privacyguides/i18n
1
0
Fork 0
mirror of https://github.com/privacyguides/i18n.git synced 2025-08-28 17:09:16 +00:00
Code Activity

New Crowdin translations by GitHub Action

Browse Source
This commit is contained in:
Crowdin Bot
2023-04-20 04:04:21 +00:00
parent 24759ff0b0
commit 6550198ac9
58 changed files with 399 additions and 395 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
i18n/zh-Hant/dns.md
View File

@@ -11,14 +11,14 @@ cover: dns.png
## 推薦的 DNS 提供商
| DNS 提供者 | 隐私政策 | 協議 | 日誌記錄 | ECS | 篩選 |
| ------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------- | ------------------------------------------------------------- | ------ | --- | -------------------------------------------------------------------------------------------------------------------------- |
| [**AdGuard**](https://adguard.com/en/adguard-dns/overview.html) | [:octicons-link-external-24:](https://adguard.com/en/privacy/dns.html) | Cleartext <br> DoH/3 <br> DoT <br> DNSCrypt | 一些[^1] | 不是 | Based on personal configuration. 使用的過濾器列表可以在這裡找到。 [:octicons-link-external-24:](https://github.com/AdguardTeam/AdGuardDNS) |
| [**Cloudflare**](https://developers.cloudflare.com/1.1.1.1/setting-up-1.1.1.1/) | [:octicons-link-external-24:](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/) | 明文 <br> DoH/3 <br> DoT | 一些[^2] | 不是 | Based on personal configuration. |
| [**Control D**](https://controld.com/free-dns) | [:octicons-link-external-24:](https://controld.com/privacy) | 明文 <br> DoH/3 <br> DoT <br> DoQ | 可選[^3] | 不是 | Based on personal configuration. |
| [**Mullvad**](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) | [:octicons-link-external-24:](https://mullvad.net/en/help/no-logging-data-policy/) | DoH <br> DoT | 否[^4] | 不是 | Based on personal configuration. 正在使用的過濾器列表可以在這裡找到。 [:octicons-link-external-24:](https://github.com/mullvad/dns-adblock) |
| [**NextDNS**](https://www.nextdns.io) | [:octicons-link-external-24:](https://www.nextdns.io/privacy) | 明文 <br> DoH/3 <br> DoT | 可選[^5] | 可選的 | Based on personal configuration. |
| [**Quad9**](https://quad9.net) | [:octicons-link-external-24:](https://quad9.net/privacy/policy/) | 明文 <br> DoH <br> DoT <br> DNSCrypt | 一些[^6] | 可選的 | Based on personal configuration, Malware blocking by default. |
| DNS 提供者 | 隐私政策 | 協議 | 日誌記錄 | ECS | 篩選 |
| ------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------- | ------------------------------------------------------------- | ------ | --- | ------------------------------------------------------------------------------------------------- |
| [**AdGuard**](https://adguard.com/en/adguard-dns/overview.html) | [:octicons-link-external-24:](https://adguard.com/en/privacy/dns.html) | Cleartext <br> DoH/3 <br> DoT <br> DNSCrypt | 一些[^1] | 不是 | 根據個人配置。 使用的過濾器列表可以在這裡找到。 [:octicons-link-external-24:](https://github.com/AdguardTeam/AdGuardDNS) |
| [**Cloudflare**](https://developers.cloudflare.com/1.1.1.1/setting-up-1.1.1.1/) | [:octicons-link-external-24:](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/) | 明文 <br> DoH/3 <br> DoT | 一些[^2] | 不是 | 根據個人配置。 |
| [**Control D**](https://controld.com/free-dns) | [:octicons-link-external-24:](https://controld.com/privacy) | 明文 <br> DoH/3 <br> DoT <br> DoQ | 可選[^3] | 不是 | 根據個人配置。 |
