрованного DNS заключается в том, что он помогает противостоять подделке DNS. Однако ваш браузер уже должен проверять наличие [TLS сертификатов](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) с **HTTPS** и предупреждать вас об этом. Если вы не используете **HTTPS**, то злоумышленник все равно может просто модифицировать что угодно, кроме ваших DNS-запросов, и конечный результат будет немного отличаться.
-
-Само собой разумеется, **не следует использовать зашифрованные DNS с Tor**. Это позволит направить все ваши DNS-запросы через единую цепь и даст возможность провайдеру DNS с шифрованием деанонимизировать вас.
-
-## Следует ли мне использовать Tor *и* VPN?
-
-Используя VPN с Tor, вы создаете, по сути, постоянный входной узел, часто с привязкой к денежному следу. Это не дает вам никаких дополнительных преимуществ, но при этом значительно увеличивает поверхность атаки вашего соединения. Если вы хотите скрыть использование Tor от провайдера или правительства, в Tor есть встроенное решение для этого: мосты Tor. [Подробнее о мостах Tor и о том, почему использование VPN необязательно](../advanced/tor-overview.md).
-
-## А если мне нужна анонимность?
-
-VPN не могут обеспечить анонимность. Ваш VPN-провайдер все равно будет видеть ваш реальный IP-адрес, и часто у него есть денежный след, который может быть связан непосредственно с вами. Вы не можете полагаться на политику "никаких логов" для защиты своих данных. Вместо этого используйте [Tor](https://www.torproject.org/).
-
-## Как насчет VPN-провайдеров, которые предоставляют узлы Tor?
-
-Не используйте эту функцию. Смысл использования Tor заключается в том, что вы не доверяете своему VPN-провайдеру. В настоящее время Tor поддерживает только протокол [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol). [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (используется в [WebRTC](https://en.wikipedia.org/wiki/WebRTC) для обмена голосом и видео, новом [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) протоколе и т.д.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) и другие пакеты будут отброшены. Чтобы компенсировать это, провайдеры VPN обычно направляют все пакеты, не относящиеся к TCP, через свой VPN-сервер (первый путь вашего трафика). Это случай с [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Кроме того, при использовании функции Tor через VPN вы не сможете контролировать другие важные функции Tor, например [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (использование отдельной цепи Tor для каждого посещаемого вами домена).
-
-Эту функцию следует рассматривать как удобный способ доступа к сети Tor, а не для сохранения анонимности. Для обеспечения анонимности используйте браузер Tor, TorSocks или шлюз Tor.
-
-## Когда VPN полезны?
-
-VPN может оказаться полезным для вас в различных сценариях, например:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Скрывать ваш трафик **только** от вашего интернет-провайдера.
1. Скрывать ваши загрузки (например, торренты) от провайдера и антипиратских организаций.
-1. Скрывать ваш IP от сторонних веб-сайтов и служб, предотвращение отслеживания на основе IP.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-Для подобных ситуаций, или если у вас есть другая веская причина, VPN-провайдеры, перечисленные выше, по нашему мнению, являются наиболее надежными. Однако использование VPN-провайдера все равно означает, что вы *доверяете* провайдеру. В практически любом другом сценарии вы должны использовать безопасный**-по-дизайну** инструмент, такой как Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Источники и дополнительное чтение
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. И нет никакого способа проверить политику VPN-провайдера "без ведения логов".
-1. [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
-1. [Tor Network Overview](../advanced/tor-overview.md)
-1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-1. ["Do I need a VPN?"](https://www.doineedavpn.com), a tool developed by IVPN to challenge aggressive VPN marketing by helping individuals decide if a VPN is right for them.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Это может привести к срабатыванию систем обнаружения спама и мошенничества, например, если вы зашли на сайт своего банка.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. Чтобы сохранить конфиденциальность и безопасность того, что вы делаете на посещаемых вами сайтах, необходимо использовать HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Нужно ли мне использовать зашифрованный DNS вместе с VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Ваш провайдер VPN все еще может видеть, какие сайты вы посещаете, основываясь на IP-адресах и других методах. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. Однако ваш браузер уже должен проверять наличие [TLS сертификатов](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) с **HTTPS** и предупреждать вас об этом. Если вы не используете **HTTPS**, то злоумышленник все равно может просто модифицировать что угодно, кроме ваших DNS-запросов, и конечный результат будет немного отличаться.
+
+## Следует ли мне использовать Tor *и* VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. Чтобы компенсировать это, провайдеры VPN обычно направляют все пакеты, не относящиеся к TCP, через свой VPN-сервер (первый путь вашего трафика). Это случай с [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Кроме того, при использовании функции Tor через VPN вы не сможете контролировать другие важные функции Tor, например [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (использование отдельной цепи Tor для каждого посещаемого вами домена).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Связанная информация о VPN
@@ -76,3 +112,4 @@ VPN может оказаться полезным для вас в различ
- [Free VPN App Investigation](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Hidden VPN owners unveiled: 101 VPN products run by just 23 companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [This Chinese company is secretly behind 24 popular apps seeking dangerous permissions](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
diff --git a/i18n/ru/desktop.md b/i18n/ru/desktop.md
index 609de0ed..b99c876e 100644
--- a/i18n/ru/desktop.md
+++ b/i18n/ru/desktop.md
@@ -120,11 +120,9 @@ Nix - это менеджер пакетов на основе исходных
Whonix предназначен для запуска в виде двух виртуальных машин: "Рабочая" и "Шлюз Tor." Все соединения рабочей станции должны проходить через шлюз Tor. Это означает, даже если рабочая станция будет скомпрометирована каким-либо вредоносным ПО, настоящий IP-адрес останется скрытым.
-Некоторые из его возможностей включают изоляцию потока Tor, [анонимизацию нажатия клавиш](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [зашифрованный swap](https://github.com/Whonix/swap-file-creator), а также усиленный распределитель памяти.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Будущие версии Whonix, вероятно, будут включать [полные системные политики AppArmor](https://github.com/Whonix/apparmor-profile-everything) и [программу запуска приложений в песочнице](https://www.whonix.org/wiki/Sandbox-app-launcher) для полного ограничения всех процессов в системе.
-
-Whonix лучше всего использовать [в сочетании с Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix имеет различные [недостатки](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) по сравнению с другими гипервизорами.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/ru/device-integrity.md b/i18n/ru/device-integrity.md
new file mode 100644
index 00000000..921fb053
--- /dev/null
+++ b/i18n/ru/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! recommendation
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning "Осторожно"
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning "Осторожно"
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning "Осторожно"
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/ru/os/qubes-overview.md b/i18n/ru/os/qubes-overview.md
index a4fcfa20..7cdeab30 100644
--- a/i18n/ru/os/qubes-overview.md
+++ b/i18n/ru/os/qubes-overview.md
@@ -49,6 +49,22 @@ To copy and paste files and directories (folders) from one *qube* to another, yo
The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Qubes which allows communication between domains. Он построен на базе библиотеки Xen *vchan*, которая обеспечивает изоляцию [с помощью политик](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Дополнительные советы
Для получения дополнительной информации мы рекомендуем вам обратиться к обширной документации Qubes OS, расположенной на сайте [Qubes OS Website](https://www.qubes-os.org/doc/). Офлайн копии можно загрузить из [репозитория документации](https://github.com/QubesOS/qubes-doc) Qubes OS.
diff --git a/i18n/ru/tools.md b/i18n/ru/tools.md
index 9210c4ab..110a0357 100644
--- a/i18n/ru/tools.md
+++ b/i18n/ru/tools.md
@@ -157,6 +157,7 @@ description: Privacy Guides - это самый прозрачный и наде
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[Узнать больше :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ description: Privacy Guides - это самый прозрачный и наде
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ description: Privacy Guides - это самый прозрачный и наде
[Узнать больше :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[Узнать больше :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/ru/tor.md b/i18n/ru/tor.md
index c4ff8110..4e30948b 100644
--- a/i18n/ru/tor.md
+++ b/i18n/ru/tor.md
@@ -39,7 +39,15 @@ Tor работает, направляя твой трафик через эти
## Подключение к Tor
-Существует множество способов подключения к сети Tor с твоего устройства, наиболее распространенным из которых является **Tor Browser**, форк Firefox, предназначенный для анонимного просмотра веб-страниц на настольных компьютерах и Android. Помимо перечисленных ниже приложений, существуют также операционные системы, разработанные специально для подключения к сети Tor, такие как [Whonix](desktop.md#whonix) или [Qubes OS](desktop.md#qubes-os), которые обеспечивают еще большую безопасность и защиту, чем стандартный Tor Browser.
+!!! tip "Совет"
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+Существует множество способов подключения к сети Tor с твоего устройства, наиболее распространенным из которых является **Tor Browser**, форк Firefox, предназначенный для анонимного просмотра веб-страниц на настольных компьютерах и Android.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor Browser
@@ -69,6 +77,8 @@ Tor работает, направляя твой трафик через эти
Браузер Tor предназначен для предотвращения "отпечатков браузера", или идентификации тебя на основе конфигурации твоего браузера. Поэтому крайне важно, чтобы ты **не** изменял браузер, помимо установленных по умолчанию [уровней безопасности](https://tb-manual.torproject.org/ru/security-settings/).
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! recommendation
diff --git a/i18n/sv/advanced/tor-overview.md b/i18n/sv/advanced/tor-overview.md
index 00c51ec6..a123abae 100644
--- a/i18n/sv/advanced/tor-overview.md
+++ b/i18n/sv/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor är ett decentraliserat nätverk som är gratis att använda oc
Tor är ett decentraliserat nätverk som är gratis att använda och som är utformat för att använda internet med så mycket integritet som möjligt. Om nätverket används på rätt sätt möjliggör det privat och anonym surfning och kommunikation.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Path Building to Clearnet Services
"Clearnet services" are websites which you can access with any browser, like [privacyguides.org](https://www.privacyguides.org). Tor lets you connect to these websites anonymously by routing your traffic through a network comprised of thousands of volunteer-run servers called nodes (or relays).
@@ -76,13 +156,34 @@ Tor allows us to connect to a server without any single party knowing the entire
Though Tor does provide strong privacy guarantees, one must be aware that Tor is not perfect:
-- Välfinansierade motståndare som har möjlighet att passivt övervaka den mesta nätverkstrafiken över hela världen har en chans att avanonymisera Tor-användare med hjälp av avancerad trafikanalys. Tor skyddar dig inte heller från att avslöja dig själv av misstag, till exempel om du delar för mycket information om din verkliga identitet.
-- Tor-utgångsnoderna kan också övervaka trafiken som passerar genom dem. Detta innebär att trafik som inte är krypterad, såsom vanlig HTTP-trafik, kan registreras och övervakas. Om sådan trafik innehåller personligt identifierbar information kan den avanonymisera dig till den utgångsnoden. Därför rekommenderar vi att du använder https över Tor där det är möjligt.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Tor-utgångsnoderna kan också övervaka trafiken som passerar genom dem. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
Om du vill använda Tor för att surfa på webben rekommenderar vi endast den officiella **** Tor Browser - den är utformad för att förhindra fingeravtryck.
- [Läs mer :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Ytterligare resurser
- [Användarhandbok för Tor Browser](https://tb-manual.torproject.org)
diff --git a/i18n/sv/android.md b/i18n/sv/android.md
index 2e17df87..5874002b 100644
--- a/i18n/sv/android.md
+++ b/i18n/sv/android.md
@@ -215,39 +215,6 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
-
- ??? downloads
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor performs attestation and intrusion detection by:
-
-- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
-- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
-- The *auditor* records the current state and configuration of the *auditee*.
-- Should tampering with the operating system of the *auditee* happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
-- You will be alerted to the change.
-
-No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
-
-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
-
### Secure Camera
!!! recommendation
@@ -347,7 +314,7 @@ Aurora Store does not allow you to download paid apps with their anonymous accou
### Manually with RSS Notifications
-For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](/news-aggregators) that will help you keep track of new releases.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/sv/basics/common-threats.md b/i18n/sv/basics/common-threats.md
index d01dc000..04f36b36 100644
--- a/i18n/sv/basics/common-threats.md
+++ b/i18n/sv/basics/common-threats.md
@@ -39,7 +39,7 @@ För att minimera den skada som en skadlig programvara ** kan orsaka bör du anv
Mobila operativsystem har i allmänhet bättre applikationssandlåda än stationära operativsystem: Appar kan inte få root-åtkomst och kräver tillstånd för åtkomst till systemresurser.
- Skrivbordsoperativsystem släpar i allmänhet efter vid korrekt sandlåda. ChromeOS har liknande sandlådor som Android och macOS har fullständig kontroll över systembehörigheter (och utvecklare kan välja att sandlådor ska användas för program). Dessa operativsystem överför dock identifieringsinformation till sina respektive OEM-tillverkare. Linux tenderar att inte lämna information till systemleverantörer, men har dåligt skydd mot exploateringar och skadliga program. Detta kan mildras något med specialiserade distributioner som i stor utsträckning använder sig av virtuella maskiner eller behållare, såsom [Qubes OS](../../desktop/#qubes-os).
+ Skrivbordsoperativsystem släpar i allmänhet efter vid korrekt sandlåda. ChromeOS har liknande sandlådor som Android och macOS har fullständig kontroll över systembehörigheter (och utvecklare kan välja att sandlådor ska användas för program). Dessa operativsystem överför dock identifieringsinformation till sina respektive OEM-tillverkare. Linux tenderar att inte lämna information till systemleverantörer, men har dåligt skydd mot exploateringar och skadliga program. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Riktade attacker
diff --git a/i18n/sv/basics/vpn-overview.md b/i18n/sv/basics/vpn-overview.md
index d315a78d..e0f0a52a 100644
--- a/i18n/sv/basics/vpn-overview.md
+++ b/i18n/sv/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Virtual Private Networks shift risk away from your ISP to a third-party you trust. You should keep these things in mind.
---
-Virtuella privata nätverk är ett sätt att förlänga slutet av ditt nätverk till en utgång någon annanstans i världen. En internetleverantör kan se flödet av internettrafik som kommer in i och ut ur din nätverksavslutningsenhet (dvs. modem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-En VPN kan hjälpa dig eftersom den kan flytta förtroendet till en server någon annanstans i världen. ISP: n ser då bara att du är ansluten till en VPN och ingenting om den aktivitet som du skickar in i den.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! anmärkning
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## Ska jag använda en VPN?
-**Ja**, om du inte redan använder Tor. En VPN gör två saker: den flyttar riskerna från din Internetleverantör till sig själv och döljer din IP för en tredjepartstjänst.
-
-VPN-tjänster kan inte kryptera data utanför anslutningen mellan din enhet och VPN-servern. VPN-leverantörer kan se och ändra din trafik på samma sätt som din internetleverantör. Och det finns inget sätt att verifiera en VPN-leverantörs policy om "ingen loggning" på något sätt.
-
-De döljer dock din faktiska IP-adress för en tredjepartstjänst, förutsatt att det inte finns några IP-läckor. De hjälper dig att smälta in bland andra och minskar IP-baserad spårning.
-
-## När ska jag inte använda en VPN?
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-Om du gör det kan det utlösa system för att upptäcka skräppost och bedrägerier, till exempel om du skulle logga in på din banks webbplats.
-
-## Hur är det med kryptering?
-
-Den kryptering som erbjuds av VPN-leverantörer sker mellan dina enheter och deras servrar. Det garanterar att den specifika länken är säker. Detta är ett steg upp från att använda okrypterade proxies där en motståndare i nätverket kan avlyssna kommunikationen mellan dina enheter och proxies och ändra den. Kryptering mellan dina appar eller webbläsare och tjänsteleverantörerna hanteras dock inte av denna kryptering.
-
-För att det du gör på de webbplatser du besöker ska vara privat och säkert måste du använda HTTPS. Detta kommer att hålla dina lösenord, sessionstoken och frågor säkra från VPN-leverantören. Överväg att aktivera "HTTPS everywhere" i webbläsaren för att förhindra nedgraderingsattacker som [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Ska jag använda krypterad DNS med en VPN?
-
-Om inte din VPN-leverantör är värd för de krypterade DNS-servrarna finns **ingen**. Att använda DOH/DOT (eller någon annan form av krypterad DNS) med servrar från tredje part innebär helt enkelt att fler enheter måste lita på och gör **absolut ingenting** för att förbättra din integritet/säkerhet. Din VPN-leverantör kan fortfarande se vilka webbplatser du besöker baserat på IP-adresser och andra metoder. I stället för att bara lita på din VPN-leverantör litar du nu på både VPN-leverantören och DNSleverantören.
