@@ -48,7 +48,9 @@ These providers natively support OpenPGP encryption/decryption and the [Web Key
當使用像 OpenPGP 這類 E2EE 技術時,電子郵件仍然會有一些元數據無法加密如主旨列。 了解更多[電子郵件元數據](basics/email-security.md#email-metadata-overview).
-OpenPGP 也不支持前向保密,這意味著如果你或收件人的私鑰被盜,以前所有用它加密的訊息都會洩露。 [[如何保護我的私鑰?](basics/email-security.md#how-do-i-protect-my-private-keys)
+OpenPGP also does not support forward secrecy, which means if the private key of either you or the message recipient is ever stolen, all previous messages encrypted with it will be exposed.
+
+- [How do I protect my private keys?](basics/email-security.md#how-do-i-protect-my-private-keys)
@@ -58,7 +60,9 @@ OpenPGP 也不支持前向保密,這意味著如果你或收件人的私鑰被
{ align=right }
-**Proton Mail** 是一個專注於隱私、加密、安全性和易用性的電子郵件服務。 他們自 2013 年起開始營運。 Proton AG is based in Geneva, Switzerland. The Proton Mail Free plan comes with 500 MB of Mail storage, which you can increase up to 1 GB for free.
+**Proton Mail** 是一個專注於隱私、加密、安全性和易用性的電子郵件服務。 他們自 2013 年起開始營運。 Proton AG is based in Geneva, Switzerland.
+
+The Proton Free plan comes with 500 MB of Mail storage, which you can increase up to 1 GB for free.
[:octicons-home-16: 首頁](https://proton.me/mail){ .md-button .md-button--primary }
[:simple-torbrowser:](https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion){ .card-link title="洋蔥服務" }
@@ -81,9 +85,9 @@ OpenPGP 也不支持前向保密,這意味著如果你或收件人的私鑰被
-免費帳戶有一些功能限制,例如無法搜尋郵件正文內容,也無法無法使用 [Proton Mail Bridge](https://proton.me/mail/bridge);後者是使用[建議的桌面郵件客戶端](email-clients.md) (例如 Thunderbird) 所需的。 付費帳戶包括 Proton Mail Bridge、額外儲存空間和自訂網域支援等功能。 Proton Mail 應用程式於 2021 年 11 月 9 日由 [Securitum](https://research.securitum.com) 提供[認證函](https://proton.me/blog/security-audit-all-proton-apps) 。
+Free accounts have some limitations, such as not being able to search body text and not having access to [Proton Mail Bridge](https://proton.me/mail/bridge), which is required to use a [recommended desktop email client](email-clients.md) (e.g., Thunderbird). 付費帳戶包括 Proton Mail Bridge、額外儲存空間和自訂網域支援等功能。 如果您有訂閱 Proton Unlimited 或任何多使用者的 Proton 方案,您也可以免費獲得 [SimpleLogin](email-aliasing.md#simplelogin) Premium。
-如果您有訂閱 Proton Unlimited 或任何多使用者的 Proton 方案,您也可以免費獲得 [SimpleLogin](email-aliasing.md#simplelogin) Premium。
+Proton Mail 應用程式於 2021 年 11 月 9 日由 [Securitum](https://research.securitum.com) 提供[認證函](https://proton.me/blog/security-audit-all-proton-apps) 。
Proton Mail 的內容崩潰報告**不會**對其它第三方分享。 可以在 web app 下取消,作法: :gear: → **所有設定** → **帳號** → **安全與隱私** → **隱私與資料蒐集**.
@@ -93,7 +97,7 @@ Proton Mail 的內容崩潰報告**不會**對其它第三方分享。 可以在
#### :material-check:{ .pg-green } 私密付款方式
-Proton Mail 除了[支援](https://proton.me/support/payment-options)郵寄現金外,還接受信用卡/簽帳卡、[Bitcoin](advanced/payments.md#other-coins-bitcoin-ethereum-etc) 和 PayPal 付款。
+Proton Mail [accepts](https://proton.me/support/payment-options) **cash** by mail in addition to standard credit/debit card, [Bitcoin](advanced/payments.md#other-coins-bitcoin-ethereum-etc), and PayPal payments.
#### :material-check:{ .pg-green } 帳號安全
@@ -109,7 +113,7 @@ Proton Mail 使用「[零存取加密技術](https://proton.me/blog/zero-access-
Proton Mail 網頁郵件整合了 [OpenPGP 加密](https://proton.me/support/how-to-use-pgp) 。 發送到其他 Proton Mail 帳號的電子郵件會自動加密,並且可以在您的帳號設定中輕鬆啟用「使用 OpenPGP 金鑰對非 Proton Mail 位址進行加密」。 Proton also supports automatic external key discovery with WKD. 因此發送到使用 WKD 的其他供應商的電子郵件也將使用 OpenPGP 自動加密,無需與聯絡人手動交換公共 PGP 金鑰。 它可以 [加密非 Proton Mail 郵件位址的訊息](https://proton.me/support/password-protected-emails),不必非得使用帶 OpenPGP 的 Proton Mail 帳戶。
-Proton Mail 也透過 HTTP 從其 WKD 發布 Proton 帳戶的公鑰。 這可讓非 Proton Mail 使用者可以輕鬆找到 Proton Mail 帳戶的 OpenPGP 金鑰,以利跨供應商進行 E2EE 。 這僅限於使用 Proton 自身網域別名 (例如 @proton.me) 的電子郵件。 如果使用自定域名,則須另行[設定 WKD](./basics/email-security.md#what-is-the-web-key-directory-standard) 。
+Proton Mail 也透過 HTTP 從其 WKD 發布 Proton 帳戶的公鑰。 This allows people who don't use Proton Mail to find the OpenPGP keys of Proton Mail accounts easily for cross-provider E2EE. This only applies to email addresses ending in one of Proton's own domains, like `@proton.me`. If you use a custom domain, you must [configure WKD](basics/email-security.md#what-is-the-web-key-directory-standard) separately.
#### :material-information-outline:{ .pg-blue } 終止帳號
@@ -117,17 +121,17 @@ Proton Mail 也透過 HTTP 從其 WKD 發布 Proton 帳戶的公鑰。 這可讓
#### :material-information-outline:{ .pg-blue } 額外功能
-Proton Mail's [Unlimited](https://proton.me/support/proton-plans#proton-unlimited) plan also enables access to other Proton services in addition to providing multiple custom domains, unlimited hide-my-email aliases, and 500 GB of storage.
-
-Proton Mail 不提供數字遺產功能。
+Proton Mail's [Unlimited](https://proton.me/support/proton-plans#proton-unlimited) plan also enables access to other Proton services in addition to providing multiple custom domains, unlimited hide-my-email aliases, and 500 GB of storage.
### Mailbox.org
-{ align=right }
+{ align=right }
-**Mailbox.org** 電子郵件服務,專注於安全、無廣告和使用 100% 民間環保發電能源。 自 **2014 年** 開始運營。 Mailbox.org 總部位於德國柏林。 Accounts start with up to 2 GB storage, which can be upgraded as needed.
+**Mailbox.org** is an email service with a focus on being secure, ad-free, and powered by 100% eco-friendly energy. 自 **2014 年** 開始運營。 Mailbox.org 總部位於德國柏林。
+
+Accounts start with up to 2 GB storage, which can be upgraded as needed.
[:octicons-home-16: 首頁](https://mailbox.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mailbox.org/en/data-protection-privacy-policy){ .card-link title="隱私權政策" }
@@ -148,23 +152,23 @@ Mailbox.org 可使用自定域名,且支援 [catch-all](https://kb.mailbox.org
#### :material-check:{ .pg-green } 私人付款方式
-Mailbox.org 不接受任何加密貨幣,因為他們的支付處理商 BitPay 暫停了德國業務。 However, they do accept cash by mail, cash payment to bank account, bank transfer, credit card, PayPal and a couple of German-specific processors: paydirekt and Sofortüberweisung.
+Mailbox.org 不接受任何加密貨幣,因為他們的支付處理商 BitPay 暫停了德國業務。 However, they do accept **cash** by mail, **cash** payment to bank account, bank transfer, credit card, PayPal, and a couple of German-specific processors: Paydirekt and Sofortüberweisung.
#### :material-check:{ .pg-green } 帳號安全
-Mailbox.org supports [two-factor authentication](https://kb.mailbox.org/en/private/account-article/how-to-use-two-factor-authentication-2fa) for their webmail only. 您可以使用 TOTP 或通過 [YubiKey](https://en.wikipedia.org/wiki/YubiKey) 來使用 [YubiCloud](https://yubico.com/products/services-software/yubicloud) 進行雙重認證. Web 標準如 [WebAuthn ](https://en.wikipedia.org/wiki/WebAuthn) 尚不支援。
+Mailbox.org supports [two-factor authentication](https://kb.mailbox.org/en/private/account-article/how-to-use-two-factor-authentication-2fa) for their webmail only. 您可以使用 TOTP 或通過 [YubiKey](https://en.wikipedia.org/wiki/YubiKey) 來使用 [YubiCloud](https://yubico.com/products/services-software/yubicloud) 進行雙重認證. Web standards such as [WebAuthn](basics/multi-factor-authentication.md#fido-fast-identity-online) are not yet supported.
#### :material-information-outline:{ .pg-blue } 資料安全
Mailbox.org 允許使用 [加密郵箱](https://kb.mailbox.org/en/private/e-mail-article/your-encrypted-mailbox)對傳入郵件進行加密。 收到的新訊息將立即用您的公鑰加密。
-不迥 Mailbox.org 使用的軟體平台 [Open-Exchange](https://en.wikipedia.org/wiki/Open-Xchange)[不支援](https:// kb.mailbox.org/en/private/security-privacy-article/encryption-of-calendar-and-address-book)通訊錄和行事曆加密。 [獨立的選項](calendar.md) 可能更適合該資訊。
+However, [Open-Xchange](https://en.wikipedia.org/wiki/Open-Xchange), the software platform used by Mailbox.org, [does not support](https://kb.mailbox.org/en/private/security-privacy-article/encryption-of-calendar-and-address-book) the encryption of your address book and calendar. A [standalone option](calendar.md) may be more appropriate for that data.
#### :material-check:{ .pg-green } 電子郵件加密
Mailbox.org 在他們的網頁郵件中 [整合了加密功能](https://kb.mailbox.org/en/private/e-mail-article/send-encrypted-e-mails-with-guard) ,這簡化了向具有公開OpenPGP金鑰的人發送訊息。 它們也讓遠端收件者可以在 Mailbox.org 的伺服器上[解密電子郵件](https://kb.mailbox.org/en/private/e-mail-article/my-recipient-does-not-use-pgp)。 當遠端收件人沒有 OpenPGP 無法解密自己郵箱中的電子郵件時,此功能非常有用。
-Mailbox.org also supports the discovery of public keys via HTTP from their WKD. 因此其它人可以輕鬆找到 Mailbox.org 帳戶的 OpenPGP 金鑰,便於跨提供者使用 E2EE。 這僅限於使用 Mailbox.org 自身網域(例如 @mailbox.org) 的電子郵件。 如果使用自定域名,則須另行[設定 WKD](./basics/email-security.md#what-is-the-web-key-directory-standard) 。
+Mailbox.org also supports the discovery of public keys via HTTP from their WKD. This allows people outside of Mailbox.org to find the OpenPGP keys of Mailbox.org accounts easily for cross-provider E2EE. This only applies to email addresses ending in one of Mailbox.org's own domains, like `@mailbox.org`. If you use a custom domain, you must [configure WKD](basics/email-security.md#what-is-the-web-key-directory-standard) separately.
#### :material-information-outline:{ .pg-blue } 終止帳號
@@ -176,7 +180,7 @@ Mailbox.org also supports the discovery of public keys via HTTP from their WKD.
所有帳號都附帶有限的[可以加密](https://kb.mailbox.org/en/private/drive-article/encrypt-files-on-your-drive)雲端儲存空間 。 Mailbox.org 還提供別名 [@ secure.mailbox.org](https://kb.mailbox.org/en/private/e-mail-article/ensuring-e-mails-are-sent-securely),它對郵件伺服器之間的連線強制進行TLS加密,否則根本不會發送訊息。 Mailbox.org 除了支援 IMAP 和 POP3 等標準存取通訊協議外,還支援 [Exchange ActiveSync](https://en.wikipedia.org/wiki/Exchange_ActiveSync) 。
-Mailbox.org 所有方案都提供了數位遺產功能。 你可以選擇是否要將任何資料傳遞給繼承人,但對方必須提出你的遺囑證明。 或者,您可以透過姓名和位址提出人選。
+Mailbox.org 所有方案都提供了數位遺產功能。 You can choose whether you want any of your data to be passed to heirs, providing that they apply and provide your testament. 或者,您可以透過姓名和位址提出人選。
## 更多供應商
@@ -195,7 +199,9 @@ Mailbox.org 所有方案都提供了數位遺產功能。 你可以選擇是否
{ align=right }
{ align=right }
-**Tuta** (前身為 *Tutanota*) 是一項透過使用加密技術,著重於安全性與隱私權的電子郵件服務。 Tuta 自 2011 年開始營運,總部位於德國漢諾威。 Free accounts start with 1 GB of storage.
+**Tuta** (前身為 *Tutanota*) 是一項透過使用加密技術,著重於安全性與隱私權的電子郵件服務。 Tuta 自 2011 年開始營運,總部位於德國漢諾威。
+
+Free accounts start with 1 GB of storage.
[:octicons-home-16: 首頁](https://tuta.com){ .md-button .md-button--primary }
[:octicons-eye-16:](https://tuta.com/privacy){ .card-link title="隱私權政策" }
@@ -226,7 +232,7 @@ Tuta 不支援 [ IMAP 協議](https://tuta.com/support#imap) 或使用第三方
#### :material-information-outline:{ .pg-blue } 私密付款方式
-Tuta only directly accepts credit cards and PayPal, however [cryptocurrency](cryptocurrency.md) can be used to purchase gift cards via their [partnership](https://tuta.com/support/#cryptocurrency) with ProxyStore.
+Tuta only directly accepts credit cards and PayPal, however [**cryptocurrency**](cryptocurrency.md) can be used to purchase gift cards via their [partnership](https://tuta.com/support/#cryptocurrency) with ProxyStore.
#### :material-check:{ .pg-green } 帳號安全
@@ -234,7 +240,7 @@ Tuta supports [two-factor authentication](https://tuta.com/support#2fa) with eit
#### :material-check:{ .pg-green } 資料安全
-Tuta 為郵件、 [通訊錄位址聯絡人](https://tuta.com/support#encrypted-address-book)以及[行事曆](https://tuta.com/support#calendar)提供[零存取加密](https://tuta.com/support#what-encrypted) 。 這意味著儲存在您帳戶中的訊息和其他資料只有您能讀取。
+Tuta has [zero-access encryption at rest](https://tuta.com/support#what-encrypted) for your emails, [address book contacts](https://tuta.com/support#encrypted-address-book), and [calendars](https://tuta.com/support#calendar). 這意味著儲存在您帳戶中的訊息和其他資料只有您能讀取。
#### :material-information-outline:{ .pg-blue } 電子郵件加密
@@ -248,8 +254,6 @@ Tuta [刪除六個月未登入使用的免費帳戶](https://tuta.com/support#in
Tuta 向非營利組織提供免費 [商業版本](https://tuta.com/blog/secure-email-for-non-profit) 或大幅折扣。
-Tuta 不提供數位遺產功能。
-
## 自主託管電子郵件
進階系統管理員可以考慮設定自己的電子郵件伺服器。 郵件伺服器需要注意和持續維護,以確保安全性和郵件傳遞的可靠性。 In addition to the "all-in-one" solutions below, we've picked out a few articles that cover a more manual approach:
@@ -315,52 +319,53 @@ Stalwart does **not** have an integrated webmail, so you will need to use it wit
**最低合格要求:**
-- 使用零存取加密技術全程加密電子郵件帳戶資料。
-- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- 在自有基礎設施上運作,即不建立在第三方電子郵件服務提供商之上。
-
-**最佳案例:**
-
-- 使用零存取加密帳戶全部資料(聯絡人、行事曆等)。
-- 網頁郵件整合 E2EE/PGP加密以更方便使用。
-- Support for WKD to allow improved discovery of public OpenPGP keys via HTTP. GnuPG 使用者可以透過輸入: `gpg --locate-key example_user@example.com` 取得金鑰。
-- 支援外部使用者的臨時信箱。 當您想要發送加密的電子郵件時,這非常有用,而無需將實際副本發送給您的收件人。 這些電子郵件通常具有限定時效,之後會被自動刪除。 它們也不需要收件人配置任何像OpenPGP這樣的加密技術。
-- 可提供 [onion 服務](https://en.wikipedia.org/wiki/.onion)的電子郵件服務供應商。
-- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
-- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). 自定網域名稱對用戶來說很重要,因為它允許用戶在使用服務時仍維持持自我代理,以防服務變差或被另一家不優先考慮隱私的公司收購。
-- Catch-all or alias functionality for those who use their own domains.
-- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
-
-### 隱私
-
-我們希望所推薦的提供商盡可能少地收集客戶資料。
-
-**最低合格要求:**
-
-- 保護寄件者的 IP 位址,包括過濾它,使其不顯示在`接收`標頭欄位中。
-- 除了使用者名稱和密碼外,不要求提供個人身份識別資訊(PII)。
-- 隱私政策符合 GDPR 之要求。
+- Must encrypt email account data at rest with zero-access encryption.
+- Must be capable of exporting emails as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
+- Allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). 自定網域名稱對用戶來說很重要,因為它允許用戶在使用服務時仍維持持自我代理,以防服務變差或被另一家不優先考慮隱私的公司收購。
+- Must operate on owned infrastructure, i.e. not built upon third-party email service providers.
**最佳情況:**
-- 接受 [匿名付款選項](advanced/payments.md) ([加密貨幣](cryptocurrency.md),現金,禮品卡等)
-- 託管在有強力法律保障隱私的司法管轄區。
+- Should encrypt all account data (contacts, calendars, etc.) at rest with zero-access encryption.
+- Should provide integrated webmail E2EE/PGP encryption as a convenience.
+- Should support WKD to allow improved discovery of public OpenPGP keys via HTTP. GnuPG users can get a key with this command: `gpg --locate-key example_user@example.com`.
+- 支援外部使用者的臨時信箱。 This is useful when you want to send an encrypted email without sending an actual copy to your recipient. 這些電子郵件通常具有限定時效,之後會被自動刪除。 它們也不需要收件人配置任何像OpenPGP這樣的加密技術。
+- Should support [sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing).
+- Should allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). 自定網域名稱對用戶來說很重要,因為它允許用戶在使用服務時仍維持持自我代理,以防服務變差或被另一家不優先考慮隱私的公司收購。
+- Catch-all or alias functionality for those who use their own domains.
+- Should use standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
+- Email provider's services should be available via an [onion service](https://en.wikipedia.org/wiki/.onion).