| [**Mullvad**](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) | [:octicons-link-external-24:](https://mullvad.net/en/help/no-logging-data-policy/) | DoH <br> DoT | 否[^4] | 不是 | 根據個人配置。 正在使用的過濾器列表可以在這裡找到。 [:octicons-link-external-24:](https://github.com/mullvad/dns-adblock) |
| [**NextDNS**](https://www.nextdns.io) | [:octicons-link-external-24:](https://www.nextdns.io/privacy) | 明文 <br> DoH/3 <br> DoT | 可選[^5] | 可選的 | 根據個人配置。 |
| [**Quad9**](https://quad9.net) | [:octicons-link-external-24:](https://quad9.net/privacy/policy/) | 明文 <br> DoH <br> DoT <br> DNSCrypt | 一些[^6] | 可選的 | 根據個人設定,預設會封鎖惡意軟體。 |
### 標準
@@ -33,13 +33,13 @@ cover: dns.png
- 可讓 [ECS](advanced/dns-overview.md#what-is-edns-client-subnet-ecs)禁用 。
- 首選 [anycast](https://en.wikipedia.org/wiki/Anycast#Addressing_methods) 支援或地理轉向支援。
## Native Operating System Support
## 原生作業系統支援
### 安卓
Android 9 以上版本支持 DoT (DNS over TLS)。 設定方式可以在以下位置找到: **設定** &rarr; **網路 & 網際網路** &rarr; **私人 DNS**
### Apple Devices
### Apple裝置
最新版本的 iOS、iPadOS、tvOS 和 macOS 都支持 DoT 和 DoH。 這兩個通訊協議都透過 [組態檔](https://support.apple.com/guide/security/configuration-profile-enforcement-secf6fb9f053/web) 或透過 [DNS 設定 API ](https://developer.apple.com/documentation/networkextension/dns_settings)獲得原生支援。
@@ -101,7 +101,7 @@ Apple不提供用於建立加密DNS設定檔的原生介面。 [Secure DNS profi
在被控制平臺,自主託管 DNS 可提供有用的過濾,例如智能電視和其他物聯網設備,因為不需要客戶端軟件。
### AdGuard Home
### AdGuard首頁
!!! recommendation

4
i18n/zh-Hant/financial-services.md
View File

@@ -75,9 +75,9 @@ Privacy.com 預設情況下將您購買的商家資訊提供給您的銀行。
!!! recommendation
! [CakePay 標誌] (assets/img/financial-services/coincards.svg) {align = right}
![CoinCards logo](assets/img/financial-services/coincards.svg){ align=right }
* * CoinCards * * (在美國和加拿大可用)允許您購買各商家禮品卡。
**CoinCards** (available in the US and Canada) allows you to purchase gift cards for a large variety of merchants.
[:octicons-home-16: Homepage](https://coincards.com/){ .md-button .md-button--primary }
[:octicons-eye-16:](https://coincards.com/privacy-policy/){ .card-link title="Privacy Policy" }

42
i18n/zh-Hant/os/android-overview.md
View File

@@ -1,32 +1,32 @@
---
title: Android Overview
title: Android 概述
icon: simple/android
description: Android is an open-source operating system with strong security protections, which makes it our top choice for phones.
description: Android是一個開源作業系統,具有強大的安全保護,使其成為手機的首選。
---
Android is a secure operating system that has strong [app sandboxing](https://source.android.com/security/app-sandbox), [Verified Boot](https://source.android.com/security/verifiedboot) (AVB), and a robust [permission](https://developer.android.com/guide/topics/permissions/overview) control system.
Android是一個安全的操作系統,具有強大的 [應用程式沙盒](https://source.android.com/security/app-sandbox) [Verified Boot](https://source.android.com/security/verifiedboot) AVB)和強大的 [許可](https://developer.android.com/guide/topics/permissions/overview) 控制系統。
## Choosing an Android Distribution
## 選擇Android 發佈版本
When you buy an Android phone, the device's default operating system often comes with invasive integration with apps and services that are not part of the [Android Open-Source Project](https://source.android.com/). An example of such is Google Play Services, which has irrevocable privileges to access your files, contacts storage, call logs, SMS messages, location, camera, microphone, hardware identifiers, and so on. These apps and services increase the attack surface of your device and are the source of various privacy concerns with Android.