-
-Ett vanligt skäl att rekommendera krypterad DNS är att det hjälper mot DNS-spoofing. Din webbläsare bör dock redan kontrollera om [TLS-certifikat](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) med **HTTPS** och varna dig för det. Om du inte använder **HTTPS**kan en motståndare fortfarande ändra allt annat än dina DNS-frågor och slutresultatet blir inte mycket annorlunda.
-
-Självfallet bör du **inte använda krypterad DNS med Tor**. Detta skulle leda alla dina DNS-förfrågningar genom en enda krets och göra det möjligt för den krypterade DNS-leverantören att avanonymisera dig.
-
-## Ska jag använda Tor *och* en VPN?
-
-Genom att använda en VPN med Tor skapar du i princip en permanent ingångsnod, ofta med en pengastig kopplad till den. Detta ger inga ytterligare fördelar för dig, samtidigt som angreppsytan för din anslutning ökar dramatiskt. Om du vill dölja din användning av Tor för din internetleverantör eller din regering har Tor en inbyggd lösning för detta: Tor bridges. [Läs mer om Tor bridges och varför det inte är nödvändigt att använda en VPN](../advanced/tor-overview.md).
-
-## Vad händer om jag behöver anonymitet?
-
-VPN-tjänster kan inte ge anonymitet. Din VPN-leverantör ser fortfarande din riktiga IP-adress och har ofta ett pengaspår som kan kopplas direkt till dig. Du kan inte förlita dig på att policyer för "ingen loggning" skyddar dina uppgifter. Använd istället [Tor](https://www.torproject.org/).
-
-## Hur är det med VPN-leverantörer som tillhandahåller Tor-noder?
-
-Använd inte den här funktionen. Poängen med att använda Tor är att du inte litar på din VPN-leverantör. För närvarande stöder Tor endast [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) -protokollet. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. För att kompensera för detta dirigerar VPN-leverantörer vanligtvis alla paket som inte är TCP-paket genom sin VPN-server (ditt första hopp). Detta är fallet med [ProtonVPN](https://protonvpn.com/support/tor-vpn/). När du använder denna Tor-över-VPN-inställning har du inte heller kontroll över andra viktiga Tor-funktioner, t.ex. [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (använder en annan Tor-krets för varje domän du besöker).
-
-Funktionen bör ses som ett bekvämt sätt att komma åt Tor-nätverket, inte att vara anonym. För riktig anonymitet ska du använda Tor Browser, TorSocks eller en Tor-gateway.
-
-## När är VPN-tjänster användbara?
-
-En VPN kan fortfarande vara användbar för dig i en rad olika situationer, till exempel:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Om du döljer din trafik från **kan du bara** din Internetleverantör.
1. Dölja dina nedladdningar (t. ex. torrents) för din internetleverantör och organisationer som bekämpar piratkopiering.
-1. Dölja din IP-adress från webbplatser och tjänster från tredje part och förhindra IP-baserad spårning.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-I sådana situationer, eller om du har en annan övertygande anledning, är de VPN-leverantörer som vi listat ovan de som vi anser vara mest pålitliga. Att använda en VPN-leverantör innebär dock fortfarande att du *litar på* leverantören. I nästan alla andra situationer bör du använda ett säkert**-by-design** verktyg som Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Källor och vidare läsning
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. Och det finns inget sätt att verifiera en VPN-leverantörs policy om "ingen loggning" på något sätt.
-1. [VPN - en mycket osäker berättelse](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) av Dennis Schubert
-1. [Översikt över Tor-nätverket](../advanced/tor-overview.md)
-1. [IVPN sekretessguider](https://www.ivpn.net/privacy-guides)
-1. ["Behöver jag en VPN?"](https://www.doineedavpn.com), ett verktyg som utvecklats av IVPN för att utmana aggressiv VPN-marknadsföring genom att hjälpa enskilda personer att avgöra om en VPN är rätt för dem.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Om du gör det kan det utlösa system för att upptäcka skräppost och bedrägerier, till exempel om du skulle logga in på din banks webbplats.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. För att det du gör på de webbplatser du besöker ska vara privat och säkert måste du använda HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Ska jag använda krypterad DNS med en VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Din VPN-leverantör kan fortfarande se vilka webbplatser du besöker baserat på IP-adresser och andra metoder. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. Din webbläsare bör dock redan kontrollera om [TLS-certifikat](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) med **HTTPS** och varna dig för det. Om du inte använder **HTTPS**kan en motståndare fortfarande ändra allt annat än dina DNS-frågor och slutresultatet blir inte mycket annorlunda.
+
+## Ska jag använda Tor *och* en VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. För att kompensera för detta dirigerar VPN-leverantörer vanligtvis alla paket som inte är TCP-paket genom sin VPN-server (ditt första hopp). Detta är fallet med [ProtonVPN](https://protonvpn.com/support/tor-vpn/). När du använder denna Tor-över-VPN-inställning har du inte heller kontroll över andra viktiga Tor-funktioner, t.ex. [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (använder en annan Tor-krets för varje domän du besöker).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Relevant information
@@ -76,3 +112,4 @@ I sådana situationer, eller om du har en annan övertygande anledning, är de V
- [Undersökning av gratis VPN-app](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Dolda VPN-ägare avslöjas: 101 VPN-produkter som drivs av endast 23 företag](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [Det här kinesiska företaget ligger i hemlighet bakom 24 populära appar som kräver farliga behörigheter](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - en mycket osäker berättelse](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) av Dennis Schubert
diff --git a/i18n/sv/desktop.md b/i18n/sv/desktop.md
index 89af8e6f..b84daa29 100644
--- a/i18n/sv/desktop.md
+++ b/i18n/sv/desktop.md
@@ -120,11 +120,9 @@ Nix is a source-based package manager; if there’s no pre-built available in th
Whonix is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden.
-Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-
-Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix has various [disadvantages](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) when compared to other hypervisors.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/sv/device-integrity.md b/i18n/sv/device-integrity.md
new file mode 100644
index 00000000..a35be1a4
--- /dev/null
+++ b/i18n/sv/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! fara
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! varning
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! varning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! varning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/sv/os/qubes-overview.md b/i18n/sv/os/qubes-overview.md
index 5c33e4f3..2c63bc16 100644
--- a/i18n/sv/os/qubes-overview.md
+++ b/i18n/sv/os/qubes-overview.md
@@ -49,6 +49,22 @@ To copy and paste files and directories (folders) from one *qube* to another, yo
The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Qubes which allows communication between domains. Det bygger på Xen-biblioteket *vchan*, som underlättar [isolering genom policyer](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Ytterligare resurser
För ytterligare information rekommenderar vi att du konsulterar de omfattande Qubes OS-dokumentationssidorna som finns på webbplatsen [Qubes OS](https://www.qubes-os.org/doc/). Offlinekopior kan laddas ner från dokumentationsarkivet för Qubes OS [](https://github.com/QubesOS/qubes-doc).
diff --git a/i18n/sv/tools.md b/i18n/sv/tools.md
index c9bf28b5..ecd0fb41 100644
--- a/i18n/sv/tools.md
+++ b/i18n/sv/tools.md
@@ -157,6 +157,7 @@ Vi [rekommenderar](dns.md#recommended-providers) ett antal krypterade DNS-servra
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[Läs mer :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ Vi [rekommenderar](dns.md#recommended-providers) ett antal krypterade DNS-servra
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ Vi [rekommenderar](dns.md#recommended-providers) ett antal krypterade DNS-servra
[Läs mer :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[Läs mer :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/sv/tor.md b/i18n/sv/tor.md
index 75ecbfad..b1a3d7b8 100644
--- a/i18n/sv/tor.md
+++ b/i18n/sv/tor.md
@@ -39,7 +39,15 @@ Tor works by routing your internet traffic through those volunteer-operated serv
## Connecting to Tor
-There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android. In addition to the apps listed below, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser.
+!!! tips
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor Browser
@@ -69,6 +77,8 @@ There are a variety of ways to connect to the Tor network from your device, the
The Tor Browser is designed to prevent fingerprinting, or identifying you based on your browser configuration. Therefore, it is imperative that you do **not** modify the browser beyond the default [security levels](https://tb-manual.torproject.org/security-settings/).
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! recommendation
diff --git a/i18n/tr/advanced/tor-overview.md b/i18n/tr/advanced/tor-overview.md
index e0c5b08b..3a642929 100644
--- a/i18n/tr/advanced/tor-overview.md
+++ b/i18n/tr/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor is a free to use, decentralized network designed for using the
Tor is a free to use, decentralized network designed for using the internet with as much privacy as possible. If used properly, the network enables private and anonymous browsing and communications.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Path Building to Clearnet Services
"Clearnet services" are websites which you can access with any browser, like [privacyguides.org](https://www.privacyguides.org). Tor lets you connect to these websites anonymously by routing your traffic through a network comprised of thousands of volunteer-run servers called nodes (or relays).
@@ -76,13 +156,34 @@ Tor allows us to connect to a server without any single party knowing the entire
Though Tor does provide strong privacy guarantees, one must be aware that Tor is not perfect:
-- Well-funded adversaries with the capability to passively watch most network traffic over the globe have a chance of deanonymizing Tor users by means of advanced traffic analysis. Nor does Tor protect you from exposing yourself by mistake, such as if you share too much information about your real identity.
-- Tor exit nodes can also monitor traffic that passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be recorded and monitored. If such traffic contains personally identifiable information, then it can deanonymize you to that exit node. Thus, we recommend using HTTPS over Tor where possible.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Tor exit nodes can also monitor traffic that passes through them. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
If you wish to use Tor for browsing the web, we only recommend the **official** Tor Browser—it is designed to prevent fingerprinting.
- [Tor Browser :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Additional Resources
- [Tor Browser User Manual](https://tb-manual.torproject.org)
diff --git a/i18n/tr/android.md b/i18n/tr/android.md
index 2c761d40..653156ca 100644
--- a/i18n/tr/android.md
+++ b/i18n/tr/android.md
@@ -215,39 +215,6 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
-### Auditor
-
-!!! öneri
-
- { align=right }
- { align=right }
-
- **Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
-
- ??? downloads
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor performs attestation and intrusion detection by:
-
-- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
-- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
-- The *auditor* records the current state and configuration of the *auditee*.
-- Should tampering with the operating system of the *auditee* happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
-- You will be alerted to the change.
-
-No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
-
-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
-
### Secure Camera
!!! öneri
@@ -347,7 +314,7 @@ Aurora Store does not allow you to download paid apps with their anonymous accou
### Manually with RSS Notifications
-For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](/news-aggregators) that will help you keep track of new releases.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/tr/basics/common-threats.md b/i18n/tr/basics/common-threats.md
index e278c0cb..9776a47b 100644
--- a/i18n/tr/basics/common-threats.md
+++ b/i18n/tr/basics/common-threats.md
@@ -39,7 +39,7 @@ To minimize the damage that a malicious piece of software *could* do, you should
Mobile operating systems generally have better application sandboxing than desktop operating systems: Apps can't obtain root access, and require permission for access to system resources.
- Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../../desktop/#qubes-os).
+ Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Targeted Attacks
diff --git a/i18n/tr/basics/vpn-overview.md b/i18n/tr/basics/vpn-overview.md
index d057a1ae..2f34dd6e 100644
--- a/i18n/tr/basics/vpn-overview.md
+++ b/i18n/tr/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Virtual Private Networks shift risk away from your ISP to a third-party you trust. You should keep these things in mind.
---
-Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world. An ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-A VPN can help as it can shift trust to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing into it.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## Should I use a VPN?
-**Yes**, unless you are already using Tor. A VPN does two things: shifting the risks from your Internet Service Provider to itself and hiding your IP from a third-party service.
-
-VPNs cannot encrypt data outside of the connection between your device and the VPN server. VPN providers can see and modify your traffic the same way your ISP could. And there is no way to verify a VPN provider's "no logging" policies in any way.
-
-However, they do hide your actual IP from a third-party service, provided that there are no IP leaks. They help you blend in with others and mitigate IP based tracking.
-
-## When shouldn't I use a VPN?
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
-
-## What about encryption?
-
-Encryption offered by VPN providers are between your devices and their servers. It guarantees that this specific link is secure. This is a step up from using unencrypted proxies where an adversary on the network can intercept the communications between your devices and said proxies and modify them. However, encryption between your apps or browsers with the service providers are not handled by this encryption.
-
-In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider. Consider enabling "HTTPS everywhere" in your browser to mitigate downgrade attacks like [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Should I use encrypted DNS with a VPN?
-
-Unless your VPN provider hosts the encrypted DNS servers, **no**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust and does **absolutely nothing** to improve your privacy/security. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. Instead of just trusting your VPN provider, you are now trusting both the VPN provider and the DNS provider.
-
-A common reason to recommend encrypted DNS is that it helps against DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
-
-Needless to say, **you shouldn't use encrypted DNS with Tor**. This would direct all of your DNS requests through a single circuit and would allow the encrypted DNS provider to deanonymize you.
-
-## Should I use Tor *and* a VPN?
-
-By using a VPN with Tor, you're creating essentially a permanent entry node, often with a money trail attached. This provides zero additional benefits to you, while increasing the attack surface of your connection dramatically. If you wish to hide your Tor usage from your ISP or your government, Tor has a built-in solution for that: Tor bridges. [Read more about Tor bridges and why using a VPN is not necessary](../advanced/tor-overview.md).
-
-## What if I need anonymity?
-
-VPNs cannot provide anonymity. Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data. Use [Tor](https://www.torproject.org/) instead.
-
-## What about VPN providers that provide Tor nodes?
-
-Do not use that feature. The point of using Tor is that you do not trust your VPN provider. Currently Tor only supports the [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
-
-The feature should be viewed as a convenient way to access the Tor Network, not to stay anonymous. For proper anonymity, use the Tor Browser, TorSocks, or a Tor gateway.
-
-## When are VPNs useful?
-
-A VPN may still be useful to you in a variety of scenarios, such as:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Hiding your traffic from **only** your Internet Service Provider.
1. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
-1. Hiding your IP from third-party websites and services, preventing IP based tracking.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-For situations like these, or if you have another compelling reason, the VPN providers we listed above are who we think are the most trustworthy. However, using a VPN provider still means you're *trusting* the provider. In pretty much any other scenario you should be using a secure**-by-design** tool such as Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Sources and Further Reading
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. And there is no way to verify a VPN provider's "no logging" policies in any way.
-1. [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
-1. [Tor Network Overview](../advanced/tor-overview.md)
-1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-1. ["Do I need a VPN?"](https://www.doineedavpn.com), a tool developed by IVPN to challenge aggressive VPN marketing by helping individuals decide if a VPN is right for them.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Should I use encrypted DNS with a VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
+
+## Should I use Tor *and* a VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Related VPN Information
@@ -76,3 +112,4 @@ For situations like these, or if you have another compelling reason, the VPN pro
- [Free VPN App Investigation](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Hidden VPN owners unveiled: 101 VPN products run by just 23 companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [This Chinese company is secretly behind 24 popular apps seeking dangerous permissions](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
diff --git a/i18n/tr/desktop.md b/i18n/tr/desktop.md
index b64a1598..09a14a4d 100644
--- a/i18n/tr/desktop.md
+++ b/i18n/tr/desktop.md
@@ -120,11 +120,9 @@ Nix is a source-based package manager; if there’s no pre-built available in th
Whonix is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden.
-Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-
-Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix has various [disadvantages](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) when compared to other hypervisors.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/tr/device-integrity.md b/i18n/tr/device-integrity.md
new file mode 100644
index 00000000..19a76803
--- /dev/null
+++ b/i18n/tr/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! öneri
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! öneri
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! öneri
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! öneri
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! öneri
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/tr/os/qubes-overview.md b/i18n/tr/os/qubes-overview.md
index a255bd21..0a3a095a 100644
--- a/i18n/tr/os/qubes-overview.md
+++ b/i18n/tr/os/qubes-overview.md
@@ -49,6 +49,22 @@ To copy and paste files and directories (folders) from one *qube* to another, yo
The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Qubes which allows communication between domains. It is built on top of the Xen library *vchan*, which facilitates [isolation through policies](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Additional Resources
For additional information we encourage you to consult the extensive Qubes OS documentation pages located on the [Qubes OS Website](https://www.qubes-os.org/doc/). Offline copies can be downloaded from the Qubes OS [documentation repository](https://github.com/QubesOS/qubes-doc).
diff --git a/i18n/tr/tools.md b/i18n/tr/tools.md
index c9d713bb..e37463d3 100644
--- a/i18n/tr/tools.md
+++ b/i18n/tr/tools.md
@@ -157,6 +157,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[Learn more :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
[Learn more :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[Learn more :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/tr/tor.md b/i18n/tr/tor.md
index 665a715e..fd05aa56 100644
--- a/i18n/tr/tor.md
+++ b/i18n/tr/tor.md
@@ -39,7 +39,15 @@ Tor works by routing your internet traffic through those volunteer-operated serv
## Connecting to Tor
-There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android. In addition to the apps listed below, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser.