-### 安全
+### 隱私
-電子郵件伺服器處理大量非常敏感的資料。 我們期望供應商會採用最佳的業界實務,以保護其客戶。
+我們希望所推薦的供應商收集越少資料越好。
**最低合格要求:**
-- 使用雙重驗證 (例如 TOTP) 保護 Webmail。
-- 零存取加密,建立在靜態加密的基礎上。 提供者沒有其所持有資料的解密金鑰。 這可防止惡意員工洩露他們存取的資料,或遠端敵人透過未經授權存取伺服器來釋放他們竊取的資料。
+- Must protect sender's IP address, which can involve filtering it from showing in the `Received` header field.
+- Must not require personally identifiable information (PII) besides a username and a password.
+- Privacy policy must meet the requirements defined by the GDPR.
+
+**最佳情況:**
+
+- Should accept [anonymous payment options](advanced/payments.md) ([cryptocurrency](cryptocurrency.md), cash, gift cards, etc.)
+- Should be hosted in a jurisdiction with strong email privacy protection laws.
+
+### 安全
+
+Email servers deal with a lot of very sensitive data. We expect that providers will adopt industry best practices in order to protect their customers.
+
+**最低合格要求:**
+
+- Protection of webmail with 2FA, such as [TOTP](basics/multi-factor-authentication.md#time-based-one-time-password-totp).
+- Zero-access encryption, which builds on encryption at rest. 提供者沒有其所持有資料的解密金鑰。 這可防止惡意員工洩露他們存取的資料,或遠端敵人透過未經授權存取伺服器來釋放他們竊取的資料。
- [DNSSEC](https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions) 支援。
- 使用 [Hardenize](https://hardenize.com), [testssl.sh](https://testssl.sh) 或 [Qualys SSL Labs](https://ssllabs.com/ssltest) 等工具沒發現 TLS 錯誤或漏洞; 這包括與憑證相關的錯誤和弱 DH 參數,例如 [Logjam](https://en.wikipedia.org/wiki/Logjam_(computer_security)) 錯誤。
-- 伺服器套件偏好設定 (TLSv1.3 為選用),適用於支援前向保密和認證加密的強密碼套件。
+- A server suite preference (optional on TLS 1.3) for strong cipher suites which support forward secrecy and authenticated encryption.
- 有效的 [MTA-STS](https://tools.ietf.org/html/rfc8461) 和[TLS-RPT](https://tools.ietf.org/html/rfc8460) 政策。
- 有效 [ DANE ](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities) 紀錄。
- 有效的 [SPF ](https://en.wikipedia.org/wiki/Sender_Policy_Framework) 和 [ DKIM ](https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail) 記錄。
-- 擁有適當的 [DMARC ](https://en.wikipedia.org/wiki/DMARC) 記錄和原則,或使用 [ ARC ](https://en.wikipedia.org/wiki/Authenticated_Received_Chain) 進行驗證。 如果正在使用 DMARC 驗證,則必須將原則設定為 `拒絕` 或 `隔離`。
+- Must have a proper [DMARC](https://en.wikipedia.org/wiki/DMARC) record and policy or use [ARC](https://en.wikipedia.org/wiki/Authenticated_Received_Chain) for authentication. 如果正在使用 DMARC 驗證,則必須將原則設定為 `拒絕` 或 `隔離`。
- 伺服器套件最好為 TLS 1.2或更高版本以及 [ RFC8996](https://datatracker.ietf.org/doc/rfc8996)計劃。
- 假設使用SMTP,[SMTPS](https://en.wikipedia.org/wiki/SMTPS) 提交。
- 網站安全標準,例如:
@@ -368,12 +373,12 @@ Stalwart does **not** have an integrated webmail, so you will need to use it wit
- 如果從外部網域加載東西時,[子資源完整性](https://en.wikipedia.org/wiki/Subresource_Integrity) 。
- 必須支援檢視[郵件標頭](https://en.wikipedia.org/wiki/Email#Message_header),因為這是判斷電子郵件是否為釣魚嘗試的重要取證功能。
-**最佳案例:**
+**最佳情況:**
-- 支援硬體驗證,即 U2F 和 [WebAuthn](basics/multi-factor-authentication.md#fido-fast-identity-online)。
+- Should support hardware authentication, i.e. U2F 和 [WebAuthn](basics/multi-factor-authentication.md#fido-fast-identity-online)。
- [DNS 憑證授權機構授權 (CAA) 資源記錄](https://tools.ietf.org/html/rfc6844) 除了 DANE 支援外。
-- [Authenticated Received Chain (ARC)](https://en.wikipedia.org/wiki/Authenticated_Received_Chain) 的實作,這對於在郵件列表 [RFC8617](https://tools.ietf.org/html/rfc8617) 發佈文章的人很有用。
-- 由信譽良好的第三方公司公布的安全審計。
+- Should implement [Authenticated Received Chain (ARC)](https://en.wikipedia.org/wiki/Authenticated_Received_Chain), which is useful for people who post to mailing lists [RFC8617](https://tools.ietf.org/html/rfc8617).
+- Published security audits from a reputable, third-party firm.
- 漏洞獎勵計劃和/或協調漏洞披露過程。
- 網站安全標準,例如:
- [內容安全策略(CSP)](https://en.wikipedia.org/wiki/Content_Security_Policy)
@@ -381,36 +386,33 @@ Stalwart does **not** have an integrated webmail, so you will need to use it wit
### 信任
-您不會把財務資料給身份作假的人,那麼為什麼會信任讓他們來使用您的電子郵件? 我們要求我們推薦的供應商公開其所有權或領導層級狀況。 我們也希望看到頻繁的透明度報告,特別是關於如何處理政府要求的報告。
+You wouldn't trust your finances to someone with a fake identity, so why trust them with your email? 我們要求推薦的供應商公開其所有權或領導層級狀況。 我們也希望能夠看到經常性的透明度報告,尤其是如何處理政府要求的部份。
**最低合格要求:**
- 面向公眾的領導或所有權。
-**最佳案例:**
+**最佳情況:**
- 頻繁的透明度報告。
### 行銷
-對於我們推薦的電子郵件供應商,我們希望看到負責任的行銷。
+With the email providers we recommend, we like to see responsible marketing.
**最低合格要求:**
- Must self-host analytics (no Google Analytics, Adobe Analytics, etc.).
-
-不得有任何不負責任的行銷行為,可能包括下列內容:
-
-- 聲稱「無法破解的加密」。 使用加密時應考慮到,當未來有破解技術時,加密可能就不是秘密了。
-- 保證 100% 匿名性保護。 當有人宣稱某件事是 100% 時,這表示沒有失敗的把握。 我們知道人們可以透過許多方式輕易地解除匿名,例如:
-
- - 重複使用他們在沒有使用匿名軟體 (Tor、VPN 等) 的情況下存取的個人資訊,例如 (電子郵件帳號、獨特假名等)
- - [瀏覽器指紋](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint)
+- Must not have any irresponsible marketing, which can include the following:
+ - Claims of "unbreakable encryption." Encryption should be used with the intention that it may not be secret in the future when the technology exists to crack it.
+ - Guarantees of protecting anonymity 100%. When someone makes a claim that something is 100%, it means there is no certainty for failure. We know people can quite easily de-anonymize themselves in a number of ways, e.g.:
+ - Reusing personal information e.g. (email accounts, unique pseudonyms, etc.) that they accessed without anonymity software such as Tor
+ - [瀏覽器指紋](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint)
**最佳情況:**
-- 針對設定雙重驗證、電子郵件用戶端、OpenPGP 等任務,提供簡單好懂的說明文件。
+- Clear and easy-to-read documentation for tasks like setting up 2FA, email clients, OpenPGP, etc.
### 附加功能
-雖然不是嚴格要求,但我們在決定推薦哪些提供商時還會考慮其他一些便利或隱私因素。
+While not strictly requirements, there are some other convenience or privacy factors we looked into when determining which providers to recommend.
diff --git a/i18n/zh-Hant/os/android-overview.md b/i18n/zh-Hant/os/android-overview.md
index 9e730e86..5d9dcd93 100644
--- a/i18n/zh-Hant/os/android-overview.md
+++ b/i18n/zh-Hant/os/android-overview.md
@@ -132,7 +132,7 @@ Android 7 及以上版本支援 VPN kill switch,無需安裝第三方應用程
進階防護計劃提供強化的威脅監控,並能夠:
-- 更嚴格的雙重認證;例如,**必須**使用 [FIDO](../basics/multi-factor-authentication.md#fido-fast-identity-online),且不允許使用 [SMS OTP](../basics/multi-factor-authentication.md#sms-or-email-mfa)、[TOTP](../basics/multi-factor-authentication.md#time-based-one-time-password-totp) 和 [OAuth](https://en.wikipedia.org/wiki/OAuth)。
+- Stricter two-factor authentication; e.g. that [FIDO](../basics/multi-factor-authentication.md#fido-fast-identity-online) **must** be used and disallows the use of [SMS OTPs](../basics/multi-factor-authentication.md#sms-or-email-mfa), [TOTP](../basics/multi-factor-authentication.md#time-based-one-time-password-totp) and [OAuth](../basics/account-creation.md#sign-in-with-oauth)
- 只有 Google 和經過驗證的第三方應用程式才能存取帳戶資料
- 掃描 Gmail 帳戶收到的電子郵件,以防[釣魚嘗試](https://en.wikipedia.org/wiki/Phishing#Email_phishing)
- 使用 Google Chrome 進行更嚴格的[安全瀏覽器掃描](https://google.com/chrome/privacy/whitepaper.html#malware)
@@ -154,7 +154,9 @@ Android 7 及以上版本支援 VPN kill switch,無需安裝第三方應用程
所有安裝 Google Play 服務的裝置都會自動產生 [廣告ID](https://support.google.com/googleplay/android-developer/answer/6048248) ,用於定向廣告。 禁用此功能以限制其收集您的資料。
-在具有 [Sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play)的Android 版上,前往 :gear: **設定** → **應用程式** → **Sandboxed Google Play** → **Google 設定** → **廣告**,然後選擇 *刪除廣告ID*。
+On Android distributions with [sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play), go to :gear: **Settings** → **Apps** → **Sandboxed Google Play** → **Google Settings** → **All services** → **Ads**.
+
+- [x] Select **Delete advertising ID**
On Android distributions with privileged Google Play Services (which includes the stock installation on most devices), the setting may be in one of several locations. 查看
diff --git a/i18n/zh/basics/account-creation.md b/i18n/zh/basics/account-creation.md
index 9b75b732..b585924e 100644
--- a/i18n/zh/basics/account-creation.md
+++ b/i18n/zh/basics/account-creation.md
@@ -42,7 +42,7 @@ The Privacy Policy is how the service says they will use your data, and it is wo
#### 邮箱别名
-如果你不想把你的真实电子邮件地址提供给一个服务,你可以选择使用一个别名。 我们在我们的电子邮件服务推荐页面上对它们进行了更详细的描述。 本质上,别名服务允许你生成新的电子邮件地址,将所有电子邮件转发到你的主地址。 This can help prevent tracking across services and help you manage the marketing emails that sometimes come with the sign-up process. 这些可以根据它们被发送到的别名自动过滤。
+如果你不想把你的真实电子邮件地址提供给一个服务,你可以选择使用一个别名。 We describe them in more detail on our email services recommendation page. 本质上,别名服务允许你生成新的电子邮件地址,将所有电子邮件转发到你的主地址。 This can help prevent tracking across services and help you manage the marketing emails that sometimes come with the sign-up process. 这些可以根据它们被发送到的别名自动过滤。
如果一项服务被黑客攻击,你可能会开始收到钓鱼或垃圾邮件到你用来注册的地址。 为每项服务使用独特的别名,可以帮助准确识别什么服务被黑。
@@ -50,19 +50,19 @@ The Privacy Policy is how the service says they will use your data, and it is wo
### “通过……登录” (OAuth)
-OAuth是一种认证协议,它允许你在不与服务提供商共享太多信息的情况下(如果有的话),通过使用你在另一项服务中已有的账户来注册新服务。 每当你在注册表单上看到类似“通过*提供商名称*登录”的内容时,通常就是在使用OAuth。
+[Open Authorization (OAuth)](https://en.wikipedia.org/wiki/OAuth) is an authentication protocol that allows you to register for a service without sharing much information with the service provider, if any, by using an existing account you have with another service instead. 每当你在注册表单上看到类似“通过*提供商名称*登录”的内容时,通常就是在使用OAuth。
当你通过OAuth登录时,它会打开一个登录页面,你选择的提供商和你现有的账户以及新账户将会被连接起来。 你的密码不会共享,但一些基本信息通常会共享(你可以在登录请求期间审查它) 每次你想登录同一个账户时,都需要这个过程。
主要的优点是:
-- **安全性**:当涉及到存储登录凭证时,你不必信任你正在登录的服务的安全实践,因为这些凭证是存储在外部OAuth提供商那里的。对于像苹果和谷歌这样的服务来说,它们通常遵循最佳的安全实践,持续审计其认证系统,并且不会不适当地存储凭证(例如以明文形式)。
-- **易用性**:多个账户由一个登录账号管理。
+- **Security**: You don't have to trust the security practices of the service you're logging into when it comes to storing your login credentials because they are stored with the external OAuth provider. Common OAuth providers like Apple and Google typically follow the best security practices, continuously audit their authentication systems, and don't store credentials inappropriately (such as in plain text).
+- **Ease-of-use**: Multiple accounts are managed by a single login.
但也有弊端:
-- **隐私**:你使用的OAuth提供商将知道你使用的服务。
-- **集中化**:如果你用于OAuth的账户被泄露,或者你无法登录该账户,所有与之连接的其他账户都会受到影响。
+- **Privacy**: The OAuth provider you log in with will know the services you use.
+- **Centralization**: If the account you use for OAuth is compromised, or you aren't able to log in to it, all other accounts connected to it are affected.
OAuth在需要服务之间更深入整合的情况下特别有用。 我们的建议是仅在需要时使用OAuth,并始终使用多因素认证 [MFA](multi-factor-authentication.md) 保护主账户。
diff --git a/i18n/zh/basics/email-security.md b/i18n/zh/basics/email-security.md
index f9ee0552..5e572fa7 100644
--- a/i18n/zh/basics/email-security.md
+++ b/i18n/zh/basics/email-security.md
@@ -5,17 +5,17 @@ icon: material/email
description: Email is insecure in many ways, and these are some of the reasons it isn't our top choice for secure communications.
---
-电子邮件在默认情况下是一种不安全的通信形式。 You can improve your email security with tools such as OpenPGP, which add End-to-End Encryption to your messages, but OpenPGP still has a number of drawbacks compared to encryption in other messaging applications.
+电子邮件在默认情况下是一种不安全的通信形式。 You can improve your email security with tools such as OpenPGP, which add end-to-end encryption to your messages, but OpenPGP still has a number of drawbacks compared to encryption in other messaging applications.
因此,电子邮件最好用于接收来自你在线注册的服务的交易性邮件(如通知、验证邮件、密码重置等),而不是用于与他人交流。
## 电子邮件加密概述
-在不同的电邮供应商之间为电子邮件添加端到端加密的标准方法是使用OpenPGP。 OpenPGP标准有不同的实现方式,最常见的是 [GnuPG](https://en.wikipedia.org/wiki/GNU_Privacy_Guard) 和 [OpenPGP.js](https://openpgpjs.org)。
+在不同的电邮供应商之间为电子邮件添加端到端加密的标准方法是使用OpenPGP。 There are different implementations of the OpenPGP standard, the most common being [GnuPG](../encryption.md#gnu-privacy-guard) and [OpenPGP.js](https://openpgpjs.org).
-即使你使用OpenPGP,它也不支持 [前向加密](https://en.wikipedia.org/wiki/Forward_secrecy),这意味着如果你或收件人的私钥被盗,所有在之前使用它加密的信息都将被暴露。 这就是为什么我们推荐 [即时通讯工具](../real-time-communication.md) ,比起电子邮件,它尽可能更好地在人与人之间的通信中实现前向保密性。
+Even if you use OpenPGP, it does not support [forward secrecy](https://en.wikipedia.org/wiki/Forward_secrecy), which means if the private key of either you or the message recipient is ever stolen, all previous messages encrypted with it will be exposed. 这就是为什么我们推荐 [即时通讯工具](../real-time-communication.md) ,比起电子邮件,它尽可能更好地在人与人之间的通信中实现前向保密性。
-There is another standard which is popular with business called [S/MIME](https://en.wikipedia.org/wiki/S/MIME), however, it requires a certificate issued from a [Certificate Authority](https://en.wikipedia.org/wiki/Certificate_authority) (not all of them issue S/MIME certificates, and often a yearly payment is required). In some cases it is more usable than PGP because it has support in popular/mainstream email applications like Apple Mail, [Google Workplace](https://support.google.com/a/topic/9061730), and [Outlook](https://support.office.com/article/encrypt-messages-by-using-s-mime-in-outlook-on-the-web-878c79fc-7088-4b39-966f-14512658f480). However, S/MIME does not solve the issue of lack of forward secrecy, and isn't particularly more secure than PGP.
+There is another standard which is popular with business called [S/MIME](https://en.wikipedia.org/wiki/S/MIME), however it requires a certificate issued from a [Certificate Authority](https://en.wikipedia.org/wiki/Certificate_authority) (not all of them issue S/MIME certificates, and often a yearly payment is required). In some cases it is more usable than PGP because it has support in popular/mainstream email applications like Apple Mail, [Google Workplace](https://support.google.com/a/topic/9061730), and [Outlook](https://support.office.com/article/encrypt-messages-by-using-s-mime-in-outlook-on-the-web-878c79fc-7088-4b39-966f-14512658f480). However, S/MIME does not solve the issue of lack of forward secrecy, and isn't particularly more secure than PGP.
## 什么是网络密钥目录标准?
@@ -23,13 +23,13 @@ The [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD) standard allows email
除了我们推荐的 [电子邮件客户端(](../email-clients.md) )支持 WKD 外,一些网络邮件提供商也支持 WKD。 *您自己的* 密钥是否发布到 WKD 供他人使用,取决于您的域配置。 如果您使用支持 WKD 的 [电子邮件提供商](../email.md#openpgp-compatible-services) (如 Proton Mail 或 Mailbox.org),他们可以为您在其域上发布 OpenPGP 密钥。
-如果使用自己的自定义域,则需要单独配置 WKD。 如果您能控制自己的域名,那么无论您的电子邮件提供商是谁,您都可以设置 WKD。 One easy way to do this is to use the "[WKD as a Service](https://keys.openpgp.org/about/usage#wkd-as-a-service)" feature from keys.openpgp.org, by setting a CNAME record on the `openpgpkey` subdomain of your domain pointed to `wkd.keys.openpgp.org`, then uploading your key to [keys.openpgp.org](https://keys.openpgp.org). 或者,您也可以 [自行将 WKD 托管在自己的网络服务器上](https://wiki.gnupg.org/WKDHosting)。
+如果使用自己的自定义域,则需要单独配置 WKD。 如果您能控制自己的域名,那么无论您的电子邮件提供商是谁,您都可以设置 WKD。 One easy way to do this is to use the "[WKD as a Service](https://keys.openpgp.org/about/usage#wkd-as-a-service)" feature from the `keys.openpgp.org` server: Set a CNAME record on the `openpgpkey` subdomain of your domain pointed to `wkd.keys.openpgp.org`, then upload your key to [keys.openpgp.org](https://keys.openpgp.org). 或者,您也可以 [自行将 WKD 托管在自己的网络服务器上](https://wiki.gnupg.org/WKDHosting)。
-如果您使用不支持 WKD 的提供商提供的共享域名(如 @gmail.com),则无法通过此方法与他人共享 OpenPGP 密钥。
+If you use a shared domain from a provider which doesn't support WKD, like `@gmail.com`, you won't be able to share your OpenPGP key with others via this method.