當購買 Android 手機時,該設備的預設作業系統通常放入非 [Android 開源專案](https://source.android.com/)的應用程式與服務,成為侵入性整合。 例如, Google Play 服務擁有不可撤銷的權限可存取您的檔案、聯絡人儲存空間、通話記錄、SMS訊息、位置、攝影機、麥克風、硬體識別碼等。 這些應用程式和服務增加了設備的攻擊面,成為 Android 各種隱私問題的來源。
This problem could be solved by using a custom Android distribution that does not come with such invasive integration. Unfortunately, many custom Android distributions often violate the Android security model by not supporting critical security features such as AVB, rollback protection, firmware updates, and so on. Some distributions also ship [`userdebug`](https://source.android.com/setup/build/building#choose-a-target) builds which expose root via [ADB](https://developer.android.com/studio/command-line/adb) and require [more permissive](https://github.com/LineageOS/android_system_sepolicy/search?q=userdebug&type=code) SELinux policies to accommodate debugging features, resulting in a further increased attack surface and weakened security model.
這個問題可以通過使用自訂的 Android 發行版來解決,而這些發行版不會附帶這種侵入性整合。 不幸的是,許多自定義 Android 發行版常常違反 Android 安全模式,不支持重要的安全功能,如 AVB 、回滾保護、韌體更新等。 一些發行版還提供了 [`userdebug`](https://source.android.com/setup/build/building#choose-a-target) 版本,這類版本可通過 [ ADB ](https://developer.android.com/studio/command-line/adb) 暴露了根目錄,且要求 [更寬鬆的](https://github.com/LineageOS/android_system_sepolicy/search?q=userdebug&type=code) SELinux政策以適應調試,導致進一步增加攻擊面並削弱安全模型。
Ideally, when choosing a custom Android distribution, you should make sure that it upholds the Android security model. At the very least, the distribution should have production builds, support for AVB, rollback protection, timely firmware and operating system updates, and SELinux in [enforcing mode](https://source.android.com/security/selinux/concepts#enforcement_levels). All of our recommended Android distributions satisfy these criteria.
理想情況下,在選擇客製 Android 發行版時應該確保它符合Android 安全模型。 至少該發行版應該具有生產構建支持AVB 回滾保護及時韌體和操作系統更新以及SELinux [開啟模式](https://source.android.com/security/selinux/concepts#enforcement_levels)。 我們推薦的 Android 發行版都符合這些標準。
[Our Android System Recommendations :material-arrow-right-drop-circle:](../android.md ""){.md-button}
[Android 系統建議 :material-arrow-right-drop-circle:](../android.md ""){.md-button}
## Avoid Rooting
## 避免 Root
[Rooting](https://en.wikipedia.org/wiki/Rooting_(Android)) Android phones can decrease security significantly as it weakens the complete [Android security model](https://en.wikipedia.org/wiki/Android_(operating_system)#Security_and_privacy). This can decrease privacy should there be an exploit that is assisted by the decreased security. Common rooting methods involve directly tampering with the boot partition, making it impossible to perform successful Verified Boot. Apps that require root will also modify the system partition meaning that Verified Boot would have to remain disabled. Having root exposed directly in the user interface also increases the [attack surface](https://en.wikipedia.org/wiki/Attack_surface) of your device and may assist in [privilege escalation](https://en.wikipedia.org/wiki/Privilege_escalation) vulnerabilities and SELinux policy bypasses.
[Rooting](https://en.wikipedia.org/wiki/Rooting_(Android)) Android phones can decrease security significantly as it weakens the complete [Android security model](https://en.wikipedia.org/wiki/Android_(operating_system)#Security_and_privacy). 這可能會降低隱私,如果有一個漏洞被降低的安全性所輔助。 常見的 root 方法涉及直接篡改開機分割區以至於造成無法成功執行Verified Boot。 需要 root 的應用程式也會修改系統分割區,這意味著 Verified Boot 必須維持停用。 直接在使用者介面中暴露 root 也會增加裝置的 [攻擊面](https://en.wikipedia.org/wiki/Attack_surface) ,助長 [特權升級](https://en.wikipedia.org/wiki/Privilege_escalation) 漏洞和 SELinux 政策繞過。
Adblockers, which modify the [hosts file](https://en.wikipedia.org/wiki/Hosts_(file)) (AdAway) and firewalls (AFWall+) which require root access persistently are dangerous and should not be used. They are also not the correct way to solve their intended purposes. For Adblocking we suggest encrypted [DNS](../dns.md) or [VPN](../vpn.md) server blocking solutions instead. RethinkDNS, TrackerControl and AdAway in non-root mode will take up the VPN slot (by using a local loopback VPN) preventing you from using privacy enhancing services such as Orbot or a real VPN server.