+!!! tip
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor Tarayıcı
@@ -69,6 +77,8 @@ There are a variety of ways to connect to the Tor network from your device, the
The Tor Browser is designed to prevent fingerprinting, or identifying you based on your browser configuration. Therefore, it is imperative that you do **not** modify the browser beyond the default [security levels](https://tb-manual.torproject.org/security-settings/).
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! öneri
diff --git a/i18n/uk/advanced/tor-overview.md b/i18n/uk/advanced/tor-overview.md
index e0c5b08b..3a642929 100644
--- a/i18n/uk/advanced/tor-overview.md
+++ b/i18n/uk/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor is a free to use, decentralized network designed for using the
Tor is a free to use, decentralized network designed for using the internet with as much privacy as possible. If used properly, the network enables private and anonymous browsing and communications.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Path Building to Clearnet Services
"Clearnet services" are websites which you can access with any browser, like [privacyguides.org](https://www.privacyguides.org). Tor lets you connect to these websites anonymously by routing your traffic through a network comprised of thousands of volunteer-run servers called nodes (or relays).
@@ -76,13 +156,34 @@ Tor allows us to connect to a server without any single party knowing the entire
Though Tor does provide strong privacy guarantees, one must be aware that Tor is not perfect:
-- Well-funded adversaries with the capability to passively watch most network traffic over the globe have a chance of deanonymizing Tor users by means of advanced traffic analysis. Nor does Tor protect you from exposing yourself by mistake, such as if you share too much information about your real identity.
-- Tor exit nodes can also monitor traffic that passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be recorded and monitored. If such traffic contains personally identifiable information, then it can deanonymize you to that exit node. Thus, we recommend using HTTPS over Tor where possible.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Tor exit nodes can also monitor traffic that passes through them. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
If you wish to use Tor for browsing the web, we only recommend the **official** Tor Browser—it is designed to prevent fingerprinting.
- [Tor Browser :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Additional Resources
- [Tor Browser User Manual](https://tb-manual.torproject.org)
diff --git a/i18n/uk/android.md b/i18n/uk/android.md
index 67044294..7e378c7a 100644
--- a/i18n/uk/android.md
+++ b/i18n/uk/android.md
@@ -215,39 +215,6 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
-### Auditor
-
-!!! рекомендації
-
- { align=right }
- { align=right }
-
- **Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
-
- ??? downloads
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor performs attestation and intrusion detection by:
-
-- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
-- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
-- The *auditor* records the current state and configuration of the *auditee*.
-- Should tampering with the operating system of the *auditee* happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
-- You will be alerted to the change.
-
-No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
-
-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
-
### Secure Camera
!!! рекомендації
@@ -347,7 +314,7 @@ Aurora Store does not allow you to download paid apps with their anonymous accou
### Manually with RSS Notifications
-For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](/news-aggregators) that will help you keep track of new releases.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/uk/basics/common-threats.md b/i18n/uk/basics/common-threats.md
index 6dc06868..80373eee 100644
--- a/i18n/uk/basics/common-threats.md
+++ b/i18n/uk/basics/common-threats.md
@@ -39,7 +39,7 @@ description: Ваша модель загроз є особистою, але ц
Мобільні операційні системи зазвичай мають кращу ізоляцію додатків, ніж операційні системи для ПК: програми не можуть отримати root-доступ і потребують дозволу для доступу до системних ресурсів.
- Десктопні операційні системи зазвичай відстають у створенні належної ізоляції. ChromeOS має схожі можливості ізоляції з Android, а macOS має повний контроль прав у системі (і розробники можуть ввімкнути ізоляцію додатків). Однак ці операційні системи передають ідентифікаційну інформацію відповідним виробникам обладнання. Linux, як правило, не надає інформацію постачальникам систем, але має слабкий захист від експлойтів та шкідливих програм. Цю проблему можна дещо пом'якшити за допомогою спеціалізованих дистрибутивів, які широко використовують віртуальні машини або контейнери, таких як [Qubes OS](../../desktop/#qubes-os).
+ Десктопні операційні системи зазвичай відстають у створенні належної ізоляції. ChromeOS має схожі можливості ізоляції з Android, а macOS має повний контроль прав у системі (і розробники можуть ввімкнути ізоляцію додатків). Однак ці операційні системи передають ідентифікаційну інформацію відповідним виробникам обладнання. Linux, як правило, не надає інформацію постачальникам систем, але має слабкий захист від експлойтів та шкідливих програм. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Цілеспрямовані атаки
diff --git a/i18n/uk/basics/vpn-overview.md b/i18n/uk/basics/vpn-overview.md
index d057a1ae..2f34dd6e 100644
--- a/i18n/uk/basics/vpn-overview.md
+++ b/i18n/uk/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Virtual Private Networks shift risk away from your ISP to a third-party you trust. You should keep these things in mind.
---
-Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world. An ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-A VPN can help as it can shift trust to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing into it.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## Should I use a VPN?
-**Yes**, unless you are already using Tor. A VPN does two things: shifting the risks from your Internet Service Provider to itself and hiding your IP from a third-party service.
-
-VPNs cannot encrypt data outside of the connection between your device and the VPN server. VPN providers can see and modify your traffic the same way your ISP could. And there is no way to verify a VPN provider's "no logging" policies in any way.
-
-However, they do hide your actual IP from a third-party service, provided that there are no IP leaks. They help you blend in with others and mitigate IP based tracking.
-
-## When shouldn't I use a VPN?
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
-
-## What about encryption?
-
-Encryption offered by VPN providers are between your devices and their servers. It guarantees that this specific link is secure. This is a step up from using unencrypted proxies where an adversary on the network can intercept the communications between your devices and said proxies and modify them. However, encryption between your apps or browsers with the service providers are not handled by this encryption.
-
-In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider. Consider enabling "HTTPS everywhere" in your browser to mitigate downgrade attacks like [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Should I use encrypted DNS with a VPN?
-
-Unless your VPN provider hosts the encrypted DNS servers, **no**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust and does **absolutely nothing** to improve your privacy/security. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. Instead of just trusting your VPN provider, you are now trusting both the VPN provider and the DNS provider.
-
-A common reason to recommend encrypted DNS is that it helps against DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
-
-Needless to say, **you shouldn't use encrypted DNS with Tor**. This would direct all of your DNS requests through a single circuit and would allow the encrypted DNS provider to deanonymize you.
-
-## Should I use Tor *and* a VPN?
-
-By using a VPN with Tor, you're creating essentially a permanent entry node, often with a money trail attached. This provides zero additional benefits to you, while increasing the attack surface of your connection dramatically. If you wish to hide your Tor usage from your ISP or your government, Tor has a built-in solution for that: Tor bridges. [Read more about Tor bridges and why using a VPN is not necessary](../advanced/tor-overview.md).
-
-## What if I need anonymity?
-
-VPNs cannot provide anonymity. Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data. Use [Tor](https://www.torproject.org/) instead.
-
-## What about VPN providers that provide Tor nodes?
-
-Do not use that feature. The point of using Tor is that you do not trust your VPN provider. Currently Tor only supports the [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
-
-The feature should be viewed as a convenient way to access the Tor Network, not to stay anonymous. For proper anonymity, use the Tor Browser, TorSocks, or a Tor gateway.
-
-## When are VPNs useful?
-
-A VPN may still be useful to you in a variety of scenarios, such as:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Hiding your traffic from **only** your Internet Service Provider.
1. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
-1. Hiding your IP from third-party websites and services, preventing IP based tracking.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-For situations like these, or if you have another compelling reason, the VPN providers we listed above are who we think are the most trustworthy. However, using a VPN provider still means you're *trusting* the provider. In pretty much any other scenario you should be using a secure**-by-design** tool such as Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Sources and Further Reading
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. And there is no way to verify a VPN provider's "no logging" policies in any way.
-1. [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
-1. [Tor Network Overview](../advanced/tor-overview.md)
-1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-1. ["Do I need a VPN?"](https://www.doineedavpn.com), a tool developed by IVPN to challenge aggressive VPN marketing by helping individuals decide if a VPN is right for them.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Should I use encrypted DNS with a VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
+
+## Should I use Tor *and* a VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Related VPN Information
@@ -76,3 +112,4 @@ For situations like these, or if you have another compelling reason, the VPN pro
- [Free VPN App Investigation](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Hidden VPN owners unveiled: 101 VPN products run by just 23 companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [This Chinese company is secretly behind 24 popular apps seeking dangerous permissions](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
diff --git a/i18n/uk/desktop.md b/i18n/uk/desktop.md
index 95d99862..69ac4eaa 100644
--- a/i18n/uk/desktop.md
+++ b/i18n/uk/desktop.md
@@ -120,11 +120,9 @@ Nix is a source-based package manager; if there’s no pre-built available in th
Whonix is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden.
-Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-
-Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix has various [disadvantages](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) when compared to other hypervisors.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/uk/device-integrity.md b/i18n/uk/device-integrity.md
new file mode 100644
index 00000000..7c3b8159
--- /dev/null
+++ b/i18n/uk/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! рекомендації
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! рекомендації
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! рекомендації
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! рекомендації
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! рекомендації
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/uk/os/qubes-overview.md b/i18n/uk/os/qubes-overview.md
index f4d935b2..55ac44f7 100644
--- a/i18n/uk/os/qubes-overview.md
+++ b/i18n/uk/os/qubes-overview.md
@@ -49,6 +49,22 @@ To copy and paste files and directories (folders) from one *qube* to another, yo
The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Qubes which allows communication between domains. It is built on top of the Xen library *vchan*, which facilitates [isolation through policies](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Additional Resources
For additional information we encourage you to consult the extensive Qubes OS documentation pages located on the [Qubes OS Website](https://www.qubes-os.org/doc/). Offline copies can be downloaded from the Qubes OS [documentation repository](https://github.com/QubesOS/qubes-doc).
diff --git a/i18n/uk/tools.md b/i18n/uk/tools.md
index e2de218a..d247aa87 100644
--- a/i18n/uk/tools.md
+++ b/i18n/uk/tools.md
@@ -157,6 +157,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[Learn more :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
[Learn more :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[Learn more :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/uk/tor.md b/i18n/uk/tor.md
index c4be2e61..79a5339e 100644
--- a/i18n/uk/tor.md
+++ b/i18n/uk/tor.md
@@ -39,7 +39,15 @@ Tor працює, спрямовуючи ваш інтернет-трафік ч
## Підключення до Tor
-Існує безліч способів під'єднатися до мережі Tor з вашого пристрою, найпоширенішим з яких є **Tor Browser**, форк Firefox, призначений для анонімного перегляду веб-сторінок на настільних комп'ютерах і Android. На додаток до перелічених нижче програм, існують також операційні системи, розроблені спеціально для підключення до мережі Tor, такі як [Whonix](desktop.md#whonix) або [Qubes OS](desktop.md#qubes-os), які забезпечують ще більшу безпеку і захист, ніж стандартний Tor Browser.
+!!! tip
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+Існує безліч способів під'єднатися до мережі Tor з вашого пристрою, найпоширенішим з яких є **Tor Browser**, форк Firefox, призначений для анонімного перегляду веб-сторінок на настільних комп'ютерах і Android.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor Browser
@@ -69,6 +77,8 @@ Tor працює, спрямовуючи ваш інтернет-трафік ч
Браузер Tor розроблений таким чином, щоб запобігти зняттю відбитків або ідентифікації вас на основі конфігурації вашого браузера. Тому вкрай важливо, щоб ви **не** модифікували браузер поза межами стандартних [рівнів безпеки](https://tb-manual.torproject.org/security-settings/).
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! рекомендації
diff --git a/i18n/vi/advanced/tor-overview.md b/i18n/vi/advanced/tor-overview.md
index e0c5b08b..3a642929 100644
--- a/i18n/vi/advanced/tor-overview.md
+++ b/i18n/vi/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor is a free to use, decentralized network designed for using the
Tor is a free to use, decentralized network designed for using the internet with as much privacy as possible. If used properly, the network enables private and anonymous browsing and communications.
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## Path Building to Clearnet Services
"Clearnet services" are websites which you can access with any browser, like [privacyguides.org](https://www.privacyguides.org). Tor lets you connect to these websites anonymously by routing your traffic through a network comprised of thousands of volunteer-run servers called nodes (or relays).
@@ -76,13 +156,34 @@ Tor allows us to connect to a server without any single party knowing the entire
Though Tor does provide strong privacy guarantees, one must be aware that Tor is not perfect:
-- Well-funded adversaries with the capability to passively watch most network traffic over the globe have a chance of deanonymizing Tor users by means of advanced traffic analysis. Nor does Tor protect you from exposing yourself by mistake, such as if you share too much information about your real identity.
-- Tor exit nodes can also monitor traffic that passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be recorded and monitored. If such traffic contains personally identifiable information, then it can deanonymize you to that exit node. Thus, we recommend using HTTPS over Tor where possible.
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Tor exit nodes can also monitor traffic that passes through them. Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
If you wish to use Tor for browsing the web, we only recommend the **official** Tor Browser—it is designed to prevent fingerprinting.
- [Tor Browser :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## Additional Resources
- [Tor Browser User Manual](https://tb-manual.torproject.org)
diff --git a/i18n/vi/android.md b/i18n/vi/android.md
index 7c6ed614..88bded53 100644
--- a/i18n/vi/android.md
+++ b/i18n/vi/android.md
@@ -213,39 +213,6 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
-### Các thiết bị khác
-
-!!! khuyến nghị
-
- { align=right }
- { align=right }
-
- **Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
-
- [:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
-
- ??? downloads
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor performs attestation and intrusion detection by:
-
-- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
-- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
-- The *auditor* records the current state and configuration of the *auditee*.
-- Should tampering with the operating system of the *auditee* happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
-- You will be alerted to the change.
-
-No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
-
-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
-
### Orbot
!!! khuyến nghị
@@ -345,7 +312,7 @@ Aurora Store does not allow you to download paid apps with their anonymous accou
### Trình xem PDF an toàn
-For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](/news-aggregators) that will help you keep track of new releases.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/vi/basics/common-threats.md b/i18n/vi/basics/common-threats.md
index e278c0cb..9776a47b 100644
--- a/i18n/vi/basics/common-threats.md
+++ b/i18n/vi/basics/common-threats.md
@@ -39,7 +39,7 @@ To minimize the damage that a malicious piece of software *could* do, you should
Mobile operating systems generally have better application sandboxing than desktop operating systems: Apps can't obtain root access, and require permission for access to system resources.
- Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../../desktop/#qubes-os).
+ Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt-in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: Targeted Attacks
diff --git a/i18n/vi/basics/vpn-overview.md b/i18n/vi/basics/vpn-overview.md
index d057a1ae..2f34dd6e 100644
--- a/i18n/vi/basics/vpn-overview.md
+++ b/i18n/vi/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: material/vpn
description: Virtual Private Networks shift risk away from your ISP to a third-party you trust. You should keep these things in mind.
---
-Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world. An ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem).
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-A VPN can help as it can shift trust to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing into it.
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## Should I use a VPN?
-**Yes**, unless you are already using Tor. A VPN does two things: shifting the risks from your Internet Service Provider to itself and hiding your IP from a third-party service.
-
-VPNs cannot encrypt data outside of the connection between your device and the VPN server. VPN providers can see and modify your traffic the same way your ISP could. And there is no way to verify a VPN provider's "no logging" policies in any way.
-
-However, they do hide your actual IP from a third-party service, provided that there are no IP leaks. They help you blend in with others and mitigate IP based tracking.
-
-## When shouldn't I use a VPN?
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
-
-## What about encryption?