### 哪些电子邮件客户端支持端到端加密?
-允许你使用IMAP和SMTP等标准访问协议的电子邮件提供商可以与我们推荐的任何 [电子邮件客户端一起使用](../email-clients.md)。 Depending on the authentication method, this may lead to the decrease security if either the provider or the email client does not support OATH or a bridge application as [multifactor authentication](multi-factor-authentication.md) is not possible with plain password authentication.
+允许你使用IMAP和SMTP等标准访问协议的电子邮件提供商可以与我们推荐的任何 [电子邮件客户端一起使用](../email-clients.md)。 Depending on the authentication method, this may lead to decreased security if either the provider or the email client does not support [OAuth](account-creation.md#sign-in-with-oauth) or a bridge application as [multifactor authentication](multi-factor-authentication.md) is not possible with plain password authentication.
### 我如何保护我的私钥?
@@ -39,14 +39,14 @@ It is advantageous for the decryption to occur on the smart card to avoid possib
## 电子邮件元数据概述
-电子邮件元数据存储在电子邮件的 [信息标题](https://en.wikipedia.org/wiki/Email#Message_header) ,包括一些你可能已经看到的可见标题,如: `To`, `From`, `Cc`, `Date`, `Subject`。 许多电子邮件客户和供应商还包括一些隐藏的标题,可以揭示有关你的账户的信息。
+Email metadata is stored in the [message header](https://en.wikipedia.org/wiki/Email#Message_header) of the email message and includes some visible headers that you may have seen such as `To`, `From`, `Cc`, `Date`, and `Subject`. 许多电子邮件客户和供应商还包括一些隐藏的标题,可以揭示有关你的账户的信息。
客户端软件可以使用电子邮件元数据来显示信息来自谁,以及什么时间收到的。 服务器可能使用它来确定电子邮件必须发送到哪里,其中还有一些不那么透明的 [其他目的](https://en.wikipedia.org/wiki/Email#Message_header) 。
### 谁可以查看电子邮件元数据?
-电子邮件元数据通过 [Opportunistic TLS](https://en.wikipedia.org/wiki/Opportunistic_TLS) ,保护其不受外界观察者的影响,但它仍然能够被你的电子邮件客户端软件(或网络邮件)和任何将你的信息转发给任何收件人(包括你的电子邮件供应商)的服务器看到。 有时,电子邮件服务器也会使用第三方服务来防止垃圾邮件,这些服务一般也能接触到你的邮件。
+Email metadata is protected from outside observers with [opportunistic TLS](https://en.wikipedia.org/wiki/Opportunistic_TLS), but it is still able to be seen by your email client software (or webmail) and any servers relaying the message from you to any recipients including your email provider. 有时,电子邮件服务器也会使用第三方服务来防止垃圾邮件,这些服务一般也能接触到你的邮件。
### 为什么元数据不能被端到端加密?
-电子邮件元数据对于电子邮件最基本的功能(它从哪里来,又要到哪里去)至关重要。 E2EE最初没有内置于电子邮件协议中,而是需要像OpenPGP这样的附加软件。 Because OpenPGP messages still have to work with traditional email providers, it cannot encrypt some of this email metadata required for identifying the parties communicating. That means that even when using OpenPGP, outside observers can see lots of information about your messages, such as whom you're emailing, when you're emailing, etc.
+电子邮件元数据对于电子邮件最基本的功能(它从哪里来,又要到哪里去)至关重要。 E2EE was not built into standard email protocols originally, instead requiring add-on software like OpenPGP. Because OpenPGP messages still have to work with traditional email providers, it cannot encrypt some of this email metadata required for identifying the parties communicating. That means that even when using OpenPGP, outside observers can see lots of information about your messages, such as whom you're emailing, when you're emailing, etc.
diff --git a/i18n/zh/email-aliasing.md b/i18n/zh/email-aliasing.md
index bc73aeb2..220bce59 100644
--- a/i18n/zh/email-aliasing.md
+++ b/i18n/zh/email-aliasing.md
@@ -10,7 +10,34 @@ cover: email-aliasing.webp
- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
-An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md). True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
+An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md).
+
+Email aliasing can also act as a safeguard in case your email provider ever ceases operation. In that scenario, you can easily re-route your aliases to a new email address. In turn, however, you are placing trust in the aliasing service to continue functioning.
+
+## Benefits
+
+Using a service which allows you to individually manage email aliases has a number of benefits over conventional mailbox management/filtering methods:
+
+### Over Plus Addressing
+
+True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
+
+### Over Catch-All Aliases
+
+Using a dedicated email aliasing service has a number of benefits over a catch-all alias on a custom domain:
+
+- Aliases can be turned on and off individually when you need them, preventing websites from emailing you randomly.
+- Replies are sent from the alias address, shielding your real email address.
+
+### Over Temporary Email Services
+
+Email aliasing services also have a number of benefits over "temporary email" services:
+
+- Aliases are permanent and can be turned on again if you need to receive something like a password reset.
+- Emails are sent to your trusted mailbox rather than stored by the alias provider.
+- Temporary email services typically have public mailboxes which can be accessed by anyone who knows the address, while aliases are private to you.
+
+## 推荐的供应商
@@ -19,20 +46,7 @@ An **email aliasing service** allows you to easily generate a new email address
-Email aliasing can also act as a safeguard in case your email provider ever ceases operation. In that scenario, you can easily re-route your aliases to a new email address. In turn, however, you are placing trust in the aliasing service to continue functioning.
-
-Using a dedicated email aliasing service also has a number of benefits over a catch-all alias on a custom domain:
-
-- Aliases can be turned on and off individually when you need them, preventing websites from emailing you randomly.
-- Replies are sent from the alias address, shielding your real email address.
-
-They also have a number of benefits over "temporary email" services:
-
-- Aliases are permanent and can be turned on again if you need to receive something like a password reset.
-- Emails are sent to your trusted mailbox rather than stored by the alias provider.
-- Temporary email services typically have public mailboxes which can be accessed by anyone who knows the address, while aliases are private to you.
-
-Our email aliasing recommendations are providers that allow you to create aliases on domains they control, as well as on your own custom domain(s) for a modest yearly fee. They can also be self-hosted if you want maximum control. However, using a custom domain can have privacy-related drawbacks: If you are the only person using your custom domain, your actions can be easily tracked across websites simply by looking at the domain name in the email address and ignoring everything before the at (@) sign.
+Our email aliasing recommendations are providers that allow you to create aliases on domains they control, as well as on your own custom domain(s) for a modest yearly fee. They can also be self-hosted if you want maximum control. However, using a custom domain can have privacy-related drawbacks: If you are the only person using your custom domain, your actions can be easily tracked across websites simply by looking at the domain name in the email address and ignoring everything before the `@` symbol.
Using an aliasing service requires trusting both your email provider and your aliasing provider with your unencrypted messages. Some providers mitigate this slightly with automatic PGP encryption[^1], which reduces the number of parties you need to trust from two to one by encrypting incoming emails before they are delivered to your final mailbox provider.
@@ -42,29 +56,31 @@ Using an aliasing service requires trusting both your email provider and your al
{ align=right }
-**Addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
+**Addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited ["standard" aliases](https://addy.io/faq/#what-is-a-standard-alias).
[:octicons-home-16: Homepage](https://addy.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://addy.io/privacy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://addy.io/faq){ .card-link title=Documentation}
+[:octicons-info-16:](https://addy.io/faq){ .card-link title="Documentation" }
[:octicons-code-16:](https://github.com/anonaddy){ .card-link title="Source Code" }
-[:octicons-heart-16:](https://addy.io/donate){ .card-link title=Contribute }
+[:octicons-heart-16:](https://addy.io/donate){ .card-link title="Contribute" }
Downloads
-- [:simple-android: Android](https://addy.io/faq/#is-there-an-android-app)
-- [:material-apple-ios: iOS](https://addy.io/faq/#is-there-an-ios-app)
+- [:simple-googleplay: Google Play](https://addy.io/faq/#is-there-an-android-app)
+- [:simple-appstore: App Store](https://addy.io/faq/#is-there-an-ios-app)
- [:simple-firefoxbrowser: Firefox](https://addons.mozilla.org/firefox/addon/addy_io)
-- [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/addyio-anonymous-email-fo/iadbdpnoknmbdeolbapdackdcogdmjpe)
+- [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/iadbdpnoknmbdeolbapdackdcogdmjpe)
Email does not provide forward secrecy
diff --git a/i18n/zh/email.md b/i18n/zh/email.md
index d99f9bbc..468b60e6 100644
--- a/i18n/zh/email.md
+++ b/i18n/zh/email.md
@@ -22,19 +22,19 @@ global:
对于其他一切,我们根据可持续的商业模式和内置的安全和隐私功能,推荐各种电子邮件供应商。 Read our [full list of criteria](#criteria) for more information.
-| Provider | OpenPGP / WKD | IMAP / SMTP | Zero Access Encryption | Anonymous Payments |
-| --------------------------- | -------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------- | ----------------------------- |
-| [Proton Mail](#proton-mail) | :material-check:{ .pg-green } | :material-information-outline:{ .pg-blue } Paid plans only | :material-check:{ .pg-green } | Cash |
-| [Mailbox.org](#mailboxorg) | :material-check:{ .pg-green } | :material-check:{ .pg-green } | :material-information-outline:{ .pg-blue } Mail only | Cash |
-| [Tuta](#tuta) | :material-alert-outline:{ .pg-orange } | :material-alert-outline:{ .pg-orange } | :material-check:{ .pg-green } | Monero & Cash via third-party |
+| Provider | OpenPGP / WKD | IMAP / SMTP | Zero-Access Encryption | Anonymous Payment Methods |
+| --------------------------- | -------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------- | ------------------------------------- |
+| [Proton Mail](#proton-mail) | :material-check:{ .pg-green } | :material-information-outline:{ .pg-blue } Paid plans only | :material-check:{ .pg-green } | Cash |
+| [Mailbox.org](#mailboxorg) | :material-check:{ .pg-green } | :material-check:{ .pg-green } | :material-information-outline:{ .pg-blue } Mail only | Cash |
+| [Tuta](#tuta) | :material-alert-outline:{ .pg-orange } | :material-alert-outline:{ .pg-orange } | :material-check:{ .pg-green } | Monero
Cash via third party |
-In addition to (or instead of) an email provider recommended here, you may wish to consider a dedicated [email aliasing service](email-aliasing.md) to protect your privacy. Among other things, these services can help protect your real inbox from spam, prevent marketers from correlating your accounts, and encrypt all incoming messages with PGP.
+In addition to (or instead of) an email provider recommended here, you may wish to consider a dedicated [email aliasing service](email-aliasing.md#recommended-providers) to protect your privacy. Among other things, these services can help protect your real inbox from spam, prevent marketers from correlating your accounts, and encrypt all incoming messages with PGP.
- [More Information :material-arrow-right-drop-circle:](email-aliasing.md)
## OpenPGP 兼容服务
-These providers natively support OpenPGP encryption/decryption and the [Web Key Directory (WKD) standard](basics/email-security.md#what-is-the-web-key-directory-standard), allowing for provider-agnostic E2EE emails. 例如,Proton Mail用户可以向Mailbox.org用户发送E2EE信息,或者你可以从支持OpenPGP的互联网服务中收到OpenPGP加密的通知。
+These providers natively support OpenPGP encryption/decryption and the [Web Key Directory (WKD) standard](basics/email-security.md#what-is-the-web-key-directory-standard), allowing for provider-agnostic end-to-end encrypted emails. 例如,Proton Mail用户可以向Mailbox.org用户发送E2EE信息,或者你可以从支持OpenPGP的互联网服务中收到OpenPGP加密的通知。
@@ -48,7 +48,9 @@ These providers natively support OpenPGP encryption/decryption and the [Web Key
当使用像OpenPGP这样的E2EE技术时,电子邮件仍然会有一些元数据没有在电子邮件的标题中进行加密。 Read more about [email metadata](basics/email-security.md#email-metadata-overview).
-即使你使用OpenPGP,它也不支持 前向加密,这意味着如果你或收件人的私钥被盗,所有在之前使用它加密的信息都将被暴露。 [如何保护我的私钥?](basics/email-security.md#how-do-i-protect-my-private-keys)
+OpenPGP also does not support forward secrecy, which means if the private key of either you or the message recipient is ever stolen, all previous messages encrypted with it will be exposed.
+
+- [How do I protect my private keys?](basics/email-security.md#how-do-i-protect-my-private-keys)
@@ -58,7 +60,9 @@ These providers natively support OpenPGP encryption/decryption and the [Web Key
! [Proton Mail徽标] (assets/img/email/protonmail.svg) {align = right}
-* * Proton Mail * *是一项专注于隐私、加密、安全性和易用性的电子邮件服务。 They have been in operation since 2013. Proton AG is based in Geneva, Switzerland. The Proton Mail Free plan comes with 500 MB of Mail storage, which you can increase up to 1 GB for free.
+* * Proton Mail * *是一项专注于隐私、加密、安全性和易用性的电子邮件服务。 They have been in operation since 2013. Proton AG is based in Geneva, Switzerland.
+
+The Proton Free plan comes with 500 MB of Mail storage, which you can increase up to 1 GB for free.
[:octicons-home-16: Homepage](https://proton.me/mail){ .md-button .md-button--primary }
[:simple-torbrowser:](https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion){ .card-link title="Onion Service" }
@@ -81,9 +85,9 @@ These providers natively support OpenPGP encryption/decryption and the [Web Key
-免费账户有一些限制,如不能搜索正文,不能访问 [Proton Mail Bridge](https://proton.me/mail/bridge),这是使用 [推荐的桌面电子邮件客户端](email-clients.md) (如Thunderbird)所需要的。 付费帐户包括Proton Mail Bridge等功能,额外的存储空间和自定义域支持。 2021年11月9日, [Securitum](https://research.securitum.com),为Proton Mail的应用程序提供了一份 [的证明信](https://proton.me/blog/security-audit-all-proton-apps)。
+Free accounts have some limitations, such as not being able to search body text and not having access to [Proton Mail Bridge](https://proton.me/mail/bridge), which is required to use a [recommended desktop email client](email-clients.md) (e.g., Thunderbird). 付费帐户包括Proton Mail Bridge等功能,额外的存储空间和自定义域支持。 If you have the Proton Unlimited plan or any multi-user Proton plan, you also get [SimpleLogin](email-aliasing.md#simplelogin) Premium for free.
-If you have the Proton Unlimited plan or any multi-user Proton plan, you also get [SimpleLogin](email-aliasing.md#simplelogin) Premium for free.
+2021年11月9日, [Securitum](https://research.securitum.com),为Proton Mail的应用程序提供了一份 [的证明信](https://proton.me/blog/security-audit-all-proton-apps)。
Proton Mail has internal crash reports that are **not** shared with third parties. This can be disabled in the web app: :gear: → **All Settings** → **Account** → **Security and privacy** → **Privacy and data collection**.
@@ -93,7 +97,7 @@ Paid Proton Mail subscribers can use their own domain with the service or a [cat
#### :material-check:{ .pg-green } Private Payment Methods
-Proton Mail [accepts](https://proton.me/support/payment-options) cash by mail in addition to standard credit/debit card, [Bitcoin](advanced/payments.md#other-coins-bitcoin-ethereum-etc), and PayPal payments.
+Proton Mail [accepts](https://proton.me/support/payment-options) **cash** by mail in addition to standard credit/debit card, [Bitcoin](advanced/payments.md#other-coins-bitcoin-ethereum-etc), and PayPal payments.
#### :material-check:{ .pg-green } Account Security
@@ -109,7 +113,7 @@ Certain information stored in [Proton Contacts](https://proton.me/support/proton
Proton Mail has [integrated OpenPGP encryption](https://proton.me/support/how-to-use-pgp) in their webmail. 给其他Proton Mail账户的邮件是自动加密的,用OpenPGP密钥给非Proton Mail地址加密可以在账户设置中轻松启用。 Proton also supports automatic external key discovery with WKD. This means that emails sent to other providers which use WKD will be automatically encrypted with OpenPGP as well, without the need to manually exchange public PGP keys with your contacts. They also allow you to [encrypt messages to non-Proton Mail addresses without OpenPGP](https://proton.me/support/password-protected-emails), without the need for them to sign up for a Proton Mail account.
-Proton Mail also publishes the public keys of Proton accounts via HTTP from their WKD. 这使得不使用Proton Mail的人可以轻松找到Proton Mail账户的OpenPGP密钥,实现跨供应商的E2EE。 This only applies to email addresses ending in one of Proton's own domains, like @proton.me. If you use a custom domain, you must [configure WKD](./basics/email-security.md#what-is-the-web-key-directory-standard) separately.
+Proton Mail also publishes the public keys of Proton accounts via HTTP from their WKD. This allows people who don't use Proton Mail to find the OpenPGP keys of Proton Mail accounts easily for cross-provider E2EE. This only applies to email addresses ending in one of Proton's own domains, like `@proton.me`. If you use a custom domain, you must [configure WKD](basics/email-security.md#what-is-the-web-key-directory-standard) separately.
#### :material-information-outline:{ .pg-blue } Account Termination
@@ -117,17 +121,17 @@ If you have a paid account and your [bill is unpaid](https://proton.me/support/d
#### :material-information-outline:{ .pg-blue } Additional Functionality
-Proton Mail's [Unlimited](https://proton.me/support/proton-plans#proton-unlimited) plan also enables access to other Proton services in addition to providing multiple custom domains, unlimited hide-my-email aliases, and 500 GB of storage.
-
-Proton Mail不提供数字遗留功能。
+Proton Mail's [Unlimited](https://proton.me/support/proton-plans#proton-unlimited) plan also enables access to other Proton services in addition to providing multiple custom domains, unlimited hide-my-email aliases, and 500 GB of storage.
### Mailbox.org
-{ align=right }
+{ align=right }
-**Mailbox.org**是一个专注于安全、无广告、并由100%环保能源私人提供的电子邮件服务。 他们自2014年以来一直在运作。 Mailbox.org总部位于德国柏林。 Accounts start with up to 2 GB storage, which can be upgraded as needed.
+**Mailbox.org** is an email service with a focus on being secure, ad-free, and powered by 100% eco-friendly energy. 他们自2014年以来一直在运作。 Mailbox.org总部位于德国柏林。
+
+Accounts start with up to 2 GB storage, which can be upgraded as needed.
[:octicons-home-16: Homepage](https://mailbox.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mailbox.org/en/data-protection-privacy-policy){ .card-link title="Privacy Policy" }
@@ -148,23 +152,23 @@ Mailbox.org lets you use your own domain, and they support [catch-all](https://k
#### :material-check:{ .pg-green } Private Payment Methods
-Mailbox.org doesn't accept any cryptocurrencies as a result of their payment processor BitPay suspending operations in Germany. However, they do accept cash by mail, cash payment to bank account, bank transfer, credit card, PayPal and a couple of German-specific processors: paydirekt and Sofortüberweisung.