修改 [hosts file](https://en.wikipedia.org/wiki/Hosts_(file)) (AdAway)和永久需要root存取的防火牆(AFWall +)的Adblocker是危險的不應該使用。 They are also not the correct way to solve their intended purposes. For Adblocking we suggest encrypted [DNS](../dns.md) or [VPN](../vpn.md) server blocking solutions instead. RethinkDNS, TrackerControl and AdAway in non-root mode will take up the VPN slot (by using a local loopback VPN) preventing you from using privacy enhancing services such as Orbot or a real VPN server.
AFWall+ works based on the [packet filtering](https://en.wikipedia.org/wiki/Firewall_(computing)#Packet_filter) approach and may be bypassable in some situations.
We do not believe that the security sacrifices made by rooting a phone are worth the questionable privacy benefits of those apps.
## Verified Boot
## 已驗證的啟動
[Verified Boot](https://source.android.com/security/verifiedboot) is an important part of the Android security model. It provides protection against [evil maid](https://en.wikipedia.org/wiki/Evil_maid_attack) attacks, malware persistence, and ensures security updates cannot be downgraded with [rollback protection](https://source.android.com/security/verifiedboot/verified-boot#rollback-protection).
@@ -38,7 +38,7 @@ Unfortunately, OEMs are only obliged to support Verified Boot on their stock And
Many OEMs also have broken implementation of Verified Boot that you have to be aware of beyond their marketing. For example, the Fairphone 3 and 4 are not secure by default, as the [stock bootloader trusts the public AVB signing key](https://forum.fairphone.com/t/bootloader-avb-keys-used-in-roms-for-fairphone-3-4/83448/11). This breaks verified boot on a stock Fairphone device, as the system will boot alternative Android operating systems such (such as /e/) [without any warning](https://source.android.com/security/verifiedboot/boot-flow#locked-devices-with-custom-root-of-trust) about custom operating system usage.
## Firmware Updates
## 韌體更新
Firmware updates are critical for maintaining security and without them your device cannot be secure. OEMs have support agreements with their partners to provide the closed-source components for a limited support period. These are detailed in the monthly [Android Security Bulletins](https://source.android.com/security/bulletin).
@@ -48,11 +48,11 @@ EOL devices which are no longer supported by the SoC manufacturer cannot receive
Fairphone, for example, markets their devices as receiving 6 years of support. However, the SoC (Qualcomm Snapdragon 750G on the Fairphone 4) has a considerably shorter EOL date. This means that firmware security updates from Qualcomm for the Fairphone 4 will end in September 2023, regardless of whether Fairphone continues to release software security updates.
## Android Versions
## Android 版本
It's important to not use an [end-of-life](https://endoflife.date/android) version of Android. Newer versions of Android not only receive security updates for the operating system but also important privacy enhancing updates too. For example, [prior to Android 10](https://developer.android.com/about/versions/10/privacy/changes), any apps with the [`READ_PHONE_STATE`](https://developer.android.com/reference/android/Manifest.permission#READ_PHONE_STATE) permission could access sensitive and unique serial numbers of your phone such as [IMEI](https://en.wikipedia.org/wiki/International_Mobile_Equipment_Identity), [MEID](https://en.wikipedia.org/wiki/Mobile_equipment_identifier), your SIM card's [IMSI](https://en.wikipedia.org/wiki/International_mobile_subscriber_identity), whereas now they must be system apps to do so. System apps are only provided by the OEM or Android distribution.