-
-Encryption offered by VPN providers are between your devices and their servers. It guarantees that this specific link is secure. This is a step up from using unencrypted proxies where an adversary on the network can intercept the communications between your devices and said proxies and modify them. However, encryption between your apps or browsers with the service providers are not handled by this encryption.
-
-In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider. Consider enabling "HTTPS everywhere" in your browser to mitigate downgrade attacks like [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
-
-## Should I use encrypted DNS with a VPN?
-
-Unless your VPN provider hosts the encrypted DNS servers, **no**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust and does **absolutely nothing** to improve your privacy/security. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. Instead of just trusting your VPN provider, you are now trusting both the VPN provider and the DNS provider.
-
-A common reason to recommend encrypted DNS is that it helps against DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
-
-Needless to say, **you shouldn't use encrypted DNS with Tor**. This would direct all of your DNS requests through a single circuit and would allow the encrypted DNS provider to deanonymize you.
-
-## Should I use Tor *and* a VPN?
-
-By using a VPN with Tor, you're creating essentially a permanent entry node, often with a money trail attached. This provides zero additional benefits to you, while increasing the attack surface of your connection dramatically. If you wish to hide your Tor usage from your ISP or your government, Tor has a built-in solution for that: Tor bridges. [Read more about Tor bridges and why using a VPN is not necessary](../advanced/tor-overview.md).
-
-## What if I need anonymity?
-
-VPNs cannot provide anonymity. Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data. Use [Tor](https://www.torproject.org/) instead.
-
-## What about VPN providers that provide Tor nodes?
-
-Do not use that feature. The point of using Tor is that you do not trust your VPN provider. Currently Tor only supports the [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
-
-The feature should be viewed as a convenient way to access the Tor Network, not to stay anonymous. For proper anonymity, use the Tor Browser, TorSocks, or a Tor gateway.
-
-## When are VPNs useful?
-
-A VPN may still be useful to you in a variety of scenarios, such as:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. Hiding your traffic from **only** your Internet Service Provider.
1. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
-1. Hiding your IP from third-party websites and services, preventing IP based tracking.
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-For situations like these, or if you have another compelling reason, the VPN providers we listed above are who we think are the most trustworthy. However, using a VPN provider still means you're *trusting* the provider. In pretty much any other scenario you should be using a secure**-by-design** tool such as Tor.
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## Sources and Further Reading
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. And there is no way to verify a VPN provider's "no logging" policies in any way.
-1. [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
-1. [Tor Network Overview](../advanced/tor-overview.md)
-1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
-1. ["Do I need a VPN?"](https://www.doineedavpn.com), a tool developed by IVPN to challenge aggressive VPN marketing by helping individuals decide if a VPN is right for them.
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## Should I use encrypted DNS with a VPN?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
+
+## Should I use Tor *and* a VPN?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## Related VPN Information
@@ -76,3 +112,4 @@ For situations like these, or if you have another compelling reason, the VPN pro
- [Free VPN App Investigation](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Hidden VPN owners unveiled: 101 VPN products run by just 23 companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [This Chinese company is secretly behind 24 popular apps seeking dangerous permissions](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
diff --git a/i18n/vi/desktop.md b/i18n/vi/desktop.md
index ba6578c5..e629a55a 100644
--- a/i18n/vi/desktop.md
+++ b/i18n/vi/desktop.md
@@ -114,11 +114,9 @@ Nix is a source-based package manager; if there’s no pre-built available in th
Whonix is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden.
-Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-
-Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers), Qubes-Whonix has various [disadvantages](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) when compared to other hypervisors.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/vi/device-integrity.md b/i18n/vi/device-integrity.md
new file mode 100644
index 00000000..e92de5d9
--- /dev/null
+++ b/i18n/vi/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! khuyến nghị
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! khuyến nghị
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! khuyến nghị
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! khuyến nghị
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! khuyến nghị
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/vi/os/qubes-overview.md b/i18n/vi/os/qubes-overview.md
index f4d935b2..55ac44f7 100644
--- a/i18n/vi/os/qubes-overview.md
+++ b/i18n/vi/os/qubes-overview.md
@@ -49,6 +49,22 @@ To copy and paste files and directories (folders) from one *qube* to another, yo
The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Qubes which allows communication between domains. It is built on top of the Xen library *vchan*, which facilitates [isolation through policies](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
## Additional Resources
For additional information we encourage you to consult the extensive Qubes OS documentation pages located on the [Qubes OS Website](https://www.qubes-os.org/doc/). Offline copies can be downloaded from the Qubes OS [documentation repository](https://github.com/QubesOS/qubes-doc).
diff --git a/i18n/vi/tools.md b/i18n/vi/tools.md
index 7d37de7a..6dcc57bb 100644
--- a/i18n/vi/tools.md
+++ b/i18n/vi/tools.md
@@ -157,6 +157,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[Learn more :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
[Learn more :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[Learn more :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/vi/tor.md b/i18n/vi/tor.md
index 277201dc..a108c51f 100644
--- a/i18n/vi/tor.md
+++ b/i18n/vi/tor.md
@@ -39,7 +39,15 @@ Tor works by routing your internet traffic through those volunteer-operated serv
## Connecting to Tor
-There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android. In addition to the apps listed below, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser.
+!!! tip
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android.
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor Browser
@@ -75,6 +83,8 @@ There are a variety of ways to connect to the Tor network from your device, the
The Tor Browser is designed to prevent fingerprinting, or identifying you based on your browser configuration. Therefore, it is imperative that you do **not** modify the browser beyond the default [security levels](https://tb-manual.torproject.org/security-settings/).
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Google Pixel
!!! khuyến nghị
diff --git a/i18n/zh-Hant/advanced/tor-overview.md b/i18n/zh-Hant/advanced/tor-overview.md
index 57dda5dc..8d6789b7 100644
--- a/i18n/zh-Hant/advanced/tor-overview.md
+++ b/i18n/zh-Hant/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor 是一個免費使用的去中心化網路,其讓用戶在使
Tor 是一個免費使用的去中心化網路,其讓用戶在使用網際網路之際盡可能地保護自己的隱私。 如果使用得當,該網路可以實現私人和匿名瀏覽和通訊。
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## 連接明網服務的路徑建立
「明網服務」是用任何瀏覽器都可訪問的網站,例如 [privacyguides.org](https://www.privacyguides.org)。 Tor 允許您匿名連接到某些網站,由數千個志願者運行的伺服器組成的網絡引導您的流量,這些伺服器稱為節點(或中繼)。
@@ -76,13 +156,34 @@ Tor 允許我們連接到伺服器,而不讓任何一方知道完整路徑。
雖然 Tor 確實提供了強大的隱私保證,但必須意識到它並不完美:
-- 資金充足的對手有能力被動地觀察全球大多數網絡流量,他們有機會通過先進的流量分析來解除 Tor 用戶的匿名化。 Tor 也不能保護你免於不當地暴露自己,例如你分享了太多關於你真實身份的信息。
-- Tor 出口節點還可以監控通過它們的流量。 這意味著可以記錄和監控未加密的流量,例如純 HTTP 流量。 如果此類流量包含個人身份識別信息,則該出口節點可以將會消除匿名性。 因此,我們建議在可能的情況下使用 HTTPS。
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Tor 出口節點還可以監控通過它們的流量。 Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
如果您希望使用 Tor 瀏覽網頁,我們只建議使用 **官方** Tor 瀏覽器:它旨在防止指紋。
- [Tor 瀏覽器 :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## 其他資源
- [Tor 瀏覽器用戶手冊](https://tb-manual.torproject.org)
diff --git a/i18n/zh-Hant/android.md b/i18n/zh-Hant/android.md
index 26ffa1bb..104904b6 100644
--- a/i18n/zh-Hant/android.md
+++ b/i18n/zh-Hant/android.md
@@ -215,39 +215,6 @@ Pixel 手機很容易安裝 GrapheneOS 只需依其 [網頁安裝程式](https:/
當使用 Shelter 時,將信任置於其開發者,Shelter 作為[設備管理員](https://developer.android.com/guide/topics/admin/device-admin)來創建工作設定檔,它有大量權限訪問存儲在工作設定檔的資料。
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor** 是一款利用硬體安全功能通過主動驗證設備身份及其作業系統的完整性來進行完整性監控的應用程式。 目前僅在 GrapheneOS 或 [支援設備](https://attestation.app/about#device-support)的庫存作業系統運行。
-
- [:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
- [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
-
- ??? downloads "下載"
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor 通過下列方式鑑證和入侵檢測。
-
-- *審計者 * 和 *被審計對象*之間使用 [首次使用信任(TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) 模式, Auditor *的硬體支援密鑰庫 中對配建立私鑰。
-- *審計者* 可以是 Auditor 應用程式的另一個實例,或是 [遠程認證服務](https://attestation.app)。
-- *審計者* 記錄 *審計對象*當前的狀態和配置。
-- 如果在配對完成後發生篡改 *審計對象的作業系統* ,審計人員將意識到設備狀態和配置的變化。
-- 您會被提醒注意此一變化。
-
-沒有個人識別資料被提交給證明服務。 建議使用匿名帳戶註冊,並啟用遠程認證,以進行持續監控。
-
-如果您的 [威脅模型](basics/threat-modeling.md) 需要隱私,可以考慮使用 [Orbot](tor.md#orbot) 或VPN,從證明服務中隱藏 IP地址。 為了確保硬體和作業系統真實, [,在設備安裝後連上網際網路之前,立即進行本地認證](https://grapheneos.org/install/web#verifying-installation)。
-
### 安全相機
!!! recommendation
@@ -329,7 +296,7 @@ GrapheneOS 應用商店可在 [GitHub](https://github.com/GrapheneOS/Apps/releas
Google Play商店需要登錄 Google 帳戶,這對隱私來說不是很好。 可以使用替代客戶端,如 Aurora Store 來解決這個問題。
-!!! 推薦
+!!! recommendation
{ align=right }
@@ -347,7 +314,7 @@ Aurora Store不允許其匿名帳戶下載付費應用程式。 您可以選擇
### 手動使用 RSS 通知
-在GitHub和GitLab 等平台上發布的應用程式,也可在 [新聞聚合器](/news-aggregators) ,添加一個 RSS源,有助於追踪新版本消息。
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/zh-Hant/basics/common-threats.md b/i18n/zh-Hant/basics/common-threats.md
index 348ec049..a22768d5 100644
--- a/i18n/zh-Hant/basics/common-threats.md
+++ b/i18n/zh-Hant/basics/common-threats.md
@@ -39,7 +39,7 @@ description: 您的威脅模型雖說是個人的事,但它也是本站許多
行動作業系統通常具有比桌面作業系統具備更好的應用程式沙盒:應用程式沒有根存取權限,且需要存取系統資源的權限。
- 桌面操作系統通常在適當的沙盒化上落後。 ChromeOS 具備與 Android 相似的沙盒功能, macOS 具有完整的系統權限控制(開發人員可以選擇為應用程式加入沙盒)。 然而,這些作業系統確實會將識別資料傳回給各自的原始設備製造商。 Linux 傾向於不對系統供應商提交資料,但它在漏洞和惡意應用程式的保護很差。 這可以通過專門的發行版來緩解,這些發行版大量使用虛擬器或容器,例如 [Qubes OS](../../desktop/#qubes-os)。
+ 桌面操作系統通常在適當的沙盒化上落後。 ChromeOS 具備與 Android 相似的沙盒功能, macOS 具有完整的系統權限控制(開發人員可以選擇為應用程式加入沙盒)。 然而,這些作業系統確實會將識別資料傳回給各自的原始設備製造商。 Linux 傾向於不對系統供應商提交資料,但它在漏洞和惡意應用程式的保護很差。 This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: 目標攻擊
diff --git a/i18n/zh-Hant/basics/vpn-overview.md b/i18n/zh-Hant/basics/vpn-overview.md
index 9cfe1fba..ed7a445f 100644
--- a/i18n/zh-Hant/basics/vpn-overview.md
+++ b/i18n/zh-Hant/basics/vpn-overview.md
@@ -5,73 +5,106 @@ icon: material/vpn
description: 虛擬私用網路將風險從您的ISP 轉移到您信任的第三方。 你應該記住這些事情。
---
-虛擬專用網路是將您的網路末端延伸到世界其它地方的一種方式。 ISP 可以看到網路終端設備(例如數據機)的網際網路進出流量。
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-HTTPS 等加密協議通常應用在網際網路,因此雖無法確切地知道您發布或閱讀的內容,但還是可以了解您所請求訪問的 [網域名](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns)。
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-VPN 可以提供幫助,將信任轉移到世界其他地方的伺服器。 因此, ISP只會看到您已連接到VPN ,而不會看到您正在傳遞的活動。
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note "備註"
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## 我應該使用 VPN 嗎?
-**是**,除非你已經在使用Tor。 VPN可以做兩件事:將風險從網際網路服務提供商轉移到 VPN,並將向第三方服務隱藏您的 IP 地址。
-
-VPN 無法加密裝置與 VPN 伺服器之間連線以外的資料。 VPN 提供商可以像 ISP 一樣查看和修改您的流量。 而且沒有方式可以驗證 VPN 提供商的“無記錄”政策是否貫徹。
-
-VPN 確實可向第三方服務隱藏您的實際 IP ,但前提是IP 沒被洩漏。 它們有助您混在他人之中,以減輕基於 IP 的追蹤。
-
-## 什麼時候不該使用 VPN ?
-
-若使用 [已被辨識出身份](common-misconceptions.md#complicated-is-better)的情況,VPN 通常就失去效用。
-
-這樣做可能會觸發垃圾郵件和欺詐偵測系統,例如您正試圖登入銀行網站。
-
-## 那加密呢?
-
-VPN供應商提供的加密僅發生在您的裝置與伺服器之間。 它保證此特定連結是安全的。 這比用未加密代理的更進一步,因為對手可以攔截您的設備和前述未加密代理之間的通訊並加以修改。 然而軟體或瀏覽器與服務供應商之間的加密並不是依此加密處理。
-
-為了保持所瀏覽網站活動的私密和安全,您必須使用 HTTPS。 這將確保您的密碼、會話令牌和查詢對VPN提供商是安全的。 請考慮在瀏覽器中啟用「HTTPS everywhere」,以減輕 [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf)等攻擊。
-
-## 我應該將加密 DNS 與 VPN 一起使用嗎?
-
-除非您的 VPN 服務商自行託管加密的 DNS 伺服器, **不要**. 使用 DOH/DOT (或其它任何 DNS 加密) 與第三方伺服器只有需信任更多實體,在安全隱私則**一點幫助也沒有** 。 您的 VPN 提供商仍可以根據 IP 地址和其他方法查看您訪問的網站。 您現在除了信任 VPN 供應商外,還得同時信任 VPN 供應商和DNS 供應商。
-
-推薦加密 DNS 的常見理由是有助於防止 DNS 欺騙。 您的瀏覽器應該已經檢查了 [TLS 憑證](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) 和 **HTTPS** ,並警告您。 如果沒用 **HTTPS**,則對手可以修改您的 DNS 查詢之外的任何東西,最終結果將沒太大差異。
-
-**您不應把加密 DNS 與Tor**一起使用。 這將把您所有 DNS 請求引至某單一迴路,這會讓加密 DNS 提供商可對您消除匿名性。
-
-## 我應該*同時* 使用 Tor 與 VPN 嗎?
-
-撔 Tor 與 VPN 一起使用 ,您基本上創建了一個永久的入口節點,這類節點通常帶有與金錢相關追蹤痕跡。 這樣根本沒增加額外好處,反而明顯地擴大了連接時的攻擊面。 如果您希望向 ISP 或政府隱藏您的Tor 使用, Tor 內建一個解決方案:Tor 橋接。 [閱讀更多關於Tor橋接以及為什麼沒必要使用 VPN](../advanced/tor-overview.md)。
-
-## 如果我需要匿名怎麼辦?
-
-VPN無法提供匿名性。 您的VPN提供商可知道您真實 IP 地址,並且通常有一個可以直接與您連結的金錢線索。 您不能依靠 VPN「無記錄」政策來保護您的資料。 請用 [Tor](https://www.torproject.org/) 代替。
-
-## 提供Tor 節點的 VPN 提供商好不好呢?