+Mailbox.org doesn't accept any cryptocurrencies as a result of their payment processor BitPay suspending operations in Germany. However, they do accept **cash** by mail, **cash** payment to bank account, bank transfer, credit card, PayPal, and a couple of German-specific processors: Paydirekt and Sofortüberweisung.
#### :material-check:{ .pg-green } Account Security
-Mailbox.org supports [two-factor authentication](https://kb.mailbox.org/en/private/account-article/how-to-use-two-factor-authentication-2fa) for their webmail only. You can use either TOTP or a [YubiKey](https://en.wikipedia.org/wiki/YubiKey) via the [YubiCloud](https://yubico.com/products/services-software/yubicloud). Web standards such as [WebAuthn](https://en.wikipedia.org/wiki/WebAuthn) are not yet supported.
+Mailbox.org supports [two-factor authentication](https://kb.mailbox.org/en/private/account-article/how-to-use-two-factor-authentication-2fa) for their webmail only. You can use either TOTP or a [YubiKey](https://en.wikipedia.org/wiki/YubiKey) via the [YubiCloud](https://yubico.com/products/services-software/yubicloud). Web standards such as [WebAuthn](basics/multi-factor-authentication.md#fido-fast-identity-online) are not yet supported.
#### :material-information-outline:{ .pg-blue } Data Security
Mailbox.org allows for encryption of incoming mail using their [encrypted mailbox](https://kb.mailbox.org/en/private/e-mail-article/your-encrypted-mailbox). New messages that you receive will then be immediately encrypted with your public key.
-However, [Open-Exchange](https://en.wikipedia.org/wiki/Open-Xchange), the software platform used by Mailbox.org, [does not support](https://kb.mailbox.org/en/private/security-privacy-article/encryption-of-calendar-and-address-book) the encryption of your address book and calendar. A [standalone option](calendar.md) may be more appropriate for that information.
+However, [Open-Xchange](https://en.wikipedia.org/wiki/Open-Xchange), the software platform used by Mailbox.org, [does not support](https://kb.mailbox.org/en/private/security-privacy-article/encryption-of-calendar-and-address-book) the encryption of your address book and calendar. A [standalone option](calendar.md) may be more appropriate for that data.
#### :material-check:{ .pg-green } Email Encryption
Mailbox.org has [integrated encryption](https://kb.mailbox.org/en/private/e-mail-article/send-encrypted-e-mails-with-guard) in their webmail, which simplifies sending messages to people with public OpenPGP keys. They also allow [remote recipients to decrypt an email](https://kb.mailbox.org/en/private/e-mail-article/my-recipient-does-not-use-pgp) on Mailbox.org's servers. This feature is useful when the remote recipient does not have OpenPGP and cannot decrypt a copy of the email in their own mailbox.
-Mailbox.org also supports the discovery of public keys via HTTP from their WKD. This allows people outside of Mailbox.org to find the OpenPGP keys of Mailbox.org accounts easily, for cross-provider E2EE. This only applies to email addresses ending in one of Mailbox.org's own domains, like @mailbox.org. If you use a custom domain, you must [configure WKD](./basics/email-security.md#what-is-the-web-key-directory-standard) separately.
+Mailbox.org also supports the discovery of public keys via HTTP from their WKD. This allows people outside of Mailbox.org to find the OpenPGP keys of Mailbox.org accounts easily for cross-provider E2EE. This only applies to email addresses ending in one of Mailbox.org's own domains, like `@mailbox.org`. If you use a custom domain, you must [configure WKD](basics/email-security.md#what-is-the-web-key-directory-standard) separately.
#### :material-information-outline:{ .pg-blue } Account Termination
@@ -176,7 +180,7 @@ You can access your Mailbox.org account via IMAP/SMTP using their [.onion servic
All accounts come with limited cloud storage that [can be encrypted](https://kb.mailbox.org/en/private/drive-article/encrypt-files-on-your-drive). Mailbox.org also offers the alias [@secure.mailbox.org](https://kb.mailbox.org/en/private/e-mail-article/ensuring-e-mails-are-sent-securely), which enforces the TLS encryption on the connection between mail servers, otherwise the message will not be sent at all. Mailbox.org also supports [Exchange ActiveSync](https://en.wikipedia.org/wiki/Exchange_ActiveSync) in addition to standard access protocols like IMAP and POP3.
-Mailbox.org has a digital legacy feature for all plans. You can choose whether you want any of your data to be passed to heirs providing that they apply and provide your testament. Alternatively, you can nominate a person by name and address.
+Mailbox.org has a digital legacy feature for all plans. You can choose whether you want any of your data to be passed to heirs, providing that they apply and provide your testament. Alternatively, you can nominate a person by name and address.
## More Providers
@@ -195,7 +199,9 @@ These providers store your emails with zero-knowledge encryption, making them gr
{ align=right }
{ align=right }
-**Tuta** (formerly *Tutanota*) is an email service with a focus on security and privacy through the use of encryption. Tuta has been in operation since 2011 and is based in Hanover, Germany. Free accounts start with 1 GB of storage.
+**Tuta** (formerly *Tutanota*) is an email service with a focus on security and privacy through the use of encryption. Tuta has been in operation since 2011 and is based in Hanover, Germany.
+
+Free accounts start with 1 GB of storage.
[:octicons-home-16: Homepage](https://tuta.com){ .md-button .md-button--primary }
[:octicons-eye-16:](https://tuta.com/privacy){ .card-link title="Privacy Policy" }
@@ -226,7 +232,7 @@ Paid Tuta accounts can use either 15 or 30 aliases depending on their plan and u
#### :material-information-outline:{ .pg-blue } Private Payment Methods
-Tuta only directly accepts credit cards and PayPal, however [cryptocurrency](cryptocurrency.md) can be used to purchase gift cards via their [partnership](https://tuta.com/support/#cryptocurrency) with ProxyStore.
+Tuta only directly accepts credit cards and PayPal, however [**cryptocurrency**](cryptocurrency.md) can be used to purchase gift cards via their [partnership](https://tuta.com/support/#cryptocurrency) with ProxyStore.
#### :material-check:{ .pg-green } Account Security
@@ -234,7 +240,7 @@ Tuta supports [two-factor authentication](https://tuta.com/support#2fa) with eit
#### :material-check:{ .pg-green } Data Security
-Tuta has [zero access encryption at rest](https://tuta.com/support#what-encrypted) for your emails, [address book contacts](https://tuta.com/support#encrypted-address-book), and [calendars](https://tuta.com/support#calendar). This means the messages and other data stored in your account are only readable by you.
+Tuta has [zero-access encryption at rest](https://tuta.com/support#what-encrypted) for your emails, [address book contacts](https://tuta.com/support#encrypted-address-book), and [calendars](https://tuta.com/support#calendar). This means the messages and other data stored in your account are only readable by you.
#### :material-information-outline:{ .pg-blue } Email Encryption
@@ -248,8 +254,6 @@ Tuta will [delete inactive free accounts](https://tuta.com/support#inactive-acco
Tuta offers the business version of [Tuta to non-profit organizations](https://tuta.com/blog/secure-email-for-non-profit) for free or with a heavy discount.
-Tuta doesn't offer a digital legacy feature.
-
## Self-Hosting Email
Advanced system administrators may consider setting up their own email server. Mail servers require attention and continuous maintenance in order to keep things secure and mail delivery reliable. In addition to the "all-in-one" solutions below, we've picked out a few articles that cover a more manual approach:
@@ -315,21 +319,22 @@ We regard these features as important in order to provide a safe and optimal ser
**符合条件的最低要求。**
-- Encrypts email account data at rest with zero-access encryption.
-- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
-- Operates on owned infrastructure, i.e. not built upon third-party email service providers.
+- Must encrypt email account data at rest with zero-access encryption.
+- Must be capable of exporting emails as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .EML with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
+- Allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
+- Must operate on owned infrastructure, i.e. not built upon third-party email service providers.
**Best Case:**
-- Encrypts all account data (Contacts, Calendars, etc.) at rest with zero-access encryption.
-- Integrated webmail E2EE/PGP encryption provided as a convenience.
-- Support for WKD to allow improved discovery of public OpenPGP keys via HTTP. GnuPG users can get a key by typing: `gpg --locate-key example_user@example.com`
-- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
-- Availability of the email provider's services via an [onion service](https://en.wikipedia.org/wiki/.onion).
-- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
-- Allows users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
+- Should encrypt all account data (contacts, calendars, etc.) at rest with zero-access encryption.
+- Should provide integrated webmail E2EE/PGP encryption as a convenience.
+- Should support WKD to allow improved discovery of public OpenPGP keys via HTTP. GnuPG users can get a key with this command: `gpg --locate-key example_user@example.com`.
+- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
+- Should support [sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing).
+- Should allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Catch-all or alias functionality for those who use their own domains.
-- Use of standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
+- Should use standard email access protocols such as IMAP, SMTP, or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
+- Email provider's services should be available via an [onion service](https://en.wikipedia.org/wiki/.onion).
### 隐私
@@ -337,30 +342,30 @@ We prefer our recommended providers to collect as little data as possible.
**符合条件的最低要求。**
-- Protect sender's IP address, which can involve filtering it from showing in the `Received` header field.
-- Don't require personally identifiable information (PII) besides a username and a password.
-- Privacy policy that meets the requirements defined by the GDPR.
+- Must protect sender's IP address, which can involve filtering it from showing in the `Received` header field.
+- Must not require personally identifiable information (PII) besides a username and a password.
+- Privacy policy must meet the requirements defined by the GDPR.
**Best Case:**
-- Accepts [anonymous payment options](advanced/payments.md) ([cryptocurrency](cryptocurrency.md), cash, gift cards, etc.)
-- Hosted in a jurisdiction with strong email privacy protection laws.
+- Should accept [anonymous payment options](advanced/payments.md) ([cryptocurrency](cryptocurrency.md), cash, gift cards, etc.)
+- Should be hosted in a jurisdiction with strong email privacy protection laws.
### 安全性
-Email servers deal with a lot of very sensitive data. We expect that providers will adopt best industry practices in order to protect their customers.
+Email servers deal with a lot of very sensitive data. We expect that providers will adopt industry best practices in order to protect their customers.
**符合条件的最低要求。**
-- Protection of webmail with 2FA, such as TOTP.
-- Zero access encryption, which builds on encryption at rest. The provider does not have the decryption keys to the data they hold. This prevents a rogue employee leaking data they have access to or remote adversary from releasing data they have stolen by gaining unauthorized access to the server.
+- Protection of webmail with 2FA, such as [TOTP](basics/multi-factor-authentication.md#time-based-one-time-password-totp).
+- Zero-access encryption, which builds on encryption at rest. The provider does not have the decryption keys to the data they hold. This prevents a rogue employee leaking data they have access to or remote adversary from releasing data they have stolen by gaining unauthorized access to the server.
- [DNSSEC](https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions) support.
- No TLS errors or vulnerabilities when being profiled by tools such as [Hardenize](https://hardenize.com), [testssl.sh](https://testssl.sh), or [Qualys SSL Labs](https://ssllabs.com/ssltest); this includes certificate related errors and weak DH parameters, such as those that led to [Logjam](https://en.wikipedia.org/wiki/Logjam_(computer_security)).
-- A server suite preference (optional on TLSv1.3) for strong cipher suites which support forward secrecy and authenticated encryption.
+- A server suite preference (optional on TLS 1.3) for strong cipher suites which support forward secrecy and authenticated encryption.
- A valid [MTA-STS](https://tools.ietf.org/html/rfc8461) and [TLS-RPT](https://tools.ietf.org/html/rfc8460) policy.
- Valid [DANE](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities) records.
- Valid [SPF](https://en.wikipedia.org/wiki/Sender_Policy_Framework) and [DKIM](https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail) records.
-- Have a proper [DMARC](https://en.wikipedia.org/wiki/DMARC) record and policy or use [ARC](https://en.wikipedia.org/wiki/Authenticated_Received_Chain) for authentication. If DMARC authentication is being used, the policy must be set to `reject` or `quarantine`.
+- Must have a proper [DMARC](https://en.wikipedia.org/wiki/DMARC) record and policy or use [ARC](https://en.wikipedia.org/wiki/Authenticated_Received_Chain) for authentication. If DMARC authentication is being used, the policy must be set to `reject` or `quarantine`.
- A server suite preference of TLS 1.2 or later and a plan for [RFC8996](https://datatracker.ietf.org/doc/rfc8996).
- [SMTPS](https://en.wikipedia.org/wiki/SMTPS) submission, assuming SMTP is used.
- Website security standards such as:
@@ -370,10 +375,10 @@ Email servers deal with a lot of very sensitive data. We expect that providers w
**Best Case:**
-- Support for hardware authentication, i.e. U2F and [WebAuthn](basics/multi-factor-authentication.md#fido-fast-identity-online).
+- Should support hardware authentication, i.e. U2F and [WebAuthn](basics/multi-factor-authentication.md#fido-fast-identity-online).
- [DNS Certification Authority Authorization (CAA) Resource Record](https://tools.ietf.org/html/rfc6844) in addition to DANE support.
-- Implementation of [Authenticated Received Chain (ARC)](https://en.wikipedia.org/wiki/Authenticated_Received_Chain), which is useful for people who post to mailing lists [RFC8617](https://tools.ietf.org/html/rfc8617).
-- Published security audits from a reputable third-party firm.
+- Should implement [Authenticated Received Chain (ARC)](https://en.wikipedia.org/wiki/Authenticated_Received_Chain), which is useful for people who post to mailing lists [RFC8617](https://tools.ietf.org/html/rfc8617).
+- Published security audits from a reputable, third-party firm.
- Bug-bounty programs and/or a coordinated vulnerability-disclosure process.
- Website security standards such as:
- [Content Security Policy (CSP)](https://en.wikipedia.org/wiki/Content_Security_Policy)
@@ -398,18 +403,15 @@ With the email providers we recommend, we like to see responsible marketing.
**符合条件的最低要求。**
- Must self-host analytics (no Google Analytics, Adobe Analytics, etc.).
-
-Must not have any irresponsible marketing, which can include the following:
-
-- Claims of "unbreakable encryption." Encryption should be used with the intention that it may not be secret in the future when the technology exists to crack it.
-- Making guarantees of protecting anonymity 100%. When someone makes a claim that something is 100% it means there is no certainty for failure. We know people can quite easily de-anonymize themselves in a number of ways, e.g.:
-
- - Reusing personal information e.g. (email accounts, unique pseudonyms, etc.) that they accessed without anonymity software (Tor, VPN, etc.)
- - [Browser fingerprinting](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint)
+- Must not have any irresponsible marketing, which can include the following:
+ - Claims of "unbreakable encryption." Encryption should be used with the intention that it may not be secret in the future when the technology exists to crack it.
+ - Guarantees of protecting anonymity 100%. When someone makes a claim that something is 100%, it means there is no certainty for failure. We know people can quite easily de-anonymize themselves in a number of ways, e.g.:
+ - Reusing personal information e.g. (email accounts, unique pseudonyms, etc.) that they accessed without anonymity software such as Tor
+ - [Browser fingerprinting](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint)
**Best Case:**
-- Clear and easy to read documentation for tasks like setting up 2FA, email clients, OpenPGP, etc.
+- Clear and easy-to-read documentation for tasks like setting up 2FA, email clients, OpenPGP, etc.
### Additional Functionality
diff --git a/i18n/zh/os/android-overview.md b/i18n/zh/os/android-overview.md
index 64d429f5..32315986 100644
--- a/i18n/zh/os/android-overview.md
+++ b/i18n/zh/os/android-overview.md
@@ -132,7 +132,7 @@ If you have a Google account we suggest enrolling in the [Advanced Protection Pr
高级保护计划提供增强的威胁监控,并支持:
-- Stricter two-factor authentication; e.g. that [FIDO](../basics/multi-factor-authentication.md#fido-fast-identity-online) **must** be used and disallows the use of [SMS OTPs](../basics/multi-factor-authentication.md#sms-or-email-mfa), [TOTP](../basics/multi-factor-authentication.md#time-based-one-time-password-totp) and [OAuth](https://en.wikipedia.org/wiki/OAuth)
+- Stricter two-factor authentication; e.g. that [FIDO](../basics/multi-factor-authentication.md#fido-fast-identity-online) **must** be used and disallows the use of [SMS OTPs](../basics/multi-factor-authentication.md#sms-or-email-mfa), [TOTP](../basics/multi-factor-authentication.md#time-based-one-time-password-totp) and [OAuth](../basics/account-creation.md#sign-in-with-oauth)
- 只有谷歌和经过验证的第三方应用程序可以访问账户数据
- 在 Gmail 帐户上扫描收到的邮件以进行 [钓鱼](https://en.wikipedia.org/wiki/Phishing#Email_phishing) 尝试
- Stricter [safe browser scanning](https://google.com/chrome/privacy/whitepaper.html#malware) with Google Chrome
@@ -154,7 +154,9 @@ If you have a Google account we suggest enrolling in the [Advanced Protection Pr
All devices with Google Play Services installed automatically generate an [advertising ID](https://support.google.com/googleplay/android-developer/answer/6048248) used for targeted advertising. 禁用此功能以限制收集到的关于你的数据。
-在带有 [Sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play)的安卓发行上,进入 :gear: **设置** → **应用程序** → **Sandboxed Google Play** → **谷歌设置** → **广告**,并选择 *删除广告 ID*。
+On Android distributions with [sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play), go to :gear: **Settings** → **Apps** → **Sandboxed Google Play** → **Google Settings** → **All services** → **Ads**.
+
+- [x] Select **Delete advertising ID**
On Android distributions with privileged Google Play Services (which includes the stock installation on most devices), the setting may be in one of several locations. 查看
diff --git a/includes/abbreviations.ar.txt b/includes/abbreviations.ar.txt
index 44b8e2b9..ad94bdce 100644
--- a/includes/abbreviations.ar.txt
+++ b/includes/abbreviations.ar.txt
@@ -2,42 +2,42 @@
*[ADB]: Android Debug Bridge
*[AOSP]: Android Open Source Project
*[ATA]: Advanced Technology Attachment
-*[attack surface]: The total number of possible entry points for unauthorized access to a system.
+*[attack surface]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Android Verified Boot
*[cgroups]: Control Groups
*[CLI]: Command Line Interface
*[CSV]: Comma-Separated Values
*[CVE]: Common Vulnerabilities and Exposures
-*[dark pattern]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[dark pattern]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Domain Name System Security Extensions
*[DNS]: Domain Name System
*[DoH]: DNS over HTTPS
*[DoQ]: DNS over QUIC
*[DoH3]: DNS over HTTP/3
*[DoT]: DNS over TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: End-to-End Encryption/Encrypted
*[ECS]: EDNS Client Subnet
*[EEA]: European Economic Area
-*[entropy]: A measurement of how unpredictable something is.
+*[entropy]: A measurement of how unpredictable something is
*[EOL]: End-of-Life
*[Exif]: Exchangeable image file format
*[FCM]: Firebase Cloud Messaging
*[FDE]: Full Disk Encryption
*[FIDO]: Fast IDentity Online
*[FS]: Forward Secrecy
-*[fork]: A new software project created by copying an existing project and adding to it independently.