## Android Permissions
## Android權限
[Permissions on Android](https://developer.android.com/guide/topics/permissions/overview) grant you control over what apps are allowed to access. Google regularly makes [improvements](https://developer.android.com/about/versions/11/privacy/permissions) on the permission system in each successive version. All apps you install are strictly [sandboxed](https://source.android.com/security/app-sandbox), therefore, there is no need to install any antivirus apps.
@@ -93,7 +93,7 @@ An app may request a permission for a specific feature it has. For example, any
Privacy-friendly apps such as [Bitwarden](https://reports.exodus-privacy.eu.org/en/reports/com.x8bit.bitwarden/latest/) may show some trackers such as [Google Firebase Analytics](https://reports.exodus-privacy.eu.org/en/trackers/49/). This library includes [Firebase Cloud Messaging](https://en.wikipedia.org/wiki/Firebase_Cloud_Messaging) which can provide [push notifications](https://en.wikipedia.org/wiki/Push_technology) in apps. This [is the case](https://fosstodon.org/@bitwarden/109636825700482007) with Bitwarden. That doesn't mean that Bitwarden is using all of the analytics features that are provided by Google Firebase Analytics.
## Media Access
## 媒體存取
Quite a few applications allows you to "share" a file with them for media upload. If you want to, for example, tweet a picture to Twitter, do not grant Twitter access to your "media and photos", because it will have access to all of your pictures then. Instead, go to your file manager (documentsUI), hold onto the picture, then share it with Twitter.
@@ -115,11 +115,11 @@ This method is generally less secure than a secondary user profile; however, it
## VPN Killswitch
Android 7 and above supports a VPN killswitch and it is available without the need to install third-party apps. This feature can prevent leaks if the VPN is disconnected. It can be found in :gear: **Settings****Network & internet****VPN** → :gear: → **Block connections without VPN**.
Android 7以上版本支援VPN killswitch ,無需安裝第三方應用程式即可使用。 This feature can prevent leaks if the VPN is disconnected. It can be found in :gear: **Settings****Network & internet****VPN** → :gear: → **Block connections without VPN**.
## Global Toggles
## 全局切換
Modern Android devices have global toggles for disabling Bluetooth and location services. Android 12 introduced toggles for the camera and microphone. When not in use, we recommend disabling these features. Apps cannot use disabled features (even if granted individual permission) until re-enabled.
Modern Android devices have global toggles for disabling Bluetooth and location services. Android 12為相機和麥克風引入了切換功能。 不使用時,建議停用這些功能。 Apps cannot use disabled features (even if granted individual permission) until re-enabled.
## Google
@@ -149,13 +149,13 @@ In the past, Android security updates had to be shipped by the operating system
If you have an EOL device shipped with Android 10 or above and are unable to run any of our recommended operating systems on your device, you are likely going to be better off sticking with your OEM Android installation (as opposed to an operating system not listed here such as LineageOS or /e/ OS). This will allow you to receive **some** security fixes from Google, while not violating the Android security model by using an insecure Android derivative and increasing your attack surface. We would still recommend upgrading to a supported device as soon as possible.
### Advertising ID
### 廣告識別碼
All devices with Google Play Services installed automatically generate an [advertising ID](https://support.google.com/googleplay/android-developer/answer/6048248?hl=en) used for targeted advertising. Disable this feature to limit the data collected about you.
On Android distributions with [Sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play), go to :gear: **Settings****Apps****Sandboxed Google Play****Google Settings****Ads**, and select *Delete advertising ID*.
On Android distributions with privileged Google Play Services (such as stock OSes), the setting may be in one of several locations. Check
On Android distributions with privileged Google Play Services (such as stock OSes), the setting may be in one of several locations. 查看
- :gear: **Settings****Google****Ads**
- :gear: **Settings****Privacy****Ads**

49
i18n/zh-Hant/os/qubes-overview.md
View File

@@ -1,55 +1,58 @@
---
title: "Qubes Overview"
title: "Qubes概述"
icon: simple/qubesos
description: Qubes is an operating system built around isolating apps within virtual machines for heightened security.
description: Qubes 作業系統利用虛擬機器來隔離應用程式以提高安全性。
---
[**Qubes OS**](../desktop.md#qubes-os) is an operating system which uses the [Xen](https://en.wikipedia.org/wiki/Xen) hypervisor to provide strong security for desktop computing through isolated virtual machines. Each VM is called a *Qube* and you can assign each Qube a level of trust based on its purpose. As Qubes OS provides security by using isolation, and only permitting actions on a per case basis, it is the opposite of [badness enumeration](https://www.ranum.com/security/computer_security/editorials/dumb/).