-
-不要使用此功能。 使用 Tor 的重點是不信任您的 VPN 提供商。 目前 Tor 只支援 [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) 通訊協議。 [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (利用[WebRTC](https://en.wikipedia.org/wiki/WebRTC) 進行語音和視頻共享、新的 [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) 協議等) , [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) 和其他封包將被遺落。 為了彌補這一點, VPN 提供商通常會引導全部的non-TCP 封包通過他們的 VPN 伺服器(您的第一個跳)。 [ProtonVPN ](https://protonvpn.com/support/tor-vpn/)的情況就是如此。 此外,使用此 Tor over VPN 設定時,您無法控制 Tor 其他重要的功能,例如 [隔離目標位址](https://www.whonix.org/wiki/Stream_Isolation) (為您訪問不同網域使用不同的Tor 迴路)。
-
-該功能應被視為方便訪問 Tor 網絡的方式,而不是為了保持匿名。 為保持適當的匿名性,請使用 Tor 瀏覽器、TorSocks 或 Tor 閘道。
-
-## VPN 何時有用?
-
-VPN在各種情況下仍可能對您有用,例如:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. **僅需**對網路連線服務商隱藏您的流量 。
1. 對 ISP 和反盜版組織隱藏您的下載(如 torrents)。
-1. 從第三方網站和服務中隱藏您的IP ,防止基於IP的追蹤。
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-類似這些情況或者如果您有其他令人信服的理由,可考慮使用我們所列出認為最值得信賴的 VPN 提供商。 使用 VPN 意謂著您 *方便* 這些服務供應者。 任何情況下,最好使用以安全為**設計理念** 的工具,例如 Tor。
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## 資料來源和進一步閱讀
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. 而且沒有方式可以驗證 VPN 提供商的“無記錄”政策是否貫徹。
-1. [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
-1. [Tor Network概述](../advanced/tor-overview.md)
-1. [IVPN隱私指南](https://www.ivpn.net/privacy-guides)
-1. [「我需要 VPN 嗎?」"Do I need a VPN?" ](https://www.doineedavpn.com),
-IVPN 開發的工具,幫助個人決定 VPN 是否適合他們,以因應各式 VPN 營銷。
-
-
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. 這樣做可能會觸發垃圾郵件和欺詐偵測系統,例如您正試圖登入銀行網站。
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. 為了保持所瀏覽網站活動的私密和安全,您必須使用 HTTPS。 This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## 我應該將加密 DNS 與 VPN 一起使用嗎?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. 您的 VPN 提供商仍可以根據 IP 地址和其他方法查看您訪問的網站。 All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. 您的瀏覽器應該已經檢查了 [TLS 憑證](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) 和 **HTTPS** ,並警告您。 如果沒用 **HTTPS**,則對手可以修改您的 DNS 查詢之外的任何東西,最終結果將沒太大差異。
+
+## 我應該*同時* 使用 Tor 與 VPN 嗎?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. 為了彌補這一點, VPN 提供商通常會引導全部的non-TCP 封包通過他們的 VPN 伺服器(您的第一個跳)。 [ProtonVPN ](https://protonvpn.com/support/tor-vpn/)的情況就是如此。 此外,使用此 Tor over VPN 設定時,您無法控制 Tor 其他重要的功能,例如 [隔離目標位址](https://www.whonix.org/wiki/Stream_Isolation) (為您訪問不同網域使用不同的Tor 迴路)。
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## VPN 相關資訊
@@ -79,3 +112,4 @@ IVPN 開發的工具,幫助個人決定 VPN 是否適合他們,以因應各
- [免費 VPN 應用程式調查](https://www.top10vpn.com/free-vpn-app-investigation/)
- [揭露隱身的 VPN 擁有者:由 23 家公司運營101款 VPN 產品](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [這家中國公司祕密支持24個尋求危險權限的流行應用程序](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
diff --git a/i18n/zh-Hant/desktop.md b/i18n/zh-Hant/desktop.md
index 78da1c0f..693b679c 100644
--- a/i18n/zh-Hant/desktop.md
+++ b/i18n/zh-Hant/desktop.md
@@ -120,15 +120,9 @@ Nix是一個基於源的套件管理器;如果二進位快取中沒有預先
Whonix 運行兩個虛擬機器:一個“工作站”和一個 Tor “閘道”。 來自工作站的所有通訊都必須通過 Tor 閘道。 這意味著,即使工作站受到某種惡意軟體的破壞,真實的IP地址仍然隱藏。
-它的一些功能包括 Tor Stream Isolation , [按鍵匿名](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [加密交換](https://github.com/Whonix/swap-file-creator)以及加固的記憶體分配器。
-
-Whonix 未來版本可能包括 [完整系統 AppArmor](https://github.com/Whonix/apparmor-profile-everything) 和 [個沙盒應用程式啟動器](https://www.whonix.org/wiki/Sandbox-app-launcher) ,以完全限制系統上的所有進程。
-
-Whonix 最好與 Qubes一起使用
-
-,與其他 hypervisor相比, Qubes-Whonix 有不同 [缺點](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581) 。
-
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
@@ -141,7 +135,6 @@ Whonix 最好與 Qubes一起使用
[:octicons-home-16: Homepage](https://tails.boum.org/){ .md-button .md-button--primary }
[:octicons-info-16:](https://tails.boum.org/doc/index.en.html){ .card-link title=Documentation}
[:octicons-heart-16:](https://tails.boum.org/donate/){ .card-link title=Contribute }
-
由於失憶功能(意指沒有寫入磁碟),Tails 非常適合對抗資料探集;然而,它不像 Whonix 那樣是硬化發行版。 它缺乏 Whonix 的許多匿名和安全功能,並且更新頻率較低(每六周一次)。 被惡意軟體入侵的 Tails 系統可能會繞過透明代理,使用戶去匿名化。
@@ -149,12 +142,8 @@ Tails Tor 瀏覽器預設包含 [uBlock Origin](desktop-browsers.md#ublock-origi
設計上, Tails 每次重新啟動後意謂將完全重置。 加密 [永久存儲](https://tails.boum.org/doc/persistent_storage/index.en.html) 可以配置來存儲一些資料。
-
-
## 以安全爲重點的發行版
-
-
### Qubes OS
!!! recommendation
@@ -169,14 +158,11 @@ Tails Tor 瀏覽器預設包含 [uBlock Origin](desktop-browsers.md#ublock-origi
[:octicons-info-16:](https://www.qubes-os.org/doc/){ .card-link title=Documentation }
[:octicons-code-16:](https://github.com/QubesOS/){ .card-link title="Source Code" }
[:octicons-heart-16:](https://www.qubes-os.org/donate/){ .card-link title=Contribute }
-
Qubes OS 作業系統將子系統(例如網絡、USB等)和應用程式隔離在個別的 *qubes*以保護電腦。 如果系統的一部分被破壞,其餘的 *qubes*與核心系統仍受到保護。
有關 Oubes 運作的進一步資訊,請參考我們完整的 [Qubes OS 介紹](os/qubes-overview.md) 頁面。
-
-
### Kicksecure
雖然我們在大多數情況下[建議不要](os/linux-overview.md#release-cycle)使用“永遠過時”的發行版,例如用於桌面的 Debian,但 Kicksecure 是一個基於 Debian 的操作系統,其功能已強化,遠遠超出了典型的 Linux 安裝。
@@ -192,9 +178,6 @@ Qubes OS 作業系統將子系統(例如網絡、USB等)和應用程式隔
[:octicons-info-16:](https://www.kicksecure.com/wiki/Documentation){ .card-link title=Documentation }
[:octicons-code-16:](https://github.com/Kicksecure){ .card-link title="Source Code" }
[:octicons-heart-16:](https://www.kicksecure.com/wiki/Donate){ .card-link title=Contribute }
-
-
-
## 標準
@@ -202,13 +185,13 @@ Qubes OS 作業系統將子系統(例如網絡、USB等)和應用程式隔
- 免費且開放原始碼。
- 必須定期接收軟體和內核更新。
-- [Avoids X11](os/linux-overview.md#wayland).
- - 這裡值得注意的例外是 Qubes,但虛擬化可以避免 X11 常發生的隔離問題。 其隔離僅適用於*在不同 qube*(虛擬機)中運行的應用程式,在*同一個* qube 運行的應用程式則無法保護。
+- [Avoids X11](os/linux-overview.md#wayland).
+ - 這裡值得注意的例外是 Qubes,但虛擬化可以避免 X11 常發生的隔離問題。 其隔離僅適用於*在不同 qube*(虛擬機)中運行的應用程式,在*同一個* qube 運行的應用程式則無法保護。
- 安裝時必須支援全磁碟加密。
-- 不可將定期更新發佈凍結超過1年。
- - 我們 [不建議](os/linux-overview.md#release-cycle) 桌機使用“長期支援”或“穩定”發行版。
+- 不可將定期更新發佈凍結超過1年。
+ - 我們 [不建議](os/linux-overview.md#release-cycle) 桌機使用“長期支援”或“穩定”發行版。
- 需要支持各種各樣的硬體。
-- 偏好較大型的專案。
- - 維護作業系統是一項大挑戰,小型專案往往會犯更多可避免的錯誤,或延遲重大更新(或更糟糕的是,很快就完全消失)。 我們傾向於至少可維持10 年的專案(無論是由於公司支持還是非常重要的社區支持),而不是手工構建或只有少數維護人員的專案。
+- 偏好較大型的專案。
+ - 維護作業系統是一項大挑戰,小型專案往往會犯更多可避免的錯誤,或延遲重大更新(或更糟糕的是,很快就完全消失)。 我們傾向於至少可維持10 年的專案(無論是由於公司支持還是非常重要的社區支持),而不是手工構建或只有少數維護人員的專案。
此外,[我們推薦專案的一般準則](about/criteria.md) 仍然適用。 **請注意我們和所推薦的服務商沒有任何利害關係。**
diff --git a/i18n/zh-Hant/device-integrity.md b/i18n/zh-Hant/device-integrity.md
new file mode 100644
index 00000000..6802f059
--- /dev/null
+++ b/i18n/zh-Hant/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! danger "危險"
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! warning "警告"
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! warning "警告"
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! warning "警告"
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/zh-Hant/os/qubes-overview.md b/i18n/zh-Hant/os/qubes-overview.md
index eba7482f..70518941 100644
--- a/i18n/zh-Hant/os/qubes-overview.md
+++ b/i18n/zh-Hant/os/qubes-overview.md
@@ -52,6 +52,25 @@ Qubes OS在主機作業系統上 利用 [dom0](https://wiki.xenproject.org/wiki/
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
+
+
+
## 其他資源
如需更多資訊,建議瀏覽[Qubes OS 網站](https://www.qubes-os.org/doc/)上 Qubes OS 文件頁面。 可以從Qubes OS [文件庫](https://github.com/QubesOS/qubes-doc)下載離線副本。
diff --git a/i18n/zh-Hant/tools.md b/i18n/zh-Hant/tools.md
index f805e3fe..666cbe97 100644
--- a/i18n/zh-Hant/tools.md
+++ b/i18n/zh-Hant/tools.md
@@ -157,6 +157,7 @@ description: Privacy Guides 是最透明和可靠的網站,用於尋找保護
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[Learn more :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
@@ -432,7 +433,6 @@ description: Privacy Guides 是最透明和可靠的網站,用於尋找保護
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -468,3 +468,21 @@ description: Privacy Guides 是最透明和可靠的網站,用於尋找保護
[了解更多 :material-arrow-right-drop-circle:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[了解更多 :material-arrow-right-drop-circle:](device-integrity.md)
diff --git a/i18n/zh-Hant/tor.md b/i18n/zh-Hant/tor.md
index 8aff66f2..b8121bf3 100644
--- a/i18n/zh-Hant/tor.md
+++ b/i18n/zh-Hant/tor.md
@@ -39,7 +39,15 @@ Tor 的工作原理是通過志願者運營的服務器來引導您的網際網
## 正在連接到Tor
-有多種方式可以從您的設備連上 Tor 網絡,最常用的是 ** Tor 瀏覽器**,這是 Firefox 的一個分支,專為桌面電腦和 Android 的匿名瀏覽而設計。 除了下面列出的應用程序外,還有專門設計用於連接到 Tor 網絡的操作系統,例如 [Qubes OS 作業系統](desktop.md#qubes-os) [Whonix](desktop.md#whonix),它們提供比標準 Tor 瀏覽器更高的安全性和保護。
+!!! tip "訣竅"
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+有多種方式可以從您的設備連上 Tor 網絡,最常用的是 ** Tor 瀏覽器**,這是 Firefox 的一個分支,專為桌面電腦和 Android 的匿名瀏覽而設計。
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor 瀏覽器
@@ -69,6 +77,8 @@ Tor 的工作原理是通過志願者運營的服務器來引導您的網際網
Tor 瀏覽器旨在防止指紋識別----根據您的瀏覽器配置識別您。 因此,您 **不應** 修改瀏覽器超出預設 [安全級別](https://tb-manual.torproject.org/security-settings/)。
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! recommendation
diff --git a/i18n/zh/advanced/tor-overview.md b/i18n/zh/advanced/tor-overview.md
index 6c4437dc..409c5f1f 100644
--- a/i18n/zh/advanced/tor-overview.md
+++ b/i18n/zh/advanced/tor-overview.md
@@ -6,6 +6,86 @@ description: Tor是一个免费使用的去中心化网络,专为尽量隐私
Tor是一个免费使用的去中心化网络,专为尽量隐私地使用互联网而设计。 如果使用得当,该网络可以实现隐私且匿名地浏览和通信。
+## Safely Connecting to Tor
+
+Before connecting to [Tor](../tor.md), you should carefully consider what you're looking to accomplish by using Tor in the first place, and who you're trying to hide your network activity from.
+
+If you live in a free country, are accessing mundane content via Tor, aren't worried about your ISP or local network administrators having the knowledge that you're using Tor, and want to help [de-stigmatize](https://2019.www.torproject.org/about/torusers.html.en) Tor usage, you can likely connect to Tor directly via standard means like [Tor Browser](../tor.md) without worry.
+
+If you have the ability to access a trusted VPN provider and **any** of the following are true, you almost certainly should connect to Tor through a VPN:
+
+- You already use a [trusted VPN provider](../vpn.md)
+- Your threat model includes an adversary which is capable of extracting information from your ISP
+- Your threat model includes your ISP itself as an adversary
+- Your threat model includes local network administrators before your ISP as an adversary
+
+Because we already [generally recommend](../basics/vpn-overview.md) that the vast majority of people use a trusted VPN provider for a variety of reasons, the following recommendation about connecting to Tor via a VPN likely applies to you. There is no need to disable your VPN before connecting to Tor, as some online resources would lead you to believe.
+
+Connecting directly to Tor will make your connection stand out to any local network administrators or your ISP. Detecting and correlating this traffic [has been done](https://edition.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/) in the past by network administrators to identify and deanonymize specific Tor users on their network. On the other hand, connecting to a VPN is almost always less suspicious, because commercial VPN providers are used by everyday consumers for a variety of mundane tasks like bypassing geo-restrictions, even in countries with heavy internet restrictions.
+
+Therefore, you should make an effort to hide your IP address **before** connecting to the Tor network. You can do this by simply connecting to a VPN (through a client installed on your computer) and then accessing [Tor](../tor.md) as normal, through Tor Browser for example. This creates a connection chain like:
+
+- [x] You → VPN → Tor → Internet
+
+From your ISP's perspective, it looks like you're accessing a VPN normally (with the associated cover that provides you). From your VPN's perspective, they can see that you are connecting to the Tor network, but nothing about what websites you're accessing. From Tor's perspective, you're connecting normally, but in the unlikely event of some sort of Tor network compromise, only your VPN's IP would be exposed, and your VPN would *additionally* have to be compromised to deanonymize you.
+
+This is **not** censorship circumvention advice, because if Tor is blocked entirely by your ISP, your VPN likely is as well. Rather, this recommendation aims to make your traffic blend in better with commonplace VPN user traffic, and provide you with some level of plausible deniability by obscuring the fact that you're connecting to Tor from your ISP.
+
+---
+
+We **very strongly discourage** combining Tor with a VPN in any other manner. Do not configure your connection in a way which resembles any of the following:
+
+- You → Tor → VPN → Internet
+- You → VPN → Tor → VPN → Internet
+- Any other configuration
+
+Some VPN providers and other publications will occasionally recommend these **bad** configurations to evade Tor bans (exit nodes being blocked by websites) in some places. [Normally](https://support.torproject.org/#about_change-paths), Tor frequently changes your circuit path through the network. When you choose a permanent *destination* VPN (connecting to a VPN server *after* Tor), you're eliminating this advantage and drastically harming your anonymity.