+*[fork]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: General Data Protection Regulation
*[GPG]: GNU Privacy Guard (PGP implementation)
*[GPS]: Global Positioning System
*[GUI]: Graphical User Interface
*[GnuPG]: GNU Privacy Guard (PGP implementation)
*[HDD]: Hard Disk Drive
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Hypertext Transfer Protocol Secure
*[HTTP]: Hypertext Transfer Protocol
-*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Integrated Circuit Card Identifier
*[IMAP]: Internet Message Access Protocol
*[IMEI]: International Mobile Equipment Identity
@@ -49,19 +49,22 @@
*[ISPs]: Internet Service Providers
*[JNI]: Java Native Interface
*[KYC]: Know Your Customer
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Media Access Control
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: Mobile Equipment Identifier
*[MFA]: Multi-Factor Authentication
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Network Time Protocol
*[OCI]: Open Container Initiative
*[OCSP]: Online Certificate Status Protocol
*[OEM]: Original Equipment Manufacturer
*[OEMs]: Original Equipment Manufacturers
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: Operating System
*[OTP]: One-Time Password
*[OTPs]: One-Time Passwords
@@ -69,12 +72,12 @@
*[P2P]: Peer-to-Peer
*[PAM]: Linux Pluggable Authentication Modules
*[POP3]: Post Office Protocol 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Personally Identifiable Information
*[QNAME]: Qualified Name
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[rolling release]: Updates which are released frequently rather than at set intervals.
+*[rolling release]: Updates which are released frequently rather than set intervals
*[RSS]: Really Simple Syndication
*[SELinux]: Security-Enhanced Linux
*[SIM]: Subscriber Identity Module
@@ -83,10 +86,12 @@
*[SNI]: Server Name Indication
*[SSD]: Solid-State Drive
*[SSH]: Secure Shell
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Software as a Service (cloud software)
*[SoC]: System on Chip
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Transmission Control Protocol
*[TEE]: Trusted Execution Environment
*[TLS]: Transport Layer Security
diff --git a/includes/abbreviations.bn-IN.txt b/includes/abbreviations.bn-IN.txt
index d8a21651..de1c9c55 100644
--- a/includes/abbreviations.bn-IN.txt
+++ b/includes/abbreviations.bn-IN.txt
@@ -2,42 +2,42 @@
*[ADB]: Android Debug Bridge
*[AOSP]: Android Open Source Project
*[ATA]: Advanced Technology Attachment
-*[attack surface]: The total number of possible entry points for unauthorized access to a system.
+*[attack surface]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Android Verified Boot
*[cgroups]: Control Groups
*[CLI]: Command Line Interface
*[CSV]: Comma-Separated Values
*[CVE]: Common Vulnerabilities and Exposures
-*[dark pattern]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[dark pattern]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Domain Name System Security Extensions
*[DNS]: Domain Name System
*[DoH]: DNS over HTTPS
*[DoQ]: DNS over QUIC
*[DoH3]: DNS over HTTP/3
*[DoT]: DNS over TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: End-to-End Encryption/Encrypted
*[ECS]: EDNS Client Subnet
*[EEA]: European Economic Area
-*[entropy]: A measurement of how unpredictable something is.
+*[entropy]: A measurement of how unpredictable something is
*[EOL]: End-of-Life
*[Exif]: Exchangeable image file format
*[FCM]: Firebase Cloud Messaging
*[FDE]: Full Disk Encryption
*[FIDO]: Fast IDentity Online
*[FS]: Forward Secrecy
-*[fork]: A new software project created by copying an existing project and adding to it independently.
+*[fork]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: General Data Protection Regulation
*[GPG]: GNU Privacy Guard (PGP implementation)
*[GPS]: Global Positioning System
*[GUI]: Graphical User Interface
*[GnuPG]: GNU Privacy Guard (PGP implementation)
*[HDD]: Hard Disk Drive
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Hypertext Transfer Protocol Secure
*[HTTP]: Hypertext Transfer Protocol
-*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Integrated Circuit Card Identifier
*[IMAP]: Internet Message Access Protocol
*[IMEI]: International Mobile Equipment Identity
@@ -49,19 +49,22 @@
*[ISPs]: Internet Service Providers
*[JNI]: Java Native Interface
*[KYC]: Know Your Customer
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Media Access Control
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: Mobile Equipment Identifier
*[MFA]: Multi-Factor Authentication
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Network Time Protocol
*[OCI]: Open Container Initiative
*[OCSP]: Online Certificate Status Protocol
*[OEM]: Original Equipment Manufacturer
*[OEMs]: Original Equipment Manufacturers
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: Operating System
*[OTP]: One-Time Password
*[OTPs]: One-Time Passwords
@@ -69,12 +72,12 @@
*[P2P]: Peer-to-Peer
*[PAM]: Linux Pluggable Authentication Modules
*[POP3]: Post Office Protocol 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Personally Identifiable Information
*[QNAME]: Qualified Name
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[rolling release]: Updates which are released frequently rather than at set intervals.
+*[rolling release]: Updates which are released frequently rather than set intervals
*[RSS]: Really Simple Syndication
*[SELinux]: Security-Enhanced Linux
*[SIM]: Subscriber Identity Module
@@ -83,10 +86,12 @@
*[SNI]: Server Name Indication
*[SSD]: Solid-State Drive
*[SSH]: Secure Shell
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Software as a Service (cloud software)
*[SoC]: System on Chip
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Transmission Control Protocol
*[TEE]: Trusted Execution Environment
*[TLS]: Transport Layer Security
diff --git a/includes/abbreviations.bn.txt b/includes/abbreviations.bn.txt
index b36f302a..4fa72299 100644
--- a/includes/abbreviations.bn.txt
+++ b/includes/abbreviations.bn.txt
@@ -2,42 +2,42 @@
*[এডিবি]: অ্যান্ড্রয়েড ডিবাগ ব্রিজ
*[এওএসপি]: অ্যান্ড্রয়েড মুক্ত উৎস প্রকল্প
*[এটিএ]: অ্যাডভান্সড টেকনোলজি অ্যাটাচমেন্ট
-*[অ্যাটাক সার্ফেস]: The total number of possible entry points for unauthorized access to a system.
+*[অ্যাটাক সার্ফেস]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Android Verified Boot
*[cgroups]: Control Groups
*[CLI]: Command Line Interface
*[CSV]: Comma-Separated Values
*[CVE]: Common Vulnerabilities and Exposures
-*[dark pattern]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[dark pattern]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Domain Name System Security Extensions
*[DNS]: Domain Name System
*[DoH]: DNS over HTTPS
*[DoQ]: DNS over QUIC
*[DoH3]: DNS over HTTP/3
*[DoT]: DNS over TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: End-to-End Encryption/Encrypted
*[ECS]: EDNS Client Subnet
*[EEA]: European Economic Area
-*[entropy]: A measurement of how unpredictable something is.
+*[entropy]: A measurement of how unpredictable something is
*[EOL]: End-of-Life
*[Exif]: Exchangeable image file format
*[FCM]: Firebase Cloud Messaging
*[FDE]: Full Disk Encryption
*[FIDO]: Fast IDentity Online
*[FS]: Forward Secrecy
-*[fork]: A new software project created by copying an existing project and adding to it independently.
+*[fork]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: General Data Protection Regulation
*[GPG]: GNU Privacy Guard (PGP implementation)
*[GPS]: Global Positioning System
*[GUI]: Graphical User Interface
*[GnuPG]: GNU Privacy Guard (PGP implementation)
*[HDD]: Hard Disk Drive
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Hypertext Transfer Protocol Secure
*[HTTP]: Hypertext Transfer Protocol
-*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Integrated Circuit Card Identifier
*[IMAP]: Internet Message Access Protocol
*[IMEI]: International Mobile Equipment Identity
@@ -49,19 +49,22 @@
*[ISPs]: Internet Service Providers
*[JNI]: Java Native Interface
*[KYC]: Know Your Customer
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Media Access Control
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: Mobile Equipment Identifier
*[MFA]: Multi-Factor Authentication
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Network Time Protocol
*[OCI]: Open Container Initiative
*[OCSP]: Online Certificate Status Protocol
*[OEM]: Original Equipment Manufacturer
*[OEMs]: Original Equipment Manufacturers
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: Operating System
*[OTP]: One-Time Password
*[OTPs]: One-Time Passwords
@@ -69,12 +72,12 @@
*[P2P]: Peer-to-Peer
*[PAM]: Linux Pluggable Authentication Modules
*[POP3]: Post Office Protocol 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Personally Identifiable Information
*[QNAME]: Qualified Name
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[rolling release]: Updates which are released frequently rather than at set intervals.
+*[rolling release]: Updates which are released frequently rather than set intervals
*[RSS]: Really Simple Syndication
*[SELinux]: Security-Enhanced Linux
*[SIM]: Subscriber Identity Module
@@ -83,10 +86,12 @@
*[SNI]: Server Name Indication
*[SSD]: Solid-State Drive
*[SSH]: Secure Shell
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Software as a Service (cloud software)
*[SoC]: System on Chip
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Transmission Control Protocol
*[TEE]: Trusted Execution Environment
*[TLS]: Transport Layer Security
diff --git a/includes/abbreviations.cs.txt b/includes/abbreviations.cs.txt
index c7beeb41..62181a1b 100644
--- a/includes/abbreviations.cs.txt
+++ b/includes/abbreviations.cs.txt
@@ -2,42 +2,42 @@
*[ADB]: Android Debug Bridge
*[AOSP]: Android Open Source Project
*[ATA]: Advanced Technology Attachment
-*[attack surface]: The total number of possible entry points for unauthorized access to a system.
+*[attack surface]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Android Verified Boot
*[cgroups]: Control Groups
*[CLI]: Příkazová řádka
*[CSV]: Hodnoty oddělené čárkou
*[CVE]: Common Vulnerabilities and Exposures
-*[dark pattern]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[dark pattern]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Domain Name System Security Extensions
*[DNS]: Systém doménových jmen
*[DoH]: DNS přes HTTPS
*[DoQ]: DNS přes QUIC
*[DoH3]: DNS přes HTTP/3
*[DoT]: DNS přes TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: End-to-End Encryption/Encrypted
*[ECS]: EDNS Client Subnet
*[EEA]: European Economic Area
-*[entropy]: A measurement of how unpredictable something is.
+*[entropy]: A measurement of how unpredictable something is
*[EOL]: End-of-Life
*[Exif]: Exchangeable image file format
*[FCM]: Firebase Cloud Messaging
*[FDE]: Full Disk Encryption
*[FIDO]: Fast IDentity Online
*[FS]: Forward Secrecy
-*[fork]: A new software project created by copying an existing project and adding to it independently.
+*[fork]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: General Data Protection Regulation
*[GPG]: GNU Privacy Guard (implementace PGP)
*[GPS]: Global Positioning System
*[GUI]: Graphical User Interface
*[GnuPG]: GNU Privacy Guard (implementace PGP)
*[HDD]: Hard Disk Drive
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Hypertext Transfer Protocol Secure
*[HTTP]: Hypertext Transfer Protocol
-*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Integrated Circuit Card Identifier
*[IMAP]: Internet Message Access Protocol
*[IMEI]: International Mobile Equipment Identity
@@ -49,19 +49,22 @@
*[ISPs]: Internet Service Providers
*[JNI]: Nativní rozhraní Java
*[KYC]: Know Your Customer
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Media Access Control
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: Mobile Equipment Identifier
*[MFA]: Multi-Factor Authentication
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Network Time Protocol
*[OCI]: Open Container Initiative
*[OCSP]: Online Certificate Status Protocol
*[OEM]: Original Equipment Manufacturer
*[OEMs]: Original Equipment Manufacturers
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: Operating System
*[OTP]: Jednorázové heslo
*[OTPs]: One-Time Passwords
@@ -69,12 +72,12 @@
*[P2P]: Peer-to-Peer
*[PAM]: Linux Pluggable Authentication Modules
*[POP3]: Post Office Protocol 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Personally Identifiable Information
*[QNAME]: Qualified Name
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[rolling release]: Updates which are released frequently rather than at set intervals.
+*[rolling release]: Updates which are released frequently rather than set intervals
*[RSS]: Really Simple Syndication
*[SELinux]: Linux s vylepšenou bezpečností
*[SIM]: Subscriber Identity Module
@@ -83,10 +86,12 @@
*[SNI]: Označení názvu serveru
*[SSD]: Polovodičový disk
*[SSH]: Secure Shell
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Software as a Service (cloud software)
*[SoC]: Systém na čipu
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Transmission Control Protocol
*[TEE]: Trusted Execution Environment
*[TLS]: Transport Layer Security
diff --git a/includes/abbreviations.de.txt b/includes/abbreviations.de.txt
index 83e628ff..94a3c96d 100644
--- a/includes/abbreviations.de.txt
+++ b/includes/abbreviations.de.txt
@@ -2,42 +2,42 @@
*[ADB]: Android Debugging Brücke
*[AOSP]: Android Open-Source Projekt
*[ATA]: AT Attachment (Standard für die parallele Verbindung von Laufwerken)
-*[attack surface]: The total number of possible entry points for unauthorized access to a system.
+*[attack surface]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Android Verified Boot
*[cgroups]: Control Groups. Ein Bestandteil des Linux-Kernels, welcher Resourcennutzung isoliert und begrenzt.
*[CLI]: Kommandozeilen-Schnittstelle
*[CSV]: Kommagetrennte Werte
*[CVE]: Häufige Schwachstellen und Gefährdungen
-*[dark pattern]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[dark pattern]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Domänennamensystem-Sicherheitserweiterungen
*[DNS]: Domänennamensystem
*[DoH]: DNS über HTTPS
*[DoQ]: DNS über QUIC
*[DoH3]: DNS über HTTP/3
*[DoT]: DNS über TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: Ende-zu-Ende-Verschlüsselung/Verschlüsselt
*[ECS]: EDNS Client Subnetz
*[EWR]: Europäischer Wirtschaftsraum
-*[Entropie]: A measurement of how unpredictable something is.
+*[Entropie]: A measurement of how unpredictable something is
*[EOL]: Ende des Produktlebens- oder Support-Zyklus. Gemeint ist häufig das Ende der Unterstützung mit Sicherheitsupdates.
*[Exif]: Austauschbares Bilddateiformat
*[FCM]: Firebase-Cloud-Nachrichtendienst
*[FDE]: vollständige Festplattenverschlüsselung
*[FIDO]: Fast IDentity Online
*[FS]: Forward Secrecy (vorwärts gerichtete Geheimhaltung)
-*[fork]: A new software project created by copying an existing project and adding to it independently.
+*[fork]: A new software project created by copying an existing project and adding to it independently
*[DSGVO]: Datenschutzverordnung
*[GPG]: GNU Privacy Guard (PGP-Implementierung)
*[GPS]: Globales Positionsbestimmungssystem
*[GUI]: Grafische Benutzeroberfläche
*[GnuPG]: GNU Privacy Guard (PGP-Implementierung)
*[HDD]: Festplattenlaufwerk
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: sicheres Hypertext-Übertragungsprotokoll
*[HTTP]: Hypertext-Übertragungsprotokoll
-*[Hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[Hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Integrierter Schaltkreiskarten-Identifikator
*[IMAP]: Internet Message Access Protocol
*[IMEI]: International Mobile Equipment Identity
@@ -49,19 +49,22 @@
*[ISPs]: Internetdienstanbieter
*[JNI]: Native Java-Schnittstelle
*[KYC]: Know Your Customer
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Media Access Control
*[MDAG]: Microsoft Defender Anwendungsschutz
*[MEID]: Mobile Equipment Identifier
*[MFA]: Multi-Faktor-Authentifizierung
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Netzwerk-Zeitprotokoll
*[OCI]: Open Container Initiative
*[OCSP]: Online Certificate Status Protocol
*[OEM]: Original Equipment Manufacturer
*[OEMs]: Original Equipment Manufacturers
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: Betriebssystem
*[OTP]: Einmalpasswort
*[OTPs]: Einmalpasswörter
@@ -69,12 +72,12 @@
*[P2P]: Peer-to-Peer
*[PAM]: Linux Pluggable Authentication Modules
*[POP3]: Post Office Protocol 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Personenbezogene Daten
*[QNAME]: Qualified Name
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[rolling release]: Updates which are released frequently rather than at set intervals.
+*[rolling release]: Updates which are released frequently rather than set intervals
*[RSS]: Really Simple Syndication
*[SELinux]: Security-Enhanced Linux
*[SIM]: Subscriber Identity Module
@@ -83,10 +86,12 @@
*[SNI]: Server Name Indication
*[SSD]: Solid-State Drive
*[SSH]: Secure Shell
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Software as a Service (cloud software)
*[SoC]: System on Chip
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Transmission Control Protocol
*[TEE]: Trusted Execution Environment
*[TLS]: Transport Layer Security
diff --git a/includes/abbreviations.el.txt b/includes/abbreviations.el.txt
index f21d64ed..923291a2 100644
--- a/includes/abbreviations.el.txt
+++ b/includes/abbreviations.el.txt
@@ -2,42 +2,42 @@
*[ADB]: Android Debug Bridge (ελληνιστί: Γέφυρα Αποσφαλμάτωσης Android)
*[AOSP]: Έργο Ανοιχτού Κώδικα Android
*[ATA]: Advanced Technology Attachment
-*[επιφάνεια επίθεσης]: The total number of possible entry points for unauthorized access to a system.
+*[επιφάνεια επίθεσης]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Android Verified Boot (ελληνιστί: Επαληθευμένη Εκκίνηση Android)
*[cgroups]: Ομάδες Ελέγχου
*[CLI]: Διεπαφή Γραμμής Εντολών (αγγλικά: Command-Line Interface)
*[CSV]: Τιμές Διαχωρισμένες με Κόμμα
*[CVE]: Κοινές Ευπάθειες και Εκθέσεις
-*[dark pattern]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[dark pattern]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Σύστημα Ονομάτων Τομέων – Επεκτάσεις Ασφάλειας
*[DNS]: Σύστημα Ονομάτων Τομέων
*[DoH]: DNS over HTTPS
*[DoQ]: DNS over QUIC
*[DoH3]: DNS over HTTP/3
*[DoT]: DNS over TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: Κρυπτογράφηση/-μένο από Άκρο-σε-Άκρο
*[ECS]: EDNS Client Subnet (Υποδίκτυο Πελάτη EDNS)
*[EEA]: ΕΟΧ: Ευρωπαϊκός Οικονομικός Χώρος
-*[εντροπία]: A measurement of how unpredictable something is.
+*[εντροπία]: A measurement of how unpredictable something is
*[EOL]: Τέλος Κύκλου Ζωής (αγγλικά: End-of-Life)
*[Exif]: Exchangeable image file format
*[FCM]: Firebase Cloud Messaging
*[FDE]: Κρυπτογράφηση Πλήρους Δίσκου (αγγλικά: Full Disk Encryption)
*[FIDO]: Fast IDentity Online
*[FS]: Εμπρόσθια Μυστικότητα (αγγλικά: Forward Secrecy)
-*[φορκάρισμα]: A new software project created by copying an existing project and adding to it independently.