[**Qubes OS**](../desktop.md#qubes-os) 作業系統,利用 [Xen](https://en.wikipedia.org/wiki/Xen) hypervisor 通過隔離虛擬機器為桌面計算提供強大的安全性。 每個虛擬機器被稱為 *Qube* 可以根據其目的為各個Qube 分配信任等級。 由於 Qubes OS 通過使用隔離提供安全性,依每個案例情況作行為授權,因此與 [ badness 枚舉](https://www.ranum.com/security/computer_security/editorials/dumb/)相反。
## How does Qubes OS work?
## Qubes OS如何工作?
Qubes uses [compartmentalization](https://www.qubes-os.org/intro/) to keep the system secure. Qubes are created from templates, the defaults being for Fedora, Debian and [Whonix](../desktop.md#whonix). Qubes OS also allows you to create once-use [disposable](https://www.qubes-os.org/doc/how-to-use-disposables/) virtual machines.
Qubes 使用 [分區化](https://www.qubes-os.org/intro/) 來確保系統安全。 Qubes 從模板創建,預設為 FedoraDebian [Whonix](../desktop.md#whonix) Qubes OS還允許您創建一次性 [一次性](https://www.qubes-os.org/doc/how-to-use-disposables/) 虛擬機器。
![Qubes architecture](../assets/img/qubes/qubes-trust-level-architecture.png)
![Qubes架構](../assets/img/qubes/qubes-trust-level-architecture.png)
<figcaption>Qubes Architecture, Credit: What is Qubes OS Intro</figcaption>
Each Qubes application has a [colored border](https://www.qubes-os.org/screenshots/) that can help you keep track of the virtual machine it is running in. You could, for example, use a specific color for your banking browser, while using a different color for a general untrusted browser.
每個Qubes應用程序都有 [顏色邊框](https://www.qubes-os.org/screenshots/) ,幫助您追蹤它所運行的虛擬機器。 例如,可以為銀行瀏覽器使用特定的顏色,而一般不信任的瀏覽器則使用不同顏色。
![Colored border](../assets/img/qubes/r4.0-xfce-three-domains-at-work.png)
<figcaption>Qubes window borders, Credit: Qubes Screenshots</figcaption>
![顏色邊框](../assets/img/qubes/r4.0-xfce-three-domains-at-work.png)
<figcaption>Qubes 視窗邊框,圖片來源: Qubes Screenshots</figcaption>
## Why Should I use Qubes?
## 我爲什麼要使用Qubes
Qubes OS is useful if your [threat model](../basics/threat-modeling.md) requires strong compartmentalization and security, such as if you think you'll be opening untrusted files from untrusted sources. A typical reason for using Qubes OS is to open documents from unknown sources.
如果您的 [威脅模型](../basics/threat-modeling.md) 需要強大的分區和安全性,例如認為需要從不信任的來源開啟可疑檔案, Qubes OS 非常有用。 使用 Qubes OS 的某種典型原因是打開來自不明來源的文件。
Qubes OS utilizes [Dom0](https://wiki.xenproject.org/wiki/Dom0) Xen VM (i.e., an "AdminVM") for controlling other guest VMs or Qubes on the host OS. Other VMs display individual application windows within Dom0's desktop environment. It allows you to color code windows based on trust levels and run apps that can interact with each other with very granular control.