+
+Setting up bad configurations like these is difficult to do accidentally, because it usually involves either setting up custom proxy settings inside Tor Browser, or setting up custom proxy settings inside your VPN client which routes your VPN traffic through the Tor Browser. As long as you avoid these non-default configurations, you're probably fine.
+
+---
+
+!!! info "VPN/SSH Fingerprinting"
+
+ The Tor Project [notes](https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting) that *theoretically* using a VPN to hide Tor activities from your ISP may not be foolproof. VPNs have been found to be vulnerable to website traffic fingerprinting, where an adversary can still guess what website is being visited, because all websites have specific traffic patterns.
+
+ Therefore, it's not unreasonable to believe that encrypted Tor traffic hidden by a VPN could also be detected via similar methods. There are no research papers on this subject, and we still consider the benefits of using a VPN to far outweigh these risks, but it is something to keep in mind.
+
+ If you still believe that pluggable transports (bridges) provide additional protection against website traffic fingerprinting that a VPN does not, you always have the option to use a bridge **and** a VPN in conjunction.
+
+Determining whether you should first use a VPN to connect to the Tor network will require some common sense and knowledge of your own government's and ISP's policies relating to what you're connecting to. However, again in most cases you will be better off being seen as connecting to a commercial VPN network than directly to the Tor network. If VPN providers are censored in your area, then you can also consider using Tor pluggable transports (e.g. Snowflake or meek bridges) as an alternative, but using these bridges may arouse more suspicion than standard WireGuard/OpenVPN tunnels.
+
+## What Tor is Not
+
+The Tor network is not the perfect privacy protection tool in all cases, and has a number of drawbacks which should be carefully considered. These things should not discourage you from using Tor if it is appropriate for your needs, but they are still things to think about when deciding which solution is most appropriate for you.
+
+### Tor is not a free VPN
+
+The release of the *Orbot* mobile app has lead many people to describe Tor as a "free VPN" for all of your device traffic. However, treating Tor like this poses some dangers compared to a typical VPN.
+
+Unlike Tor exit nodes, VPN providers are usually not *actively* [malicious](#caveats). Because Tor exit nodes can be created by anybody, they are hotspots for network logging and modification. In 2020, many Tor exit nodes were documented to be downgrading HTTPS traffic to HTTP in order to [hijack cryptocurrency transactions](https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year). Other exit node attacks such as replacing downloads via unencrypted channels with malware have also been observed. HTTPS does mitigate these threats to an extent.
+
+As we've alluded to already, Tor is also easily identifiable on the network. Unlike an actual VPN provider, using Tor will make you stick out as a person likely attempting to evade authorities. In a perfect world, Tor would be seen by network administrators and authorities as a tool with many uses (like how VPNs are viewed), but in reality the perception of Tor is still far less legitimate than the perception of commercial VPNs, so using a real VPN provides you with plausible deniability, e.g. "I was just using it to watch Netflix," etc.
+
+### Tor usage is not undetectable
+
+**Even if you use bridges and pluggable transports,** the Tor Project provides no tools to hide the fact that you are using Tor from your ISP. Even using obfuscated "pluggable transports" or non-public bridges do not hide the fact that you are using a private communications channel. The most popular pluggable transports like obfs4 (which obfuscates your traffic to "look like nothing") and meek (which uses domain fronting to camouflage your traffic) can be [detected](https://www.hackerfactor.com/blog/index.php?/archives/889-Tor-0day-Burning-Bridges.html) with fairly standard traffic analysis techniques. Snowflake has similar issues, and can be [easily detected](https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html) *before* a Tor connection is even established.
+
+Pluggable transports other than these three do exist, but typically rely on security through obscurity to evade detection. They aren't impossible to detect, they are just used by so few people that it's not worth the effort building detectors for them. They shouldn't be relied upon if you specifically are being monitored.
+
+It is critical to understand the difference between bypassing censorship and evading detection. It is easier to accomplish the former because of the many real-world limitations on what network censors can realistically do en masse, but these techniques do not hide the fact that you—*specifically* you—are using Tor from an interested party monitoring your network.
+
+### Tor Browser is not the most *secure* browser
+
+Anonymity can often be at odds with security: Tor's anonymity requires every user to be identical, which creates a monoculture (the same bugs are present across all Tor Browser users). As a cybersecurity rule of thumb, monocultures are generally regarded as bad: Security through diversity (which Tor lacks) provides natural segmentation by limiting vulnerabilities to smaller groups, and is therefore usually desirable, but this diversity is also less good for anonymity.
+
+Additionally, Tor Browser is based on Firefox's Extended Support Release builds, which only receives patches for vulnerabilities considered *Critical* and *High* (not *Medium* and *Low*). This means that attackers could (for example):
+
+1. Look for new Critical/High vulnerabilities in Firefox nightly or beta builds, then check if they are exploitable in Tor Browser (this vulnerability period can last weeks).
+2. Chain *multiple* Medium/Low vulnerabilities together until they get the level of access they're looking for (this vulnerability period can last months or longer).
+
+Those at risk of browser vulnerabilities should consider additional protections to defend against Tor Browser exploits, such as using Whonix in [Qubes](../os/qubes-overview.md) to contain your Tor browsing in a secure VM and protect against leaks.
+
## 建立通往公开网络服务的链路
公开网络服务是您可以使用任何浏览器访问的网站,例如 [privacyguides.org](https://www.privacyguides.org)。 Tor的工作原理是通过一个由数千个志愿者运行的服务器(称为节点或中继)组成的网络路由您的流量。
@@ -76,13 +156,34 @@ Tor用出口、中间和入口节点的密钥对每个数据包(一个传输
尽管Tor确实提供了强有力的隐私保障,但您必须意识到Tor并不完美:
-- 资金充足、能够被动地观察全球大多数网络通信量的对手有机会通过先进的通信量分析将Tor用户去匿名化。 Tor也不能防止您错误地暴露自己,例如分享了太多关于您真实身份的信息。
-- Tor出口节点也可以监控通过它们的流量。 这意味着没有加密的流量,如普通的HTTP流量,可以被记录和监控。 如果这种流量包含个人可识别信息,那么那个出口节点可以把你去匿名化。 因此,我们建议尽可能使用HTTPS over Tor。
+- Tor never protects you from exposing yourself by mistake, such as if you share too much information about your real identity.
+- Tor exit nodes can **modify** unencrypted traffic which passes through them. This means traffic which is not encrypted, such as plain HTTP traffic, can be changed by a malicious exit node. **Never** download files from an unencrypted `http://` website over Tor, and ensure your browser is set to always upgrade HTTP traffic to HTTPS.
+- Tor出口节点也可以监控通过它们的流量。 Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node. Again, we recommend only using HTTPS over Tor.
+- Powerful adversaries with the capability to passively watch *all* network traffic around the globe ("Global Passive Adversaries") are **not** something that Tor protects you against (and using Tor [with a VPN](#safely-connecting-to-tor) doesn't change this fact).
+- Well-funded adversaries with the capability to passively watch *most* network traffic around the globe still have a *chance* of deanonymizing Tor users by means of advanced traffic analysis.
如果您希望使用Tor浏览网页,我们只建议使用 **官方** Tor浏览器,该浏览器旨在防止指纹。
- [Tor浏览器 :material-arrow-right-drop-circle:](../tor.md#tor-browser)
+### Protections provided by bridges
+
+Tor bridges are commonly touted as an alternative method to hiding Tor usage from an ISP, instead of a VPN (as we suggest using if possible). Something to consider is that while bridges may provide adequate censorship circumvention, this is only a *transient* benefit. They do not adequately protect you from your ISP discovering you connected to Tor in the *past* with historical traffic log analysis.
+
+To illustrate this point, consider the following scenario: You connect to Tor via a bridge, and your ISP doesn’t detect it because they are not doing sophisticated analysis of your traffic, so things are working as intended. Now, 4 months go by, and the IP of your bridge has been made public. This is a very common occurrence with bridges, they are discovered and blocked relatively frequently, just not immediately.
+
+Your ISP wants to identify Tor users 4 months ago, and with their limited metadata logging they can see that you connected to an IP address which was later revealed to be a Tor bridge. You have virtually no other excuse to be making such a connection, so the ISP can say with very high confidence that you were a Tor user at that time.
+
+Contrast this with our recommended scenario, where you connect to Tor via a VPN. Say that 4 months later your ISP again wants to identify anybody who used Tor 4 months ago. Their logs almost certainly can identify your traffic 4 months ago, but all they would likely be able to see is that you connected to a VPN’s IP address. This is because most ISPs only retain metadata over long periods of time, not the full contents of the traffic you request. Storing the entirety of your traffic data would require a massive quantity of storage which nearly all threat actors wouldn't possess.
+
+Because your ISP almost certainly is not capturing all packet-level data and storing it forever, they have no way of determining what you connected to with that VPN *after* the fact with an advanced technique like deep packet inspection, and therefore you have plausible deniability.
+
+Therefore, bridges provide the most benefit when circumventing internet censorship *in the moment*, but they are not an adequate substitute for **all** the benefits that using a VPN alongside Tor can provide. Again, this is not advice *against* using Tor bridges, you should just be aware of these limitations while making your decision. In some cases bridges may be the *only* option (if all VPN providers are blocked, for instance), so you can still use them in those circumstances with this limitation in mind.
+
+If you think that a bridge can aid in defending against fingerprinting or other advanced network analysis more than a VPN's encrypted tunnel already can, you always have the option to use a bridge in conjunction with a VPN as well. That way you are still protected by the pluggable transport's obfuscation techniques even if an adversary gains some level of visibility into your VPN tunnel. If you decide to go this route, we recommend connecting to an obfs4 bridge behind your VPN for optimal fingerprinting protection, rather than meek or Snowflake.
+
+It is [possible](https://discuss.privacyguides.net/t/clarify-tors-weaknesses-with-respect-to-observability/3676/16) that the [WebTunnel](https://forum.torproject.org/t/tor-relays-announcement-webtunnel-a-new-pluggable-transport-for-bridges-now-available-for-deployment/8180) pluggable transport currently being trialed may mitigate some of these concerns. We will continue to keep an eye on that technology as it develops.
+
## 其它资源
- [Tor浏览器用户手册](https://tb-manual.torproject.org)
diff --git a/i18n/zh/android.md b/i18n/zh/android.md
index ddda70e1..362b9119 100644
--- a/i18n/zh/android.md
+++ b/i18n/zh/android.md
@@ -215,37 +215,6 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
当使用Shelter时,你完全信任它的开发者,因为Shelter作为一个[设备管理员](https://developer.android.com/guide/topics/admin/device-admin)来创建工作档案,它可以广泛地访问存储在工作档案中的数据。
-### Auditor
-
-!!! recommendation
-
- { align=right }
- { align=right }
-
- **Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
-
- [:octicons-home-16: 主页](https://grapheneos.org/){ .md-button .md-button--primary }
- [:octicons-eye-16:](https://attestation.app/about#privacy-policy){ .card-link title="隐私政策" }
- [:octicons-info-16:](https://grapheneos.org/faq){ .card-link title=文档}
- [:octicons-code-16:](https://attestation.app/source){ .card-link title="源代码" }
- [:octicons-heart-16:](https://attestation.app/donate){ .card-link title="贡献" } downloads "下载"
-
- - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor performs attestation and intrusion detection by:
-
-- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
-- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
-- The *auditor* records the current state and configuration of the *auditee*.
-- Should tampering with the operating system of the *auditee* happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
-- You will be alerted to the change.
-
-No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
-
-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
-
### Secure Camera
!!! recommendation
@@ -345,7 +314,7 @@ Aurora Store does not allow you to download paid apps with their anonymous accou
### 手动使用RSS通知
-For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](/news-aggregators) that will help you keep track of new releases.
+For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](news-aggregators.md) that will help you keep track of new releases.
   
diff --git a/i18n/zh/basics/common-threats.md b/i18n/zh/basics/common-threats.md
index 77c5e9da..f2d350db 100644
--- a/i18n/zh/basics/common-threats.md
+++ b/i18n/zh/basics/common-threats.md
@@ -39,7 +39,7 @@ description: 您的威胁模式是您自己量身定制的,但这些是本网
在应用程序沙盒方面,移动操作系统通常比桌面操作系统更安全。
- 应用程序无法获得根访问权限,只能访问您授予它们访问权限的系统资源。 桌面操作系统在成熟的沙箱方面通常比较落后。 ChromeOS具有与安卓类似的沙盒属性,而macOS具有完整的系统权限控制和(针对开发者)可选的应用程序沙盒,然而这些操作系统的确会将识别信息传输给各自的OEM。 Linux倾向于不向系统供应商提交信息,但它对漏洞和恶意应用程序的保护很差。 这一点可以通过大量使用虚拟机或容器的专门发行版(如Qubes OS)得到一定程度的缓解。
+ 应用程序无法获得根访问权限,只能访问您授予它们访问权限的系统资源。 桌面操作系统在成熟的沙箱方面通常比较落后。 ChromeOS具有与安卓类似的沙盒属性,而macOS具有完整的系统权限控制和(针对开发者)可选的应用程序沙盒,然而这些操作系统的确会将识别信息传输给各自的OEM。 Linux倾向于不向系统供应商提交信息,但它对漏洞和恶意应用程序的保护很差。 This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../desktop.md#qubes-os).
:material-target-account: 定向攻击
diff --git a/i18n/zh/basics/vpn-overview.md b/i18n/zh/basics/vpn-overview.md
index 3d003a34..04c23c88 100644
--- a/i18n/zh/basics/vpn-overview.md
+++ b/i18n/zh/basics/vpn-overview.md
@@ -5,70 +5,106 @@ icon: 资料/vpn
description: Virtual Private Networks shift risk away from your ISP to a third-party you trust. You should keep these things in mind.
---
-虚拟专用网络是一种将你的网络末端延伸到世界其他地方的方式。 ISP可以看到进入和离开你的网络终端设备(即调制解调器)的互联网流量。
+Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
-Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
+Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
-VPN可以提供帮助,因为它可以将信任转移到世界其他地方的服务器上。 因此,ISP只看到你连接到了VPN,而对你传入的活动一无所知。
+Using a VPN hides even this information from your ISP, by shifting the trust you place in your network to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing through it.
+
+!!! note
+
+ When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../vpn.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
+
+## How does a VPN work?
+
+VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
+
+``` mermaid
+flowchart LR
+ 763931["Your Device(with VPN Client)
"] ===|"VPN Encryption"| 404512{"VPN Server"}
+ 404512 -.-|"No VPN Encryption"| 593753((("The Internet\n(Your Destination)")))
+ subgraph 763931["Your Device(with VPN Client)
"]
+ end
+```
+
+Note that a VPN does not add any security or encryption to your traffic between the VPN server and your destination on the internet. To access a website securely you **must** still ensure HTTPS is in use regardless of whether you use a VPN.
## 我应该使用VPN吗?
-**是的**,除非你已经在使用Tor。 VPN做两件事:将风险从你的互联网服务提供商转移到vpn本身,并从第三方服务中隐藏你的IP。
-
-VPN不能对你的设备和VPN服务器之间连接之外的数据进行加密。 VPN供应商可以像你的ISP一样看到并修改你的流量。 而且,没有办法以任何方式验证VPN供应商的 "无记录 "政策。
-
-然而,假如IP没有泄露,他们的确可以向第三方服务隐藏您的实际IP。 它们可以帮助您融入其他人并减轻基于IP的跟踪。
-
-## 什么时候我不应该使用VPN?
-
-Using a VPN in cases where you're using your [known identity](common-misconceptions.md#complicated-is-better) is unlikely be useful.
-
-这样做可能会触发垃圾邮件和欺诈检测系统,例如,如果你要登录银行的网站。
-
-## 那加密呢?
-
-VPN供应商提供的加密是在你的设备和他们的服务器之间。 它保证这个特定的链接是安全的。 这比使用未加密的代理更上一层楼,因为网络上的对手可以截获你的设备和上述代理之间的通信,并修改它们。 然而,你的应用程序或浏览器与服务提供商之间的加密并不由这种加密处理。
-
-为了保持你在你访问的网站上的实际操作的私密性和安全性,你必须使用HTTPS。 这将使你的密码、会话令牌和查询不被VPN供应商发现。 考虑在你的浏览器中启用 "HTTPS everywhere",以减轻降级攻击,如 [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf)。
-
-## 我是否应该使用带有VPN的加密DNS?