+*[φορκάρισμα]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: ΓΚΠΔ: Γενικός Κανονισμός για την Προστασία Δεδομένων
*[GPG]: GNU Privacy Guard (υλοποίηση του PGP)
*[GPS]: Παγκόσμιο Σύστημα Θεσιθεσίας
*[GUI]: Γραφικό Περιβάλλον
*[GnuPG]: GNU Privacy Guard (υλοποίηση του PGP)
*[HDD]: Σκληρός Δίσκος Μαγνητικής Περιστροφής
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Hypertext Transfer Protocol Secure (ελληνιστί: Ασφαλές Πρωτόκολλο Μεταφοράς Υπερκειμένου)
*[HTTP]: Hypertext Transfer Protocol (ελληνιστί: Πρωτόκολλο Μεταφοράς Υπερκειμένου)
-*[υπερβλέπων]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[υπερβλέπων]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Integrated Circuit Card Identifier (ελληνιστί: Ταυτοποιητικό Κάρτας Ολοκληρωμένου Κυκλώματος)
*[IMAP]: Internet Message Access Protocol
*[IMEI]: Διεθνής Ταυτότητα Κινητού Εξοπλισμού
@@ -49,19 +49,22 @@
*[ISPs]: Πάροχοι Υπηρεσιών Διαδικτύου
*[JNI]: Java Native Interface (ελληνιστί: Εγγενής Διεπαφή Java)
*[KYC]: Μέτρα Δέουσας Επιμέλειας (νομικός όρος) ή "Συστηθείτε" (μαρκετίστικος όρος)
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Έλεγχος Προσπέλασης Μέσου (αγγλικά: Medium Access Control)
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: Ταυτοποιητικό Κινητού Εξοπλισμού
*[MFA]: Αυθεντικοποίηση Πολλών Παραγόντων
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Πρωτόκολλο Δικτυακού Χρόνου
*[OCI]: Open Container Initiative
*[OCSP]: Online Certificate Status Protocol (ελληνιστί: Πρωτόκολλο Διαδικτυακού Πιστοποιητικού Κατάστασης)
*[OEM]: Παραγωγός Πρωτότυπου Εξοπλισμού
*[OEMs]: Παραγωγοί Πρωτότυπου Εξοπλισμού
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[ΛΣ]: Λειτουργικό Σύστημα
*[OTP]: Κωδικός Μιας-Χρήσης
*[OTPs]: Κωδικοί Μιας-Χρήσης
@@ -69,12 +72,12 @@
*[P2P]: Ομότιμο
*[PAM]: Pluggable Authentication Modules (υποσύστημα του Linux)
*[POP3]: Post Office Protocol 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Προσωπικές Ταυτοποιήσιμες Πληροφορίες (αγγλικά: Personally Identifiable Information)
*[QNAME]: Qualified Name
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[κυλιόμενη κυκλοφορία]: Updates which are released frequently rather than at set intervals.
+*[κυλιόμενη κυκλοφορία]: Updates which are released frequently rather than set intervals
*[RSS]: Really Simple Syndication
*[SELinux]: Security-Enhanced Linux
*[SIM]: Μονάδα Ταυτότητας Συνδρομής
@@ -83,10 +86,12 @@
*[SNI]: Server Name Indication (ελληνιστί: Ένδειξη Ονόματος Διακομιστή)
*[SSD]: Σκληρός Δίσκος Στερεάς Κατάστασης
*[SSH]: Secure Shell
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Λογισμικό ως Υπηρεσία ("Λογισμικό Νέφους")
*[SoC]: System on Chip
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Transmission Control Protocol (ελληνιστί: Πρωτόκολλο Ελέγχου Μεταφοράς)
*[TEE]: Trusted Execution Environment (ελληνιστί: Εμπιστευμένο Περιβάλλον Εκτέλεσης)
*[TLS]: Transport Layer Security (ελληνιστί: Ασφάλεια Επιπέδου Μεταφοράς)
diff --git a/includes/abbreviations.eo.txt b/includes/abbreviations.eo.txt
index d8a21651..de1c9c55 100644
--- a/includes/abbreviations.eo.txt
+++ b/includes/abbreviations.eo.txt
@@ -2,42 +2,42 @@
*[ADB]: Android Debug Bridge
*[AOSP]: Android Open Source Project
*[ATA]: Advanced Technology Attachment
-*[attack surface]: The total number of possible entry points for unauthorized access to a system.
+*[attack surface]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Android Verified Boot
*[cgroups]: Control Groups
*[CLI]: Command Line Interface
*[CSV]: Comma-Separated Values
*[CVE]: Common Vulnerabilities and Exposures
-*[dark pattern]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[dark pattern]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Domain Name System Security Extensions
*[DNS]: Domain Name System
*[DoH]: DNS over HTTPS
*[DoQ]: DNS over QUIC
*[DoH3]: DNS over HTTP/3
*[DoT]: DNS over TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: End-to-End Encryption/Encrypted
*[ECS]: EDNS Client Subnet
*[EEA]: European Economic Area
-*[entropy]: A measurement of how unpredictable something is.
+*[entropy]: A measurement of how unpredictable something is
*[EOL]: End-of-Life
*[Exif]: Exchangeable image file format
*[FCM]: Firebase Cloud Messaging
*[FDE]: Full Disk Encryption
*[FIDO]: Fast IDentity Online
*[FS]: Forward Secrecy
-*[fork]: A new software project created by copying an existing project and adding to it independently.
+*[fork]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: General Data Protection Regulation
*[GPG]: GNU Privacy Guard (PGP implementation)
*[GPS]: Global Positioning System
*[GUI]: Graphical User Interface
*[GnuPG]: GNU Privacy Guard (PGP implementation)
*[HDD]: Hard Disk Drive
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Hypertext Transfer Protocol Secure
*[HTTP]: Hypertext Transfer Protocol
-*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Integrated Circuit Card Identifier
*[IMAP]: Internet Message Access Protocol
*[IMEI]: International Mobile Equipment Identity
@@ -49,19 +49,22 @@
*[ISPs]: Internet Service Providers
*[JNI]: Java Native Interface
*[KYC]: Know Your Customer
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Media Access Control
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: Mobile Equipment Identifier
*[MFA]: Multi-Factor Authentication
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Network Time Protocol
*[OCI]: Open Container Initiative
*[OCSP]: Online Certificate Status Protocol
*[OEM]: Original Equipment Manufacturer
*[OEMs]: Original Equipment Manufacturers
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: Operating System
*[OTP]: One-Time Password
*[OTPs]: One-Time Passwords
@@ -69,12 +72,12 @@
*[P2P]: Peer-to-Peer
*[PAM]: Linux Pluggable Authentication Modules
*[POP3]: Post Office Protocol 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Personally Identifiable Information
*[QNAME]: Qualified Name
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[rolling release]: Updates which are released frequently rather than at set intervals.
+*[rolling release]: Updates which are released frequently rather than set intervals
*[RSS]: Really Simple Syndication
*[SELinux]: Security-Enhanced Linux
*[SIM]: Subscriber Identity Module
@@ -83,10 +86,12 @@
*[SNI]: Server Name Indication
*[SSD]: Solid-State Drive
*[SSH]: Secure Shell
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Software as a Service (cloud software)
*[SoC]: System on Chip
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Transmission Control Protocol
*[TEE]: Trusted Execution Environment
*[TLS]: Transport Layer Security
diff --git a/includes/abbreviations.es.txt b/includes/abbreviations.es.txt
index 4c858485..c3664ffd 100644
--- a/includes/abbreviations.es.txt
+++ b/includes/abbreviations.es.txt
@@ -2,42 +2,42 @@
*[ADB]: Puente de Depura de Android
*[AOSP]: Android Open Source Project
*[ATA]: Adjunto de Tecnología Avanzada
-*[superficie de ataque]: The total number of possible entry points for unauthorized access to a system.
+*[superficie de ataque]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Inicio Verificado de Android
*[cgroups]: Grupos de Control
*[CLI]: Interfaz de Línea de Comando
*[CSV]: Valores Separados por Coma
*[CVE]: Vulnerabilidades y Exposiciones Comunes
-*[patrón oscuro]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[patrón oscuro]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Extensiones de Seguridad del Sistema de Nombres de Dominio
*[DNS]: Sistema de Nombre de Dominio
*[DoH]: DNS sobre HTTPS
*[DoQ]: DNS sobre QUIC
*[DoH3]: DNS sobre HTTP/3
*[DoT]: DNS sobre TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: Cifrado/Encriptación de Extremo a Extremo
*[ECS]: Subred de Cliente EDNS
*[EEA]: Espacio Económico Europeo
-*[entropy]: A measurement of how unpredictable something is.
+*[entropy]: A measurement of how unpredictable something is
*[EOL]: Fin de Vida
*[Exif]: Formato de archivo de imagen intercambiable
*[FCM]: Firebase Cloud Messaging
*[FDE]: Encriptación de Disco Completo
*[FIDO]: Fast IDentity Online
*[FS]: Secreto Hacia Adelante
-*[fork]: A new software project created by copying an existing project and adding to it independently.
+*[fork]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: Reglamento General de Protección de Datos
*[GPG]: GNU Privacy Guard (implementación de PGP)
*[GPS]: Sistema de Posicionamiento Global
*[GUI]: Interfaz Gráfica de Usuario
*[GnuPG]: GNU Privacy Guard (implementación de PGP)
*[HDD]: Unidad de Disco Duro
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Protocolo de Transferencia de Hipertexto Seguro
*[HTTP]: Protocolo de Transferencia de Hipertexto
-*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Identificador de Tarjeta de Circuito Integrado
*[IMAP]: Protocolo de Acceso a Mensajes de Internet
*[IMEI]: Identidad Internacional de Equipos Móviles
@@ -49,19 +49,22 @@
*[ISPs]: Proveedores de Servicio de Internet
*[JNI]: Interfaz nativa de Java
*[KYC]: Conoce a Tu Cliente
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Control de Acceso a los Medios
*[MDAG]: Protección de aplicaciones de Microsoft Defender
*[MEID]: Identificador de Equipo Móvil
*[MFA]: Autenticación de Múltiples Factores
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Protocolo de Tiempo de Red
*[OCI]: Iniciativa de Contenedor Abierto
*[OCSP]: Protocolo del Estado del Certificado de Línea
*[OEM]: Fabricante Original de Equipo
*[OEMs]: Fabricantes Originales de Equipos
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: Sistema Operativo
*[OTP]: Contraseña de Un Solo Uso
*[OTPs]: Contraseña de Un Solo Uso
@@ -69,12 +72,12 @@
*[P2P]: Peer-to-Peer
*[PAM]: Módulos de Autenticación Conectables a Linux
*[POP3]: Post Office Protocol 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Información Personalmente Identificable
*[QNAME]: Nombre Cualificado
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[límites de tarifa]: Los límites de tarifa son restricciones que un servicio impone al número de veces que un usuario puede acceder a sus servicios en un periodo de tiempo determinado.
-*[liberación progresiva]: Updates which are released frequently rather than at set intervals.
+*[liberación progresiva]: Updates which are released frequently rather than set intervals
*[RSS]: Sindicación Realmente Sencilla
*[SELinux]: Linux con Seguridad Mejorada
*[SIM]: Módulo de Identidad del Suscriptor
@@ -83,10 +86,12 @@
*[SNI]: Indicación del Nombre de Servidor
*[SSD]: Unidad de Disco Duro de Estado Sólido
*[SSH]: Shell Seguro
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Software como servicio (software en la nube)
*[SoC]: Sistema en chip
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Protocolo de Control de Transmisión
*[TEE]: Entorno de Ejecución de Confianza
*[TLS]: Seguridad de la Capa de Transporte
diff --git a/includes/abbreviations.fa.txt b/includes/abbreviations.fa.txt
index 6dd3f9e1..7e1f49f0 100644
--- a/includes/abbreviations.fa.txt
+++ b/includes/abbreviations.fa.txt
@@ -2,42 +2,42 @@
*[ADB]: Android Debug Bridge
*[AOSP]: پروژه متن باز اندروید
*[ATA]: Advanced Technology Attachment
-*[attack surface]: The total number of possible entry points for unauthorized access to a system.
+*[attack surface]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Android Verified Boot
*[cgroups]: Control Groups
*[CLI]: رابط خط فرمان
*[CSV]: Comma-Separated Values
*[CVE]: Common Vulnerabilities and Exposures
-*[dark pattern]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[dark pattern]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Domain Name System Security Extensions
*[DNS]: Domain Name System
*[DoH]: DNS بر روی HTTPS
*[DoQ]: DNS بر روی QUIC
*[DoH3]: DNS بر روی HTTP/3
*[DoT]: DNS بر روی TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: رمزگذاری پایان به پایان
*[ECS]: EDNS Client Subnet
*[EEA]: European Economic Area
-*[entropy]: A measurement of how unpredictable something is.
+*[entropy]: A measurement of how unpredictable something is
*[EOL]: پایان عمر
*[Exif]: Exchangeable image file format
*[FCM]: Firebase Cloud Messaging
*[FDE]: Full Disk Encryption
*[FIDO]: Fast IDentity Online
*[FS]: Forward Secrecy
-*[fork]: A new software project created by copying an existing project and adding to it independently.
+*[fork]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: General Data Protection Regulation
*[GPG]: GNU Privacy Guard (PGP implementation)
*[GPS]: Global Positioning System
*[GUI]: رابط کاربری گرافیکی
*[GnuPG]: GNU Privacy Guard (PGP implementation)
*[HDD]: هارد دیسک
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Hypertext Transfer Protocol Secure
*[HTTP]: Hypertext Transfer Protocol
-*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Integrated Circuit Card Identifier
*[IMAP]: Internet Message Access Protocol
*[IMEI]: International Mobile Equipment Identity
@@ -49,19 +49,22 @@
*[ISPs]: Internet Service Providers
*[JNI]: Java Native Interface
*[KYC]: Know Your Customer
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Media Access Control
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: Mobile Equipment Identifier
*[MFA]: Multi-Factor Authentication
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Network Time Protocol
*[OCI]: Open Container Initiative
*[OCSP]: Online Certificate Status Protocol
*[OEM]: Original Equipment Manufacturer
*[OEMs]: Original Equipment Manufacturers
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: Operating System
*[OTP]: One-Time Password
*[OTPs]: One-Time Passwords
@@ -69,12 +72,12 @@
*[P2P]: Peer-to-Peer
*[PAM]: Linux Pluggable Authentication Modules
*[POP3]: Post Office Protocol 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Personally Identifiable Information
*[QNAME]: Qualified Name
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[rolling release]: Updates which are released frequently rather than at set intervals.
+*[rolling release]: Updates which are released frequently rather than set intervals
*[RSS]: Really Simple Syndication
*[SELinux]: Security-Enhanced Linux
*[SIM]: Subscriber Identity Module
@@ -83,10 +86,12 @@
*[SNI]: Server Name Indication
*[SSD]: Solid-State Drive
*[SSH]: Secure Shell
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Software as a Service (cloud software)
*[SoC]: System on Chip
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Transmission Control Protocol
*[TEE]: Trusted Execution Environment
*[TLS]: Transport Layer Security
diff --git a/includes/abbreviations.fr.txt b/includes/abbreviations.fr.txt
index 0c0c4b60..b7992ab4 100644
--- a/includes/abbreviations.fr.txt
+++ b/includes/abbreviations.fr.txt
@@ -2,42 +2,42 @@
*[ADB]: Pont de débogage Android
*[AOSP]: Projet Android Open Source
*[ATA]: Attachement de technologie avancée
-*[surface d'attaque]: The total number of possible entry points for unauthorized access to a system.
+*[surface d'attaque]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Démarrage Vérifié d'Android
*[cgroups]: Groupes de contrôle
*[CLI]: Interface de ligne de commande
*[CSV]: Valeurs séparées par des virgules
*[CVE]: Vulnérabilités et expositions courantes
-*[interface truquée] : A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[interface truquée] : A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Extensions de sécurité du système de nom de domaine
*[DNS]: Système de nom de domaine
*[DoH]: DNS sur HTTPS
*[DoQ]: DNS sur QUIC
*[DoH3]: DNS sur HTTP/3
*[DoT]: DNS sur TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: Chiffrement/Chiffré(e)s de bout en bout
*[ECS]: Sous-réseau du client EDNS
*[EEA]: Espace économique européen
-*[entropy]: A measurement of how unpredictable something is.
+*[entropy]: A measurement of how unpredictable something is
*[EOL]: Fin de vie
*[Exif]: Format de fichier image échangeable
*[FCM]: Messagerie Cloud Firebase
*[FDE]: Chiffrement complet du disque
*[FIDO]: Identité rapide en ligne
*[CP]: Confidentialité persistante
-*[fork]: A new software project created by copying an existing project and adding to it independently.
+*[fork]: A new software project created by copying an existing project and adding to it independently
*[RGPD]: Règlement Général sur la Protection des Données
*[GPG]: GNU Privacy Guard (implémentation de PGP)
*[GPS]: Système de positionnement global
*[GUI]: Interface utilisateur graphique
*[GnuPG]: GNU Privacy Guard (implémentation de PGP)
*[HDD]: Disque dur
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Protocole de transfert hypertexte sécurisé
*[HTTP]: Protocole de transfert hypertexte
-*[superviseur]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[superviseur]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Identificateur de carte à circuit intégré
*[IMAP]: Protocole d'accès aux messages internet
*[IMEI]: Identité internationale des équipements mobiles
@@ -49,19 +49,22 @@
*[FAIs]: Fournisseurs d'accès internet
*[JNI]: Interface native Java
*[KYC]: Connaissance du client
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Contrôle d'accès aux médias
*[MDAG]: Protection des applications Microsoft Defender
*[MEID]: Identificateur d'équipement mobile
*[MFA]: Authentification multi-facteurs
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Protocole de temps réseau
*[OCI]: Open Container Initiative
*[OCSP]: Protocole d'état des certificats en ligne
*[OEM]: Fabricant d'équipement d'origine
*[OEMs]: Fabricants d'équipement d'origine
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: Système d'exploitation
*[OTP]: Mot de passe à usage unique
*[OTPs]: Mots de passe à usage unique
@@ -69,12 +72,12 @@
*[P2P]: Pair à pair
*[PAM]: Modules d'authentification enfichables de Linux
*[POP3]: Protocole de bureau de poste 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[DCP]: Donnée à charactère personnel
*[QNAME]: Nom qualifié
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[limites de débit]: Les limites tarifaires sont des restrictions qu'un service impose sur le nombre de fois qu'un utilisateur peut accéder à ses services dans un délai donné.
-*[publication continue]: Updates which are released frequently rather than at set intervals.
+*[publication continue]: Updates which are released frequently rather than set intervals
*[RSS]: Syndication vraiment simple
*[SELinux]: Sécurité renforcée de Linux
*[SIM]: Module d'identité d'abonné
@@ -83,10 +86,12 @@
*[SNI]: Indication du nom du serveur
*[SSD]: Disque d'état solide
*[SSH]: Shell sécurisé
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Logiciel en tant que service (logiciel cloud)
*[SoC]: Système sur puce
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Protocole de contrôle de transmission
*[TEE]: Environnement d'exécution de confiance
*[TLS]: Sécurité de la couche transport
diff --git a/includes/abbreviations.he.txt b/includes/abbreviations.he.txt
index 6c7b2409..f8a3b7db 100644
--- a/includes/abbreviations.he.txt
+++ b/includes/abbreviations.he.txt
@@ -2,42 +2,42 @@
*[ADB]: Android Debug Bridge
*[AOSP]: פרויקט קוד פתוח של אנדרואיד
*[ATA]: Advanced Technology Attachment
-*[משטח התקפה]: The total number of possible entry points for unauthorized access to a system.