Qubes OS 利用 [DOM0](https://wiki.xenproject.org/wiki/Dom0) Xen VM 即「AdminVM」來控制主機作業系統上其他訪客的 VM 或 Qubes。 其他VM 在 Dom0 桌面環境中顯示個別的應用程式視窗。 您可以根據信任等級為代碼窗口上色,並透過非常細膩的控制來執行應用程式。
### Copying and Pasting Text
### 復制和黏貼文本
You can [copy and paste text](https://www.qubes-os.org/doc/how-to-copy-and-paste-text/) using `qvm-copy-to-vm` or the below instructions:
可利用 `qvm-copy-to-vm` 或以下說明 [複製並貼上文本](https://www.qubes-os.org/doc/how-to-copy-and-paste-text/)
1. Press **Ctrl+C** to tell the VM you're in that you want to copy something.
2. Press **Ctrl+Shift+C** to tell the VM to make this buffer available to the global clipboard.
3. Press **Ctrl+Shift+V** in the destination VM to make the global clipboard available.
4. Press **Ctrl+V** in the destination VM to paste the contents in the buffer.
### File Exchange
### 檔案交換
To copy and paste files and directories (folders) from one VM to another, you can use the option **Copy to Other AppVM...** or **Move to Other AppVM...**. The difference is that the **Move** option will delete the original file. Either option will protect your clipboard from being leaked to any other Qubes. This is more secure than air-gapped file transfer because an air-gapped computer will still be forced to parse partitions or file systems. That is not required with the inter-qube copy system.
若要將檔案和目錄(資料夾)從一個 VM 複製貼到另一個 VM ,您可以使用選項 **Copy to Other AppVM...** **Move to Other AppVM...**。 不同之處在於 **Move** 選項會刪除原始檔案。 這兩個選項都可以保護您的剪貼簿不會洩漏到任何其他 Qubes。 這比網閘式檔案傳輸更安全,因為網閘電腦仍將被迫解析分割區或檔案系統。 這在inter-qube複製系統中是不需要的。
??? info "AppVMs or qubes do not have their own file systems"
??? info" AppVms沒有自己的檔案系統"
You can [copy and move files](https://www.qubes-os.org/doc/how-to-copy-and-move-files/) between Qubes. When doing so the changes aren't immediately made and can be easily undone in case of an accident.
您可以在Qubes之間[複製和移動檔案] (https://www.qubes-os.org/doc/how-to-copy-and-move-files/)。 當這樣做時,不會立即進行更改,並且在發生事故時可以輕鬆撤消。
### Inter-VM Interactions
### 虛擬機之間交互
The [qrexec framework](https://www.qubes-os.org/doc/qrexec/) is a core part of Qubes which allows virtual machine communication between domains. It is built on top of the Xen library *vchan*, which facilitates [isolation through policies](https://www.qubes-os.org/news/2020/06/22/new-qrexec-policy-system/).
[qrexec 框架](https://www.qubes-os.org/doc/qrexec/) 是 Qubes 的核心構成,讓虛擬機器在域之間溝通。 它基於 Xen 庫 *vchan*之上,通過策略</a>促進
隔離。</p>
## Additional Resources
For additional information we encourage you to consult the extensive Qubes OS documentation pages located on the [Qubes OS Website](https://www.qubes-os.org/doc/). Offline copies can be downloaded from the Qubes OS [documentation repository](https://github.com/QubesOS/qubes-doc).
## 其他資源
如需更多資訊,建議瀏覽[Qubes OS 網站](https://www.qubes-os.org/doc/)上 Qubes OS 文件頁面。 可以從Qubes OS [文件庫](https://github.com/QubesOS/qubes-doc)下載離線副本。
- Open Technology Fund: [*Arguably the world's most secure operating system*](https://www.opentech.fund/news/qubes-os-arguably-the-worlds-most-secure-operating-system-motherboard/)
- J. Rutkowska: [*Software compartmentalization vs. physical separation*](https://invisiblethingslab.com/resources/2014/Software_compartmentalization_vs_physical_separation.pdf)
- J. Rutkowska: [*Partitioning my digital life into security domains*](https://blog.invisiblethings.org/2011/03/13/partitioning-my-digital-life-into.html)
- Qubes OS: [*Related Articles*](https://www.qubes-os.org/news/categories/#articles)
- Qubes OS: [*相關文章*](https://www.qubes-os.org/news/categories/#articles)