-
-除非你的VPN供应商托管加密的DNS服务器,否则 **,不要用**。 使用DOH/DOT(或任何其他形式的加密DNS)与第三方服务器将只是增加了更多的实体信任,对改善你的隐私/安全 **根本没用**。 你的VPN供应商仍然可以根据IP地址和其他方法看到你访问的网站。 你现在不是只信任你的VPN供应商,而是同时信任VPN供应商和DNS供应商。
-
-推荐加密DNS的一个常见原因是,它有助于防止DNS欺骗。 然而,你的浏览器应该已经在检查 [TLS证书](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) 与 **HTTPS** ,并警告你。 如果你没有使用 **HTTPS**,那么对手仍然可以直接修改你的DNS查询以外的任何东西,最终结果将没有什么不同。
-
-更不必说, **,你不应该共用Tor和加密DNS**。 这将把你所有的DNS请求定向到某个单一连接,并允许加密DNS提供商对你进行去匿名化。
-
-## 我应该共用Tor *和* VPN吗?
-
-通过将Vpn与Tor一起使用,您基本上创建了一个永久的入口节点,而且还通常附有资金相关的跟踪线索。 这没有为你带来额外的好处,同时大大增加了连接的攻击面。 如果您希望向ISP或政府隐藏Tor使用情况, Tor有内置的解决方案: Tor桥。 [阅读更多关于Tor桥和为什么使用VPN是没有必要的](tor-overview.md)。
-
-## 那如果我需要匿名呢?
-
-VPN不能提供匿名性。 你的VPN供应商仍然会看到你的真实IP地址,而且往往有一个可以直接关联到你的资金线索。 您不能依赖“无日志记录”策略来保护您的数据。 使用 [Tor](https://www.torproject.org/) 来代替。
-
-## 提供Tor节点的VPN供应商怎么样?
-
-不要使用该功能。 使用Tor的意义在于,你无需信任你的VPN供应商。 目前Tor只支持 [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) 协议。 [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc.), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. 为了弥补这一点,VPN供应商通常会将所有非TCP数据包通过其VPN服务器(你的第一跳)进行路由。 [ProtonVPN](https://protonvpn.com/support/tor-vpn/)就是这种情况。 此外,在使用这种Tor over VPN设置时, 您无法控制其他重要的Tor功能,例如 [目的地址隔离](https://www.whonix.org/wiki/Stream_Isolation) (对您访问的每个域名使用不同的Tor线路)。
-
-该功能应被视为访问Tor网络的一种便捷方式,而不是为了保持匿名。 为了获得适当的匿名性,请使用Tor浏览器、TorSocks或Tor网关。
-
-## VPN何时有用?
-
-VPN在各种情况下仍可能对您有用,例如:
+**Yes**, almost certainly. A VPN has many advantages, including:
1. **仅仅** 向您的Internet服务提供商隐藏流量。
1. 向你的ISP和反盗版组织隐藏你的下载(如torrent)。
-1. 向第三方网站和服务隐藏你的IP,防止基于IP的跟踪。
+1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Allowing you to bypass geo-restrictions on certain content.
-对于这样的情况,或者如果你有其他令人信服的理由,我们上面列出的VPN供应商是我们认为最值得信赖的人。 然而,使用VPN供应商仍然意味着你在 *信任* 该供应商。 几乎在任何其他情况下,你都应该使用一个**由设计保证的** 安全工具,如Tor。
+VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
-## 资料来源及延伸阅读
+VPNs cannot encrypt data outside the connection between your device and the VPN server. VPN providers can also see and modify your traffic the same way your ISP could, so there is still a level of trust you are placing in them. 而且,没有办法以任何方式验证VPN供应商的 "无记录 "政策。
-1. [VPN -一个非常危险的叙事 ](https://schub.io/blog/2019/04/08/very-precarious-narrative.html)作者:丹尼斯·舒伯特( Dennis Schubert )
-1. [Tor网络概述](../advanced/tor-overview.md)
-1. [IVPN隐私指南](https://www.ivpn.net/privacy-guides)
-1. ["我需要一个VPN吗?"](https://www.doineedavpn.com)这是由IVPN开发的一个工具,通过帮助个人决定VPN是否适合他们,来挑战咄咄逼人的VPN营销。
+## When isn't a VPN suitable?
+
+Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely be useful. 这样做可能会触发垃圾邮件和欺诈检测系统,例如,如果你要登录银行的网站。
+
+It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
+
+You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. 为了保持你在你访问的网站上的实际操作的私密性和安全性,你必须使用HTTPS。 This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
+
+## 我是否应该使用带有VPN的加密DNS?
+
+Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. 你的VPN供应商仍然可以根据IP地址和其他方法看到你访问的网站。 All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
+
+Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. 然而,你的浏览器应该已经在检查 [TLS证书](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) 与 **HTTPS** ,并警告你。 如果你没有使用 **HTTPS**,那么对手仍然可以直接修改你的DNS查询以外的任何东西,最终结果将没有什么不同。
+
+## 我应该共用Tor *和* VPN吗?
+
+Maybe, Tor is not necessarily suitable for everybody in the first place. Consider your [threat model](threat-modeling.md), because if your adversary is not capable of extracting information from your VPN provider, using a VPN alone may provide enough protection.
+
+If you do use Tor then you are *probably* best off connecting to the Tor network via a commercial VPN provider. However, this is a complex subject which we've written more about on our [Tor overview](../advanced/tor-overview.md) page.
+
+## Should I access Tor through VPN providers that provide "Tor nodes"?
+
+You should not use that feature: The primary advantage of using Tor is that you do not trust your VPN provider, which is negated when you use Tor nodes hosted by your VPN instead of connecting directly to Tor from your computer.
+
+Currently, Tor only supports the TCP protocol. UDP (used by [WebRTC](https://en.wikipedia.org/wiki/WebRTC), [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3), and other protocols), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol), and other packets will be dropped. 为了弥补这一点,VPN供应商通常会将所有非TCP数据包通过其VPN服务器(你的第一跳)进行路由。 [ProtonVPN](https://protonvpn.com/support/tor-vpn/)就是这种情况。 此外,在使用这种Tor over VPN设置时, 您无法控制其他重要的Tor功能,例如 [目的地址隔离](https://www.whonix.org/wiki/Stream_Isolation) (对您访问的每个域名使用不同的Tor线路)。
+
+The feature should be viewed as a *convenient* way to access hidden services on Tor, not to stay anonymous. For proper anonymity, use the actual [Tor Browser](../tor.md).
+
+## Commercial VPN Ownership
+
+Most VPN services are owned by the same [few companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/). These shady companies run lots of smaller VPN services to create the illusion that you have more choice than you actually do and to maximize profit. Typically, these providers that feed into their shell company have terrible privacy policies and shouldn't be trusted with your internet traffic. You should be very strict about which provider you decide to use.
+
+You should also be wary that many VPN review sites are merely advertising vehicles open to the highest bidder. ==Privacy Guides does not make money from recommending external products, and never uses affiliate programs.==
+
+[Our VPN Recommendations](../vpn.md ""){.md-button}
+
+## Modern VPN Alternatives
+
+Recently, some attempts have been made by various organizations to address some issues which centralized VPNs have. These technologies are relatively new, but worth keeping an eye on as the field develops.
+
+### Multi-Party Relays
+
+Multi-Party Relays (MPRs) use multiple nodes owned by different parties, such that no individual party knows both who you are and what you're connecting to. This is the basic idea behind Tor, but now there are some paid services that try to emulate this model.
+
+MPRs seek to solve a problem inherent to VPNs: the fact that you must trust them completely. They accomplish this goal by segmenting the responsibilities between two or more different companies. For example, Apple's iCloud+ Private Relay routes your traffic through two servers:
+
+1. Firstly, a server operated by Apple.
+
+ This server is able to see your device's IP when you connect to it, and has knowledge of your payment information and Apple ID tied to your iCloud subscription. However, it is unable to see what website you are connecting to.
+
+2. Secondly, a server operated by a partner CDN, such as Cloudflare or Fastly.
+
+ This server actually makes the connection to your destination website, but has no knowledge of your device. The only IP address it knows about is Apple's server's.
+
+Other MPRs run by different companies like Google or INVISV operate in a very similar manner. This protection by segmentation only exists if you trust the two companies to not collude with each other to deanonymize you.
+
+### Decentralized VPNs
+
+Another attempt at solving the issues with centralized VPN services are dVPNs. These are based on blockchain technology and claim to eliminate trust in a single party by distributing the nodes across lots of different people. However, many times a dVPN will default to a single node, meaning you need to trust that node completely, just like a traditional VPN. Unlike a traditional VPN, this one node that can see all your traffic is a random person instead of your VPN provider that can be audited and has legal responsibilities to uphold their privacy policy. Multi-hop is needed to solve this, but that comes with a stability and performance cost.
+
+Another consideration is legal liability. The exit node will need to deal with legal problems from misuse of the network, an issue that the Tor network has contended with for its entire existence. This discourages regular people from running nodes and makes it more attractive for a malicious actor with lots of resources to host one. This is a big problem if the service is single-node, as the potentially malicious exit node can see who you are and what you're connecting to.
+
+Many dVPNs are used to push a cryptocurrency rather than to make the best service. They also tend to be smaller networks with fewer nodes, making them more vulnerable to [Sybil attacks](https://en.wikipedia.org/wiki/Sybil_attack).
## VPN的相关信息
@@ -76,3 +112,4 @@ VPN在各种情况下仍可能对您有用,例如:
- [免费VPN应用调查](https://www.top10vpn.com/free-vpn-app-investigation/)
- [揭开隐蔽VPN所有者的面纱:101个VPN产品仅由23家公司运营](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [这家中国公司秘密地在24个流行的应用程序背后寻求危险的权限](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
+- [VPN -一个非常危险的叙事 ](https://schub.io/blog/2019/04/08/very-precarious-narrative.html)作者:丹尼斯·舒伯特( Dennis Schubert )
diff --git a/i18n/zh/desktop.md b/i18n/zh/desktop.md
index 2af0b1a5..fa4cfedd 100644
--- a/i18n/zh/desktop.md
+++ b/i18n/zh/desktop.md
@@ -120,11 +120,9 @@ Nix是一个基于源代码的软件包管理器;如果在二进制缓存中
Whonix旨在作为两个虚拟机运行:一个 "工作站 "和一个Tor "网关"。 工作站的所有通信都必须通过Tor网关。 这意味着,即使工作站被某种恶意软件入侵,真实的IP地址仍然是隐藏的。
-它的一些功能包括Tor流隔离, [按键匿名化](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [加密的交换](https://github.com/Whonix/swap-file-creator),以及一个加固的内存分配器。
+Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
-Whonix的未来版本可能包括 [全系统AppArmor策略](https://github.com/Whonix/apparmor-profile-everything) 和 [沙盒应用程序启动器](https://www.whonix.org/wiki/Sandbox-app-launcher) ,以完全限制系统上的所有进程。
-
-[Whonix最好与Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers),Qubes-Whonix与其他管理程序相比有各种 [,缺点](https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581)。
+Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
diff --git a/i18n/zh/device-integrity.md b/i18n/zh/device-integrity.md
new file mode 100644
index 00000000..f6288aea
--- /dev/null
+++ b/i18n/zh/device-integrity.md
@@ -0,0 +1,223 @@
+---
+title: Device Integrity
+icon: material/security
+description: These tools can be used to check your devices for compromise.
+cover: device-integrity.webp
+---
+
+These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
+
+!!! note "This is an advanced topic"
+
+```
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
+```
+
+It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
+
+## General Advice
+
+The majority of system-level exploits on modern mobile devices—especially zero-click compromises—are non-persistent, meaning they will not remain or run automatically after a reboot. For this reason, we highly recommend rebooting your device regularly. We recommend everybody reboot their devices once a week at minimum, but if non-persistent malware is of particular concern for you, we and many security experts recommend a daily reboot schedule.
+
+This means an attacker would have to regularly re-infect your device to retain access, although we'll note this is not impossible. Rebooting your device also will not protect you against _persistent_ malware, but this is less common on mobile devices due to modern security features like secure/verified boot.
+
+## Post-Compromise Information & Disclaimer
+
+If any of the following tools indicate a potential compromise by spyware such as Pegasus, Predator, or KingsPawn, we advise that you contact:
+
+- If you are a human rights defender, journalist, or from a civil society organization: [Amnesty International's Security Lab](https://securitylab.amnesty.org/contact-us/)
+- If a business or government device is compromised: Contact the appropriate security liason at your enterprise, department, or agency
+- Local law enforcement
+
+**We are unable to help you directly beyond this.** We are happy to discuss your specific situation or circumstances and review your results in our [community](https://discuss.privacyguides.net) spaces, but it is unlikely we can assist you beyond what is written on this page.
+
+The tools on this page are only capable of detecting indicators of compromise, not removing them. If you are concerned about having been compromised, we advise that you:
+
+- Consider replacing the device completely
+- Consider changing your SIM/eSIM number
+- Not restore from a backup, because that backup may be compromised
+
+These tools provide analysis based on the information they have the ability to access from your device, and publicly-accessible indicators of compromise. It is important to keep in mind two things:
+
+1. Indicators of compromise are just that: _indicators_. They are not a definitive finding, and may occasionally be **false positives**. If an indicator of compromise is detected, it means you should do additional research into the _potential_ threat.
+2. The indicators of compromise these tools look for are published by threat research organizations, but not all indicators are made available to the public! This means that these tools can present a **false negative**, if your device is infected with spyware which is not detected by any of the public indicators. Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+## External Verification Tools
+
+External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
+
+!!! 危险
+
+```
+Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
+
+Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
+
+Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Now’s Digital Security Helpline](https://www.accessnow.org/help/).
+```
+
+These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
+
+### Mobile Verification Toolkit
+
+!!! recommendation
+
+```
+{ align=right }
+
+**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
+
+[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
+[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
+
+??? downloads
+
+ - [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
+ - [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
+```
+
+!!! 推荐
+
+```
+Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
+
+If you use iOS and are at high-risk, we have three additional suggestions for you:
+
+1. Create and keep regular (monthly) iTunes backups. This allows you to find and diagnose past infections later with MVT, if new threats are discovered in the future.
+
+2. Trigger _sysdiagnose_ logs often and back them up externally. These logs can provide invaluable data to future forensic investigators if need be.
+
+ The process to do so varies by model, but you can trigger it on newer phones by holding down _Power_ + _Volume Up_ + _Volume Down_ until you feel a brief vibration. After a few minutes, the timestamped _sysdiagnose_ log will appear in **Settings** > **Privacy & Security** > **Analytics & Improvements** > **Analytics Data**.
+
+3. Enable [Lockdown Mode](https://blog.privacyguides.org/2022/10/27/macos-ventura-privacy-security-updates/#lockdown-mode).
+
+MVT allows you to perform deeper scans/analysis if your device is jailbroken. Unless you know what you are doing, **do not jailbreak or root your device.** Jailbreaking your device exposes it to considerable security risks.
+
+### iMazing (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
+
+[:octicons-home-16: Homepage](https://imazing.com/){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-windows11: Windows](https://imazing.com/download)
+ - [:simple-apple: macOS](https://imazing.com/download)
+```
+
+iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
+
+## On-Device Verification
+
+These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
+
+!!! 推荐
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Auditor (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
+
+[:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
+[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
+ - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
+ - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
+```
+
+Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
+
+Auditor performs attestation and intrusion detection with **two** devices, an _auditee_ (the device being verified) and an _auditor_ (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](android.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
+
+- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an _auditor_ and _auditee_, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the _Auditor_.
+- The _auditor_ can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
+- The _auditor_ records the current state and configuration of the _auditee_.
+- Should tampering with the operating system of the _auditee_ happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
+- You will be alerted to the change.
+
+It is important to note that Auditor can only effectively detect changes **after** the initial pairing, not necessarily during or before due to its TOFU model. To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
+
+No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
+
+If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
+
+## On-Device Scanners
+
+These are apps you can install on your device which scan your device for signs of compromise.
+
+!!! 推荐
+
+```
+Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
+```
+
+### Hypatia (Android)
+
+!!! recommendation
+
+```
+{ align=right }
+{ align=right }
+
+**Hypatia** is an open source real-time malware scanner for Android, from the developer of [DivestOS](android.md#divestos). It accesses the internet to download signature database updates, but does not upload your files or any metadata to the cloud (scans are performed entirely locally).