+*[משטח התקפה]: The total number of possible entry points for unauthorized access to a system
*[AVB]: אתחול מאומת של אנדרואיד
*[cgroups]: קבוצות בקרה
*[CLI]: ממשק שורת הפקודה
*[CSV]: Comma-Separated Values
*[CVE]: פגיעויות וחשיפות נפוצות
-*[dark pattern]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[dark pattern]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: תוספי אבטחה של מערכת שמות דומיין
*[DNS]: מערכת שמות מתחם
*[DoH]: DNS דרך HTTPS
*[DoQ]: DNS over QUIC
*[DoH3]: DNS over HTTP/3
*[DoT]: DNS over TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: הצפנה מקצה לקצה/מוצפנת
*[ECS]: EDNS Client Subnet
*[EEA]: European Economic Area
-*[entropy]: A measurement of how unpredictable something is.
+*[entropy]: A measurement of how unpredictable something is
*[EOL]: סוף החיים
*[Exif]: פורמט קובץ תמונה ניתן להחלפה
*[FCM]: Firebase Cloud Messaging
*[FDE]: הצפנת דיסק מלאה
*[FIDO]: זיהוי מהיר באינטרנט
*[FS]: Forward Secrecy
-*[fork]: A new software project created by copying an existing project and adding to it independently.
+*[fork]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: תקנת הגנת מידע כללית
*[GPG]: GNU Privacy Guard (יישום PGP)
*[GPS]: מערכת מיקום גלובלית
*[GUI]: ממשק משתמש גרפי
*[GnuPG]: GNU Privacy Guard (יישום PGP)
*[HDD]: כונן קשיח
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Hypertext Transfer Protocol Secure
*[HTTP]: Hypertext Transfer Protocol
-*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Integrated Circuit Card Identifier
*[IMAP]: Internet Message Access Protocol
*[IMEI]: זהות ציוד סלולרי בינלאומי
@@ -49,19 +49,22 @@
*[ISPs]: ספקי שירותי אינטרנט
*[JNI]: ממשק מקורי של Java
*[KYC]: הכר את הלקוח שלך
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Media Access Control
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: מזהה ציוד נייד
*[MFA]: אימות מרובה גורמים
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: פרוטוקול זמן רשת
*[OCI]: Open Container Initiative
*[OCSP]: Online Certificate Status Protocol
*[OEM]: Original Equipment Manufacturer
*[OEMs]: Original Equipment Manufacturers
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: מערכת הפעלה
*[OTP]: סיסמה חד - פעמית
*[OTPs]: סיסמאות חד פעמיות
@@ -69,12 +72,12 @@
*[P2P]: עמית-לעמית
*[PAM]: מודולי אימות ניתנים לחיבור של לינוקס
*[POP3]: Post Office Protocol 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Personally Identifiable Information
*[QNAME]: Qualified Name
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[rolling release]: Updates which are released frequently rather than at set intervals.
+*[rolling release]: Updates which are released frequently rather than set intervals
*[RSS]: סינדיקציה ממש פשוטה
*[SELinux]: לינוקס משופרת באבטחה
*[SIM]: מודול זהות מנוי
@@ -83,10 +86,12 @@
*[SNI]: ציון שם השרת
*[SSD]: Solid-State Drive
*[SSH]: מעטפת מאובטחת
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Software as a Service (cloud software)
*[SoC]: מערכת על שבב
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Transmission Control Protocol
*[TEE]: Trusted Execution Environment
*[TLS]: אבטחת שכבת תעבורה
diff --git a/includes/abbreviations.hi.txt b/includes/abbreviations.hi.txt
index d8a21651..de1c9c55 100644
--- a/includes/abbreviations.hi.txt
+++ b/includes/abbreviations.hi.txt
@@ -2,42 +2,42 @@
*[ADB]: Android Debug Bridge
*[AOSP]: Android Open Source Project
*[ATA]: Advanced Technology Attachment
-*[attack surface]: The total number of possible entry points for unauthorized access to a system.
+*[attack surface]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Android Verified Boot
*[cgroups]: Control Groups
*[CLI]: Command Line Interface
*[CSV]: Comma-Separated Values
*[CVE]: Common Vulnerabilities and Exposures
-*[dark pattern]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[dark pattern]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Domain Name System Security Extensions
*[DNS]: Domain Name System
*[DoH]: DNS over HTTPS
*[DoQ]: DNS over QUIC
*[DoH3]: DNS over HTTP/3
*[DoT]: DNS over TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: End-to-End Encryption/Encrypted
*[ECS]: EDNS Client Subnet
*[EEA]: European Economic Area
-*[entropy]: A measurement of how unpredictable something is.
+*[entropy]: A measurement of how unpredictable something is
*[EOL]: End-of-Life
*[Exif]: Exchangeable image file format
*[FCM]: Firebase Cloud Messaging
*[FDE]: Full Disk Encryption
*[FIDO]: Fast IDentity Online
*[FS]: Forward Secrecy
-*[fork]: A new software project created by copying an existing project and adding to it independently.
+*[fork]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: General Data Protection Regulation
*[GPG]: GNU Privacy Guard (PGP implementation)
*[GPS]: Global Positioning System
*[GUI]: Graphical User Interface
*[GnuPG]: GNU Privacy Guard (PGP implementation)
*[HDD]: Hard Disk Drive
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Hypertext Transfer Protocol Secure
*[HTTP]: Hypertext Transfer Protocol
-*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Integrated Circuit Card Identifier
*[IMAP]: Internet Message Access Protocol
*[IMEI]: International Mobile Equipment Identity
@@ -49,19 +49,22 @@
*[ISPs]: Internet Service Providers
*[JNI]: Java Native Interface
*[KYC]: Know Your Customer
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Media Access Control
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: Mobile Equipment Identifier
*[MFA]: Multi-Factor Authentication
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Network Time Protocol
*[OCI]: Open Container Initiative
*[OCSP]: Online Certificate Status Protocol
*[OEM]: Original Equipment Manufacturer
*[OEMs]: Original Equipment Manufacturers
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: Operating System
*[OTP]: One-Time Password
*[OTPs]: One-Time Passwords
@@ -69,12 +72,12 @@
*[P2P]: Peer-to-Peer
*[PAM]: Linux Pluggable Authentication Modules
*[POP3]: Post Office Protocol 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Personally Identifiable Information
*[QNAME]: Qualified Name
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[rolling release]: Updates which are released frequently rather than at set intervals.
+*[rolling release]: Updates which are released frequently rather than set intervals
*[RSS]: Really Simple Syndication
*[SELinux]: Security-Enhanced Linux
*[SIM]: Subscriber Identity Module
@@ -83,10 +86,12 @@
*[SNI]: Server Name Indication
*[SSD]: Solid-State Drive
*[SSH]: Secure Shell
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Software as a Service (cloud software)
*[SoC]: System on Chip
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Transmission Control Protocol
*[TEE]: Trusted Execution Environment
*[TLS]: Transport Layer Security
diff --git a/includes/abbreviations.hu.txt b/includes/abbreviations.hu.txt
index e70b3338..b1b8c9d8 100644
--- a/includes/abbreviations.hu.txt
+++ b/includes/abbreviations.hu.txt
@@ -2,42 +2,42 @@
*[ADB]: Android Debug Bridge
*[AOSP]: Android Open Source Project - Android Nyílt Forráskódú Projekt
*[ATA]: Advanced Technology Attachment
-*[támadási felület]: The total number of possible entry points for unauthorized access to a system.
+*[támadási felület]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Android Verified Boot
*[cgroups]: Control Groups
*[CLI]: Command Line Interface - Parancssor Interface
*[CSV]: Comma-Separated Values
*[CVE]: Common Vulnerabilities and Exposures
-*[dark pattern]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[dark pattern]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Domain Name System Security Extensions - Domain Név Rendszer Biztonsági Kiterjesztések
*[DNS]: Domain Name System - Domain Név Rendszer
*[DoH]: DNS over HTTPS
*[DoQ]: DNS over QUIC
*[DoH3]: DNS over HTTP/3
*[DoT]: DNS over TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[End-to-End]: Végponttól végpontig terjedő titkosítás
*[ECS]: EDNS Client Subnet
*[EEA]: European Economic Area - Európai Gazdasági Övezet
-*[entrópia]: A measurement of how unpredictable something is.
+*[entrópia]: A measurement of how unpredictable something is
*[EOL]: End-of-Life - Valami életciklusának a vége
*[Exif]: Exchangeable image file format
*[FCM]: Firebase Cloud Messaging
*[FDE]: Full Disk Encryption - Teljes Lemez Titkosítás
*[FIDO]: Fast IDentity Online
*[FS]: Forward Secrecy – előre titkosítás
-*[fork]: A new software project created by copying an existing project and adding to it independently.
+*[fork]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: General Data Protection Regulation - Általános Adatvédelmi Rendelet
*[GPG]: GNU Privacy Guard (PGP implementáció)
*[GPS]: Global Positioning System - Globális Helymeghatározó Rendszer
*[GUI]: Graphical User Interface - Grafikus Felhasználói Felület
*[GnuPG]: GNU Privacy Guard (PGP implementáció)
*[HDD]: Hard Disk Drive
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Hypertext Transfer Protocol Secure
*[HTTP]: Hypertext Transfer Protocol
-*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Integrated Circuit Card Identifier
*[IMAP]: Internet Message Access Protocol - Internet Üzenet-Hozzáférési Protokoll
*[IMEI]: International Mobile Equipment Identity
@@ -49,19 +49,22 @@
*[ISPs]: Internet Service Providers - Internet Szolgáltatók
*[JNI]: Java Native Interface
*[KYC]: Know Your Customer
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Media Access Control
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: Mobile Equipment Identifier - Mobil Berendezés Azonosító
*[MFA]: Multi-Factor Authentication - Többlépcsős Hitelesítés
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Network Time Protocol - Hálózati Idő Protokoll
*[OCI]: Open Container Initiative
*[OCSP]: Online Certificate Status Protocol - Online Tanúsítvány Státusz Protokoll
*[OEM]: Original Equipment Manufacturer
*[OEMs]: Original Equipment Manufacturers
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: Operating System - Operációs Rendszer
*[OTP]: One-Time Password - Egyszer Használható Jelszó
*[OTPs]: One-Time Passwords - Egyszer Használható Jelszavak
@@ -69,12 +72,12 @@
*[P2P]: Peer-to-Peer
*[PAM]: Linux Pluggable Authentication Modules
*[POP3]: Post Office Protocol 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Personally Identifiable Information - Személyazonosításra Alkalmas Információ
*[QNAME]: Qualified Name
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[rolling release]: Updates which are released frequently rather than at set intervals.
+*[rolling release]: Updates which are released frequently rather than set intervals
*[RSS]: Really Simple Syndication
*[SELinux]: Security-Enhanced Linux
*[SIM]: Subscriber Identity Module
@@ -83,10 +86,12 @@
*[SNI]: Server Name Indication
*[SSD]: Solid-State Drive
*[SSH]: Secure Shell
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Software as a Service (felhőszoftver)
*[SoC]: System on Chip
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Transmission Control Protocol
*[TEE]: Trusted Execution Environment
*[TLS]: Transport Layer Security
diff --git a/includes/abbreviations.id.txt b/includes/abbreviations.id.txt
index 16bff7fd..9d6165b3 100644
--- a/includes/abbreviations.id.txt
+++ b/includes/abbreviations.id.txt
@@ -2,42 +2,42 @@
*[ADB]: Android Debug Bridge
*[AOSP]: Android Open Source Project
*[ATA]: Advanced Technology Attachment
-*[attack surface]: The total number of possible entry points for unauthorized access to a system.
+*[attack surface]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Android Verified Boot
*[cgroups]: Kelompok Kontrol
*[CLI]: Antarmuka Baris Perintah
*[CSV]: Nilai yang Dipisahkan dengan Koma
*[CVE]: Common Vulnerabilities and Exposures
-*[pola gelap]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[pola gelap]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Domain Name System Security Extensions
*[DNS]: Domain Name System
*[DoH]: DNS over HTTPS
*[DoQ]: DNS melalui QUIC
*[DoH3]: DNS melalui HTTP/3
*[DoT]: DNS melalui TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: Enkripsi Ujung ke Ujung/Terenkripsi
*[ECS]: Subnet Klien EDNS
*[EEA]: Wilayah Ekonomi Eropa
-*[entropi]: A measurement of how unpredictable something is.
+*[entropi]: A measurement of how unpredictable something is
*[EOL]: Akhir Masa Pakai
*[Exif]: Exchangeable image file format
*[FCM]: Firebase Cloud Messaging
*[FDE]: Full Disk Encryption
*[FIDO]: Fast IDentity Online (Identitas Daring Cepat)
*[FS]: Forward Secrecy
-*[fork]: A new software project created by copying an existing project and adding to it independently.
+*[fork]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: Peraturan Perlindungan Data Umum (Uni Eropa)
*[GPG]: GNU Privacy Guard (implementasi PGP)
*[GPS]: Global Positioning System
*[GUI]: Graphical User Interface
*[GnuPG]: GNU Privacy Guard (implementasi PGP)
*[HDD]: Penyimpanan Hard Disk
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Hypertext Transfer Protocol Secure
*[HTTP]: Protokol Transfer Hiperteks
-*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Integrated Circuit Card Identifier
*[IMAP]: Internet Message Access Protocol
*[IMEI]: Identitas Peralatan Seluler Internasional
@@ -49,19 +49,22 @@
*[ISPs]: Penyedia Layanan Internet
*[JNI]: Antarmuka Asli Java
*[KYC]: Kenali Pelanggan Anda
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Kontrol Akses Media
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: Pengidentifikasi Peralatan Seluler
*[MFA]: Autentikasi Multifaktor
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Protokol Waktu Jaringan
*[OCI]: Inisiatif Kontainer Terbuka
*[OCSP]: Protokol Status Sertifikat Daring
*[OEM]: Produsen Peralatan Asli
*[OEMs]: Produsen Peralatan Asli
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: Sistem Operasi
*[OTP]: Kata Sandi Sekali Pakai
*[OTPs]: Kata Sandi Sekali Pakai
@@ -69,12 +72,12 @@
*[P2P]: Peer-to-Peer
*[PAM]: Modul Otentikasi Linux yang Dapat Dicolokkan
*[POP3]: Protokol Kantor Pos 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Informasi Identifikasi Pribadi
*[QNAME]: Nama yang Memenuhi Syarat
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[rilis bergulir]: Updates which are released frequently rather than at set intervals.
+*[rilis bergulir]: Updates which are released frequently rather than set intervals
*[RSS]: Really Simple Syndication
*[SELinux]: Linux yang Ditingkatkan Keamanannya
*[SIM]: Modul Identitas Pelanggan
@@ -83,10 +86,12 @@
*[SNI]: Indikasi Nama Server
*[SSD]: Solid-State Drive
*[SSH]: Secure Shell
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Perangkat lunak sebagai layanan (perangkat lunak awan)
*[SoC]: Sistem pada Chip
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Protokol Kontrol Transmisi
*[TEE]: Lingkungan Eksekusi Terpercaya
*[TLS]: Keamanan Lapisan Transportasi
diff --git a/includes/abbreviations.it.txt b/includes/abbreviations.it.txt
index f33fa45a..ad888694 100644
--- a/includes/abbreviations.it.txt
+++ b/includes/abbreviations.it.txt
@@ -2,42 +2,42 @@
*[ADB]: Android Debug Bridge
*[AOSP]: Android Open Source Project
*[ATA]: Allegato tecnologico avanzato
-*[superficie di attacco]: The total number of possible entry points for unauthorized access to a system.
+*[superficie di attacco]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Android Verified Boot
*[cgroups]: Gruppo di Controllo
*[CLI]: Interfaccia a linea di comando
*[CSV]: Comma-Separated Values
*[CVE]: Common Vulnerabilities and Exposures
-*[dark pattern]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[dark pattern]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Domain Name System Security Extensions
*[DNS]: Domain Name System
*[DoH]: DNS over HTTPS
*[DoQ]: DNS over QUIC
*[DoH3]: DNS over HTTP/3
*[DoT]: DNS over TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: Crittografia/Crittografato end-to-end
*[ECS]: Sottorete client EDNS
*[EEA]: Spazio economico europeo
-*[entropy]: A measurement of how unpredictable something is.
+*[entropy]: A measurement of how unpredictable something is
*[EOL]: Fine del Supporto
*[Exif]: Exchangeable image file format
*[FCM]: Firebase Cloud Messaging
*[FDE]: Crittografia Completa del Disco
*[FIDO]: Fast Identity Online
*[FS]: Forward Secrecy
-*[fork]: A new software project created by copying an existing project and adding to it independently.
+*[fork]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: Regolamento generale per la protezione dei dati personali
*[GPG]: GNU Privacy Guard (implementazione PGP)
*[GPS]: Global Positioning System
*[GUI]: Interfaccia grafica utente
*[GnuPG]: GNU Privacy Guard (implementazione PGP)
*[HDD]: Hard Disk Drive
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Hypertext Transfer Protocol Secure
*[HTTP]: Hypertext Transfer Protocol
-*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Integrated Circuit Card Identifier
*[IMAP]: Internet Message Access Protocol
*[IMEI]: International Mobile Equipment Identity
@@ -49,19 +49,22 @@
*[ISPs]: Fornitori di servizi Internet
*[JNI]: Java Native Interface
*[KYC]: Conosci Il Tuo Cliente
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Media Access Control
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: Mobile Equipment Identifier
*[MFA]: Autenticazione a più fattori
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Network Time Protocol
*[OCI]: Open Container Initiative
*[OCSP]: Online Certificate Status Protocol
*[OEM]: Produttore di apparecchiature originali
*[OEMs]: Produttori di apparecchiature originali
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: Sistema Operativo
*[OTP]: Password monouso
*[OTPs]: Password monouso
@@ -69,12 +72,12 @@
*[P2P]: Peer-to-Peer
*[PAM]: Linux Pluggable Authentication Modules
*[POP3]: Post Office Protocol 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Personally Identifiable Information
*[QNAME]: Qualified Name
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[rolling release]: Updates which are released frequently rather than at set intervals.
+*[rolling release]: Updates which are released frequently rather than set intervals
*[RSS]: Really Simple Syndication
*[SELinux]: Security-Enhanced Linux
*[SIM]: Subscriber Identity Module
@@ -83,10 +86,12 @@
*[SNI]: Server Name Indication
*[SSD]: Solid-State Drive
*[SSH]: Secure Shell
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Software as a Service (software cloud)
*[SoC]: System on Chip
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Transmission Control Protocol
*[TEE]: Trusted Execution Environment
*[TLS]: Transport Layer Security
diff --git a/includes/abbreviations.ja.txt b/includes/abbreviations.ja.txt
index 110cd52c..6fa09225 100644
--- a/includes/abbreviations.ja.txt
+++ b/includes/abbreviations.ja.txt
@@ -2,42 +2,42 @@
*[ADB]: Android Debug Bridge
*[AOSP]: Android オープンソース プロジェクト(Android Open Source Project)
*[ATA]: Advanced Technology Attachment
-*[攻撃対象領域]: The total number of possible entry points for unauthorized access to a system.