+
+[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#hypatia){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://divestos.org/pages/privacy_policy#hypatia){ .card-link title="Privacy Policy" }
+[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
+
+??? downloads
+
+ - [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
+```
+
+Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
+
+### iVerify (iOS)
+
+!!! recommendation
+
+```
+{ align=right }
+
+**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+
+[:octicons-home-16: Homepage](https://www.iverify.io/consumer){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
+
+??? downloads
+
+ - [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
+```
+
+Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.
+
+iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example.
+
+In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google.
diff --git a/i18n/zh/os/qubes-overview.md b/i18n/zh/os/qubes-overview.md
index 0cf96212..f4a50667 100644
--- a/i18n/zh/os/qubes-overview.md
+++ b/i18n/zh/os/qubes-overview.md
@@ -52,6 +52,25 @@ The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Q
+## Connecting to Tor via a VPN
+
+We [recommend](../advanced/tor-overview.md) connecting to the Tor network via a [VPN](../vpn.md) provider, and luckily Qubes makes this easy to do with a combination of ProxyVMs and Whonix.
+
+After [creating a new ProxyVM](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) which connects to the VPN of your choice, you can chain your Whonix qubes to that ProxyVM **before** they connect to the Tor network, by setting the NetVM of your Whonix **Gateway** (`sys-whonix`) to the newly-created ProxyVM.
+
+Your qubes should be configured in a manner similar to this:
+
+| Qube name | Qube description | NetVM |
+| --------------- | ---------------------------------------------------------------------------------------------------------------- | --------------- |
+| sys-net | *Your default network qube (pre-installed)* | *n/a* |
+| sys-firewall | *Your default firewall qube (pre-installed)* | sys-net |
+| ==sys-proxyvm== | The VPN ProxyVM you [created](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md) | sys-firewall |
+| sys-whonix | Your Whonix Gateway VM | ==sys-proxyvm== |
+| anon-whonix | Your Whonix Workstation VM | sys-whonix |
+
+
+
+
## 其它资源
关于其他信息,我们鼓励你查阅位于 [Qubes OS网站上的大量Qubes OS文档页面](https://www.qubes-os.org/doc/)。 离线拷贝可以从Qubes OS [文档库中下载](https://github.com/QubesOS/qubes-doc)。
diff --git a/i18n/zh/tools.md b/i18n/zh/tools.md
index a791ff62..d1dbd461 100644
--- a/i18n/zh/tools.md
+++ b/i18n/zh/tools.md
@@ -163,6 +163,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji }{ .twemoji } [Privacy.com](financial-services.md#privacycom-us)
- { .twemoji }{ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
+
[了解更多 :hero-arrow-circle-right-fill:](financial-services.md#payment-masking-services)
@@ -439,7 +440,6 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
- { .twemoji } [Obtainium (App Manager)](android.md#obtainium)
- { .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- { .twemoji } [Shelter (Work Profiles)](android.md#shelter)
-- { .twemoji }{ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- { .twemoji }{ .twemoji } [Secure Camera](android.md#secure-camera)
- { .twemoji }{ .twemoji } [Secure PDF Viewer](android.md#secure-pdf-viewer)
@@ -476,3 +476,21 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
[了解更多 :hero-arrow-circle-right-fill:](router.md)
+
+## Advanced Tools
+
+These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to utilize effectively.
+
+### Device Integrity Verification
+
+
+
+- { .twemoji } [Mobile Verification Toolkit](device-integrity.md#mobile-verification-toolkit)
+- { .twemoji } [iMazing (iOS)](device-integrity.md#imazing-ios)
+- { .twemoji }{ .twemoji } [Auditor (Android)](device-integrity.md#auditor-android)
+- { .twemoji }{ .twemoji } [Hypatia (Android)](device-integrity.md#hypatia-android)
+- { .twemoji } [iVerify (iOS)](device-integrity.md#iverify-ios)
+
+
+
+[了解更多 :hero-arrow-circle-right-fill:](device-integrity.md)
diff --git a/i18n/zh/tor.md b/i18n/zh/tor.md
index 1f26629d..4b38ce87 100644
--- a/i18n/zh/tor.md
+++ b/i18n/zh/tor.md
@@ -39,7 +39,15 @@ Tor的工作原理是通过这些志愿者操作的服务器路由您的互联
## 连接到Tor
-有多种方法可以从您的设备连接到Tor网络,最常用的是 **Tor浏览器**,这是Firefox的一个分支,专为桌面计算机和Android的匿名浏览而设计。 除了下面列出的应用程序,还有专门设计用于连接到Tor网络的操作系统,例如 [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os),它提供了比标准Tor浏览器更高的安全性和保护。
+!!! tip
+
+ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-overview.md) on what Tor is and how to connect to it safely. We often recommend connecting to Tor through a trusted [VPN provider](vpn.md), but you have to do so **properly** to avoid decreasing your anonymity.
+
+有多种方法可以从您的设备连接到Tor网络,最常用的是 **Tor浏览器**,这是Firefox的一个分支,专为桌面计算机和Android的匿名浏览而设计。
+
+Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
+
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
### Tor浏览器
@@ -69,6 +77,8 @@ Tor的工作原理是通过这些志愿者操作的服务器路由您的互联
Tor浏览器旨在防止指纹识别,或根据您的浏览器配置识别您。 Therefore, it is imperative that you do **not** modify the browser beyond the default [security levels](https://tb-manual.torproject.org/security-settings/).
+In addition to installing Tor Browser on your computer directly, there are also operating systems designed specifically to connect to the Tor network such as [Whonix](desktop.md#whonix) on [Qubes OS](desktop.md#qubes-os), which provide even greater security and protections than the standard Tor Browser alone.
+
### Orbot
!!! recommendation
diff --git a/includes/strings.ar.yml b/includes/strings.ar.yml
index e8aa2ed8..eb5a309a 100644
--- a/includes/strings.ar.yml
+++ b/includes/strings.ar.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: تصفح الإنترنت
Providers: مقدمو الخدمات
Software: البرامج
+ Advanced: Advanced
About: نبذة
Community: المجتمع
Online Services: خدمات الإنترنت
diff --git a/includes/strings.bn-IN.yml b/includes/strings.bn-IN.yml
index 1eebfce3..843d6f7a 100644
--- a/includes/strings.bn-IN.yml
+++ b/includes/strings.bn-IN.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: Internet Browsing
Providers: Providers
Software: Software
+ Advanced: Advanced
About: About
Community: Community
Online Services: Online Services
diff --git a/includes/strings.bn.yml b/includes/strings.bn.yml
index ab0a57eb..e012ff14 100644
--- a/includes/strings.bn.yml
+++ b/includes/strings.bn.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: ইন্টারনেট পরিব্রাজন
Providers: সরবরাহকারী
Software: সফটওয়্যার
+ Advanced: Advanced
About: পরিচিতি
Community: সম্প্রদায়
Online Services: অনলাইন সেবা
diff --git a/includes/strings.cs.yml b/includes/strings.cs.yml
index 9d5ca423..46243cd2 100644
--- a/includes/strings.cs.yml
+++ b/includes/strings.cs.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: Prohlížení Internetu
Providers: Poskytovatelé
Software: Software
+ Advanced: Advanced
About: O nás
Community: Komunita
Online Services: Online služby
diff --git a/includes/strings.de.yml b/includes/strings.de.yml
index 32deffa2..02ccd993 100644
--- a/includes/strings.de.yml
+++ b/includes/strings.de.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: Im Internet Surfen
Providers: Anbieter
Software: Software
+ Advanced: Advanced
About: Über uns
Community: Community
Online Services: Onlinedienste
diff --git a/includes/strings.el.yml b/includes/strings.el.yml
index b89f5a92..9ef32e08 100644
--- a/includes/strings.el.yml
+++ b/includes/strings.el.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: Internet Browsing
Providers: Providers
Software: Software
+ Advanced: Advanced
About: About
Community: Community
Online Services: Online Services
diff --git a/includes/strings.eo.yml b/includes/strings.eo.yml
index 881f2190..3cc878f6 100644
--- a/includes/strings.eo.yml
+++ b/includes/strings.eo.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: Retumado
Providers: Provizantoj
Software: Programaro
+ Advanced: Advanced
About: Pri
Community: Komunumo
Online Services: Enretaj Servicoj
diff --git a/includes/strings.es.yml b/includes/strings.es.yml
index e58d03e6..4e154e55 100644
--- a/includes/strings.es.yml
+++ b/includes/strings.es.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: Navegación por Internet
Providers: Proveedores
Software: Software
+ Advanced: Advanced
About: Acerca de
Community: Comunidad
Online Services: Servicios en línea
diff --git a/includes/strings.fa.yml b/includes/strings.fa.yml
index b143d36a..d055e94c 100644
--- a/includes/strings.fa.yml
+++ b/includes/strings.fa.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: گشت و گزار در اینترنت
Providers: تامینکنندهگان
Software: نرم افزار
+ Advanced: Advanced
About: درباره ما
Community: انجمن
Online Services: خدمات آنلاین
diff --git a/includes/strings.fr.yml b/includes/strings.fr.yml
index 87354cdd..b79ec572 100644
--- a/includes/strings.fr.yml
+++ b/includes/strings.fr.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: Navigation internet
Providers: Fournisseurs
Software: Logiciels
+ Advanced: Advanced
About: À propos
Community: Communauté
Online Services: Services en ligne
diff --git a/includes/strings.he.yml b/includes/strings.he.yml
index effb1709..31eed9ab 100644
--- a/includes/strings.he.yml
+++ b/includes/strings.he.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: גלישה באינטרנט
Providers: ספקים
Software: תוכנה
+ Advanced: Advanced
About: על אודות
Community: קהילה
Online Services: שירותים מקוונים
diff --git a/includes/strings.hi.yml b/includes/strings.hi.yml
index 4501f421..8a1b4bf5 100644
--- a/includes/strings.hi.yml
+++ b/includes/strings.hi.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: Internet Browsing
Providers: Providers
Software: Software
+ Advanced: Advanced
About: About
Community: Community
Online Services: Online Services
diff --git a/includes/strings.hu.yml b/includes/strings.hu.yml
index 46fa5ad6..cc3d09ff 100644
--- a/includes/strings.hu.yml
+++ b/includes/strings.hu.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: Internet Böngészés
Providers: Szolgáltatók
Software: Szoftver
+ Advanced: Advanced
About: Rólunk
Community: Közösség
Online Services: Online Szolgáltatások
diff --git a/includes/strings.id.yml b/includes/strings.id.yml
index feb4b24e..3c9659b6 100644
--- a/includes/strings.id.yml
+++ b/includes/strings.id.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: Penjelajahan Internet
Providers: Providers
Software: Perangkat lunak
+ Advanced: Advanced
About: Tentang
Community: Komunitas
Online Services: Layanan Daring
diff --git a/includes/strings.it.yml b/includes/strings.it.yml
index 44321a6e..89ebfcd1 100644
--- a/includes/strings.it.yml
+++ b/includes/strings.it.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: Navigazione su Internet
Providers: Fornitori
Software: Software
+ Advanced: Advanced
About: Informazioni
Community: Community
Online Services: Servizi Online
diff --git a/includes/strings.ja.yml b/includes/strings.ja.yml
index 1a673ac1..d7b5d160 100644
--- a/includes/strings.ja.yml
+++ b/includes/strings.ja.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: インターネットブラウジング
Providers: プロバイダ
Software: ソフトウェア
+ Advanced: Advanced
About: 概要
Community: コミュニティ
Online Services: オンラインサービス
diff --git a/includes/strings.ko.yml b/includes/strings.ko.yml
index 52ef1a65..3300f987 100644
--- a/includes/strings.ko.yml
+++ b/includes/strings.ko.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: 인터넷 탐색
Providers: 서비스 제공자
Software: 소프트웨어
+ Advanced: Advanced
About: 소개
Community: 커뮤니티
Online Services: 온라인 서비스
diff --git a/includes/strings.ku-IQ.yml b/includes/strings.ku-IQ.yml
index 55ebe270..739424eb 100644
--- a/includes/strings.ku-IQ.yml
+++ b/includes/strings.ku-IQ.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: Internet Browsing
Providers: Providers
Software: Software
+ Advanced: Advanced
About: About
Community: Community
Online Services: Online Services
diff --git a/includes/strings.nl.yml b/includes/strings.nl.yml
index 69432b54..e32e811a 100644
--- a/includes/strings.nl.yml
+++ b/includes/strings.nl.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: Surfen op het internet
Providers: Providers
Software: Software
+ Advanced: Advanced
About: Over ons
Community: Gemeenschap
Online Services: Online diensten
diff --git a/includes/strings.pl.yml b/includes/strings.pl.yml
index 1593f006..2e663f4a 100644
--- a/includes/strings.pl.yml
+++ b/includes/strings.pl.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: Przeglądanie Internetu
Providers: Dostawcy
Software: Oprogramowanie
+ Advanced: Advanced
About: O aplikacji
Community: Społeczność
Online Services: Usługi online
diff --git a/includes/strings.pt-BR.yml b/includes/strings.pt-BR.yml
index 7d094f38..23611bed 100644
--- a/includes/strings.pt-BR.yml
+++ b/includes/strings.pt-BR.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: Navegação na Internet
Providers: Provedores
Software: Software (Programa)
+ Advanced: Advanced
About: Sobre
Community: Comunidade
Online Services: Serviços Online
diff --git a/includes/strings.pt.yml b/includes/strings.pt.yml
index b70c93dd..4d2c4407 100644
--- a/includes/strings.pt.yml
+++ b/includes/strings.pt.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: Navegação na Internet
Providers: Fornecedores
Software: Software
+ Advanced: Advanced
About: Sobre nós
Community: Comunidade
Online Services: Serviços Online
diff --git a/includes/strings.ru.yml b/includes/strings.ru.yml
index bd4ef29a..9f587121 100644
--- a/includes/strings.ru.yml
+++ b/includes/strings.ru.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: Интернет-браузинг
Providers: Провайдеры
Software: Программное обеспечение
+ Advanced: Advanced
About: О сайте
Community: Сообщество
Online Services: Онлайн-сервисы
diff --git a/includes/strings.sv.yml b/includes/strings.sv.yml
index 916d4a56..d141f104 100644
--- a/includes/strings.sv.yml
+++ b/includes/strings.sv.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: Internet Browsing
Providers: Providers
Software: Programvara
+ Advanced: Advanced
About: About
Community: Community
Online Services: Online Services
diff --git a/includes/strings.tr.yml b/includes/strings.tr.yml
index a5761529..d1265016 100644
--- a/includes/strings.tr.yml
+++ b/includes/strings.tr.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: İnternette Gezinme
Providers: Sağlayıcılar
Software: Yazılım
+ Advanced: Advanced
About: Hakkında
Community: Topluluk
Online Services: Çevrimiçi Hizmetler
diff --git a/includes/strings.uk.yml b/includes/strings.uk.yml
index ca56377a..463e7ed0 100644
--- a/includes/strings.uk.yml
+++ b/includes/strings.uk.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: Internet Browsing
Providers: Providers
Software: Software
+ Advanced: Advanced
About: About
Community: Community
Online Services: Онлайн-сервіси
diff --git a/includes/strings.vi.yml b/includes/strings.vi.yml
index 9eac4074..37fcd072 100644
--- a/includes/strings.vi.yml
+++ b/includes/strings.vi.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: Internet Browsing
Providers: Providers
Software: Software
+ Advanced: Advanced
About: About
Community: Community
Online Services: Dịch Vụ Trực Tuyến
diff --git a/includes/strings.zh-Hant.yml b/includes/strings.zh-Hant.yml
index 9fec96f6..ec08bfd6 100644
--- a/includes/strings.zh-Hant.yml
+++ b/includes/strings.zh-Hant.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: 網際網路瀏覽
Providers: 提供者
Software: 軟體
+ Advanced: Advanced
About: 關於
Community: 社群
Online Services: 線上服務
diff --git a/includes/strings.zh.yml b/includes/strings.zh.yml
index 49aa1b26..5d8f0d7b 100644
--- a/includes/strings.zh.yml
+++ b/includes/strings.zh.yml
@@ -36,6 +36,7 @@ nav:
Internet Browsing: 网页浏览
Providers: 供应商
Software: 软件
+ Advanced: Advanced
About: 关于
Community: 社区
Online Services: 在线服务