+*[攻撃対象領域]: The total number of possible entry points for unauthorized access to a system
*[AVB]: 確認付きブート(Android Verified Boot)
*[cgroups]: Control Groups
*[CLI]: コマンドライン インターフェース
*[CSV]: Comma-Separated Values
*[CVE]: Common Vulnerabilities and Exposures
-*[dark pattern]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[dark pattern]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Domain Name System Security Extensions
*[DNS]: ドメインネームシステム
*[DoH]: DNS over HTTPS
*[DoQ]: DNS over QUIC
*[DoH3]: DNS over HTTP/3
*[DoT]: DNS over TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: エンドツーエンド暗号化(End-to-End Encryption/Encrypted)
*[ECS]: EDNSクライアントサブネット(EDNS Client Subnet)
*[EEA]: 欧州経済領域
-*[entropy]: A measurement of how unpredictable something is.
+*[entropy]: A measurement of how unpredictable something is
*[EOL]: サポート終了(End-of-Life)
*[Exif]: 交換可能な画像ファイル形式(Exchangeable image file format)
*[FCM]: Firebaseクラウドメッセージング
*[FDE]: フルディスク暗号化(Full Disk Encryption)
*[FIDO]: Fast IDentity Online
*[FS]: 前方秘匿性(Forward Secrecy)
-*[fork]: A new software project created by copying an existing project and adding to it independently.
+*[fork]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: EU一般データ保護規則(General Data Protection Regulation)
*[GPG]: GNU Privacy Guard(PGPの実装)
*[GPS]: 全地球測位システム(Global Positioning System)
*[GUI]: グラフィカルユーザーインターフェース
*[GnuPG]: GNU Privacy Guard(PGPの実装)
*[HDD]: ハードディスクドライブ
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Hypertext Transfer Protocol Secure
*[HTTP]: ハイパーテキスト転送プロトコル(Hypertext Transfer Protocol)
-*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Integrated Circuit Card Identifier
*[IMAP]: Internet Message Access Protocol(インターネットメッセージアクセスプロトコル)
*[IMEI]: International Mobile Equipment Identity
@@ -49,19 +49,22 @@
*[ISPs]: インターネットサービスプロバイダー(Internet Service Providers)
*[JNI]: Javaネイティブインターフェース
*[KYC]: Know Your Customer
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: メディア・アクセス・コントロール
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: Mobile Equipment Identifier
*[MFA]: 多要素認証(Multi-Factor Authentication)
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: ネットワークタイムプロトコル
*[OCI]: Open Container Initiative
*[OCSP]: オンライン証明書ステータスプロトコル(Online Certificate Status Protocol)
*[OEM]: Original Equipment Manufacturer
*[OEMs]: Original Equipment Manufacturers
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: オペレーティングシステム(Operating System)
*[OTP]: ワンタイムパスワード
*[OTPs]: ワンタイムパスワード
@@ -69,12 +72,12 @@
*[P2P]: ピアツーピア
*[PAM]: Linuxプラグイン式認証モジュール
*[POP3]: Post Office Protocol 3(電子メール受信用プロトコル)
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: 個人を特定できる情報(Personally Identifiable Information)
*[QNAME]: Qualified Name
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[ローリング・リリース]: Updates which are released frequently rather than at set intervals.
+*[ローリング・リリース]: Updates which are released frequently rather than set intervals
*[RSS]: Really Simple Syndication
*[SELinux]: Security-Enhanced Linux
*[SIM]: 加入者識別モジュール
@@ -83,10 +86,12 @@
*[SNI]: Server Name Indication
*[SSD]: ソリッドステートドライブ
*[SSH]: セキュアシェル(Secure Shell)
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: サービスとしてのソフトウェア(クラウドソフトウェア、Software as a Service)
*[SoC]: System on Chip
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: トランスミッション・コントロール・プロトコル(Transmission Control Protocol)
*[TEE]: 信頼された実行環境(Trusted Execution Environment)
*[TLS]: トランスポートレイヤーセキュリティー(Transport Layer Security)
diff --git a/includes/abbreviations.ko.txt b/includes/abbreviations.ko.txt
index 5cdd8b61..51370d5b 100644
--- a/includes/abbreviations.ko.txt
+++ b/includes/abbreviations.ko.txt
@@ -2,42 +2,42 @@
*[ADB]: Android 디버그 브리지
*[AOSP]: Android 오픈소스 프로젝트
*[ATA]: 고급 기술 결합(Advanced Technology Attachment)
-*[공격 표면]: The total number of possible entry points for unauthorized access to a system.
+*[공격 표면]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Android 자체 검사 부팅
*[cgroups]: Control Groups
*[CLI]: 명령어 인터페이스
*[CSV]: Comma-Separated Values
*[CVE]: 공통 보안 취약점 및 노출(Common Vulnerabilities and Exposures)
-*[dark pattern]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[dark pattern]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: DNS Security Extensions
*[DNS]: 도메인 네임 시스템
*[DoH]: DNS over HTTPS
*[DoQ]: DNS over QUIC
*[DoH3]: DNS over HTTP/3
*[DoT]: DNS over TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: 종단 간 암호화(End-to-End Encryption/Encrypted)
*[ECS]: EDNS 클라이언트 서브넷
*[EEA]: 유럽 경제 지역
-*[엔트로피]: A measurement of how unpredictable something is.
+*[엔트로피]: A measurement of how unpredictable something is
*[EOL]: 지원 종료 (End-of-Life)
*[Exif]: 교환 이미지 파일 형식(Exchangeable image file format)
*[FCM]: Firebase 클라우드 메시징
*[FDE]: 전체 디스크 암호화
*[FIDO]: Fast IDentity Online
*[FS]: 순방향 비밀성
-*[포크]: A new software project created by copying an existing project and adding to it independently.
+*[포크]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: 유럽 연합 일반 데이터 보호 규칙(General Data Protection Regulation)
*[GPG]: GNU Privacy Guard (PGP 구현체)
*[GPS]: Global Positioning System
*[GUI]: 그래픽 사용자 인터페이스
*[GnuPG]: GNU Privacy Guard (PGP 구현체)
*[HDD]: Hard Disk Drive
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: 하이퍼텍스트 보안 전송 프로토콜
*[HTTP]: 하이퍼텍스트 전송 프로토콜
-*[하이퍼바이저]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[하이퍼바이저]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Integrated Circuit Card Identifier
*[IMAP]: 인터넷 메시지 접속 프로토콜(Internet Message Access Protocol)
*[IMEI]: 국제 이동 단말기 식별 번호(International Mobile Equipment Identity)
@@ -49,19 +49,22 @@
*[ISPs]: 인터넷 서비스 제공자 (Internet service providers)
*[JNI]: Java Native Interface
*[KYC]: 고객 확인 제도
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Media Access Control
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: 이동 장비 식별 번호(Mobile Equipment Identifier)
*[MFA]: 다중 인증
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: 네트워크 타임 프로토콜(Network Time Protocol)
*[OCI]: Open Container Initiative
*[OCSP]: 온라인 인증서 상태 프로토콜(Online Certificate Status Protocol)
*[OEM]: 주문자 상표 부착 생산
*[OEMs]: 주문자 상표 부착 생산
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: 운영 체제
*[OTP]: 일회용 비밀번호
*[OTPs]: 일회용 비밀번호
@@ -69,12 +72,12 @@
*[P2P]: Peer-to-Peer
*[PAM]: 장착형 인증 모듈
*[POP3]: Post Office Protocol 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: 개인 식별 정보(Personally Identifiable Information)
*[QNAME]: Qualified Name
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[롤링 릴리스]: Updates which are released frequently rather than at set intervals.
+*[롤링 릴리스]: Updates which are released frequently rather than set intervals
*[RSS]: Really Simple Syndication
*[SELinux]: 보안 강화 리눅스(Security-Enhanced Linux)
*[SIM]: 가입자 식별 모듈(Subscriber Identity Module)
@@ -83,10 +86,12 @@
*[SNI]: 서버 이름 표시(Server Name Indication)
*[SSD]: Solid-State Drive
*[SSH]: 보안 셸(Secure Shell)
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: 서비스형 소프트웨어 (클라우드 기반 소프트웨어)
*[SoC]: System on Chip
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: 전송 제어 프로토콜
*[TEE]: 신뢰 실행 환경(Trusted Execution Environment)
*[TLS]: 전송 계층 보안
diff --git a/includes/abbreviations.ku-IQ.txt b/includes/abbreviations.ku-IQ.txt
index d8a21651..de1c9c55 100644
--- a/includes/abbreviations.ku-IQ.txt
+++ b/includes/abbreviations.ku-IQ.txt
@@ -2,42 +2,42 @@
*[ADB]: Android Debug Bridge
*[AOSP]: Android Open Source Project
*[ATA]: Advanced Technology Attachment
-*[attack surface]: The total number of possible entry points for unauthorized access to a system.
+*[attack surface]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Android Verified Boot
*[cgroups]: Control Groups
*[CLI]: Command Line Interface
*[CSV]: Comma-Separated Values
*[CVE]: Common Vulnerabilities and Exposures
-*[dark pattern]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[dark pattern]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Domain Name System Security Extensions
*[DNS]: Domain Name System
*[DoH]: DNS over HTTPS
*[DoQ]: DNS over QUIC
*[DoH3]: DNS over HTTP/3
*[DoT]: DNS over TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: End-to-End Encryption/Encrypted
*[ECS]: EDNS Client Subnet
*[EEA]: European Economic Area
-*[entropy]: A measurement of how unpredictable something is.
+*[entropy]: A measurement of how unpredictable something is
*[EOL]: End-of-Life
*[Exif]: Exchangeable image file format
*[FCM]: Firebase Cloud Messaging
*[FDE]: Full Disk Encryption
*[FIDO]: Fast IDentity Online
*[FS]: Forward Secrecy
-*[fork]: A new software project created by copying an existing project and adding to it independently.
+*[fork]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: General Data Protection Regulation
*[GPG]: GNU Privacy Guard (PGP implementation)
*[GPS]: Global Positioning System
*[GUI]: Graphical User Interface
*[GnuPG]: GNU Privacy Guard (PGP implementation)
*[HDD]: Hard Disk Drive
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Hypertext Transfer Protocol Secure
*[HTTP]: Hypertext Transfer Protocol
-*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Integrated Circuit Card Identifier
*[IMAP]: Internet Message Access Protocol
*[IMEI]: International Mobile Equipment Identity
@@ -49,19 +49,22 @@
*[ISPs]: Internet Service Providers
*[JNI]: Java Native Interface
*[KYC]: Know Your Customer
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Media Access Control
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: Mobile Equipment Identifier
*[MFA]: Multi-Factor Authentication
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Network Time Protocol
*[OCI]: Open Container Initiative
*[OCSP]: Online Certificate Status Protocol
*[OEM]: Original Equipment Manufacturer
*[OEMs]: Original Equipment Manufacturers
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: Operating System
*[OTP]: One-Time Password
*[OTPs]: One-Time Passwords
@@ -69,12 +72,12 @@
*[P2P]: Peer-to-Peer
*[PAM]: Linux Pluggable Authentication Modules
*[POP3]: Post Office Protocol 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Personally Identifiable Information
*[QNAME]: Qualified Name
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[rolling release]: Updates which are released frequently rather than at set intervals.
+*[rolling release]: Updates which are released frequently rather than set intervals
*[RSS]: Really Simple Syndication
*[SELinux]: Security-Enhanced Linux
*[SIM]: Subscriber Identity Module
@@ -83,10 +86,12 @@
*[SNI]: Server Name Indication
*[SSD]: Solid-State Drive
*[SSH]: Secure Shell
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Software as a Service (cloud software)
*[SoC]: System on Chip
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Transmission Control Protocol
*[TEE]: Trusted Execution Environment
*[TLS]: Transport Layer Security
diff --git a/includes/abbreviations.nl.txt b/includes/abbreviations.nl.txt
index fd3bb3d7..04d34662 100644
--- a/includes/abbreviations.nl.txt
+++ b/includes/abbreviations.nl.txt
@@ -2,42 +2,42 @@
*[ADB]: Android Debug Bridge
*[AOSP]: Android opensource project
*[ATA]: Advanced Technology Attachment
-*[aanvalsoppervlakte]: The total number of possible entry points for unauthorized access to a system.
+*[aanvalsoppervlakte]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Android Verified Boot
*[cgroups]: Control Groups
*[CLI]: Command Line Interface
*[CSV]: Comma-Separated Values
*[CVE]: Common Vulnerabilities and Exposures
-*[dark pattern]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[dark pattern]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Domain Name System Security Extensions
*[DNS]: Domain Name System
*[DoH]: DNS over HTTPS
*[DoQ]: DNS over QUIC
*[DoH3]: DNS over HTTP/3
*[DoT]: DNS over TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: End-to-End Encryption/Encrypted
*[ECS]: EDNS Client Subnet
*[EEA]: European Economic Area
-*[entropy]: A measurement of how unpredictable something is.
+*[entropy]: A measurement of how unpredictable something is
*[EOL]: End-of-Life
*[Exif]: Exchangeable image file format
*[FCM]: Firebase Cloud Messaging
*[FDE]: Full Disk Encryption
*[FIDO]: Fast IDentity Online
*[FS]: Forward Secrecy
-*[fork]: A new software project created by copying an existing project and adding to it independently.
+*[fork]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: General Data Protection Regulation
*[GPG]: GNU Privacy Guard (PGP implementation)
*[GPS]: Global Positioning System
*[GUI]: Graphical User Interface
*[GnuPG]: GNU Privacy Guard (PGP implementation)
*[HDD]: Hard Disk Drive
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Hypertext Transfer Protocol Secure
*[HTTP]: Hypertext Transfer Protocol
-*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Integrated Circuit Card Identifier
*[IMAP]: Internet Message Access Protocol
*[IMEI]: International Mobile Equipment Identity
@@ -49,19 +49,22 @@
*[ISPs]: Internet Service Providers
*[JNI]: Java Native Interface
*[KYC]: Know Your Customer (ken uw klant)
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Media Access Control
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: Mobile Equipment Identifier
*[MFA]: Multifactor-authenticatie
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Network Time Protocol
*[OCI]: Open Container Initiative
*[OCSP]: Online Certificate Status Protocol
*[OEM]: Original Equipment Manufacturer
*[OEMs]: Original Equipment Manufacturers
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: Operating System
*[OTP]: One-Time Password
*[OTPs]: One-Time Passwords
@@ -69,12 +72,12 @@
*[P2P]: Peer-to-Peer
*[PAM]: Linux Pluggable Authentication Modules
*[POP3]: Post Office Protocol 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Personally Identifiable Information
*[QNAME]: Qualified Name
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[rolling release]: Updates which are released frequently rather than at set intervals.
+*[rolling release]: Updates which are released frequently rather than set intervals
*[RSS]: Really Simple Syndication
*[SELinux]: Security-Enhanced Linux
*[SIM]: Subscriber Identity Module
@@ -83,10 +86,12 @@
*[SNI]: Server Name Indication
*[SSD]: Solid-State Drive
*[SSH]: Secure Shell
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Software as a Service (cloud software)
*[SoC]: System on Chip
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Transmission Control Protocol
*[TEE]: Trusted Execution Environment
*[TLS]: Transport Layer Security
diff --git a/includes/abbreviations.pl.txt b/includes/abbreviations.pl.txt
index 50e61773..0c96479e 100644
--- a/includes/abbreviations.pl.txt
+++ b/includes/abbreviations.pl.txt
@@ -2,42 +2,42 @@
*[ADB]: Android Debug Bridge
*[AOSP]: Android Open Source Project
*[ATA]: Advanced Technology Attachment
-*[Możliwości ataku]: The total number of possible entry points for unauthorized access to a system.
+*[Możliwości ataku]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Android Verified Boot
*[cgroups]: Grupa kontrolna
*[CLI]: Interfejs wiersza poleceń
*[CSV]: Wartości rozdzielone przecinkiem
*[CVE]: Typowe podatności i zagrożenia
-*[dark pattern]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[dark pattern]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Rozszerzenie zabezpieczeń dla systemu DNS
*[DNS]: System nazw domen
*[DoH]: DNS przez HTTPS
*[DoQ]: DNS przez QUIC
*[DoH3]: DNS przez HTTP/3
*[DoT]: DNS przez TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: Kompleksowe szyfrowanie/szyfrowanie
*[ECS]: Podsieć klienta EDNS
*[EEA]: Europejski Obszar Gospodarczy
-*[entropia]: A measurement of how unpredictable something is.
+*[entropia]: A measurement of how unpredictable something is
*[EOL]: Koniec życia
*[Exif]: Wymienny format pliku obrazu
*[FCM]: Wiadomości w chmurze Firebase
*[FDE]: Pełne szyfrowanie dysku
*[FIDO]: Szybka tożsamość online
*[FS]: Utajnianie z wyprzedzeniem
-*[fork]: A new software project created by copying an existing project and adding to it independently.
+*[fork]: A new software project created by copying an existing project and adding to it independently
*[RODO]: Ogólne rozporządzenie o ochronie danych
*[GPG]: Oprogramowanie kryptograficzne PGP
*[GPS]: Globalny system pozycjonowania
*[GUI]: Graficzny Interfejs Użytkownika
*[GnuPG]: Oprogramowanie kryptograficzne PGP
*[HDD]: Dysk twardy
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Bezpieczny protokół przesyłania
*[HTTP]: Podstawowy protokół przesyłania
-*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Identyfikator karty układu scalonego
*[IMAP]: Protokół dostępu do wiadomości internetowych
*[IMEI]: Indywidualny numer identyfikacyjny telefonu komórkowego
@@ -49,19 +49,22 @@
*[ISPs]: Dostawcy usług internetowych
*[JNI]: Natywny interfejs Java
*[KYC]: Poznaj swojego klienta
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Kontrola dostępu
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: Identyfikator sprzętu mobilnego
*[MFA]: Uwierzytelnianie wieloskładnikowe
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Protokół czasu sieciowego
*[OCI]: Open Container Initiative
*[OCSP]: Stan certyfikatu online
*[OEM]: Producent oryginalnego sprzętu
*[OEMs]: Producenci oryginalnego sprzętu
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: System operacyjny
*[OTP]: Jednorazowe hasło
*[OTPs]: Jednorazowe hasła
@@ -69,12 +72,12 @@
[P2P]: Peer-to-Peer
*[PAM]: Moduły uwierzytelniania w systemie Linux
*[POP3]: Protokół pocztowy 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Informacje umożliwiające identyfikację osoby
*[QNAME]: Nazwa kwalifikowana
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[rolling release]: Updates which are released frequently rather than at set intervals.
+*[rolling release]: Updates which are released frequently rather than set intervals
*[RSS]: Really Simple Syndication
*[SELinux]: Linux o zwiększonym bezpieczeństwie
*[SIM]: Moduł identyfikacji abonenta
@@ -83,10 +86,12 @@
*[SNI]: Wskazanie nazwy serwera
*[SSD]: Dysk SSD
*[SSH]: Bezpieczna powłoka
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Oprogramowanie jako usługa (oprogramowanie w chmurze)
*[SoC]: System na chipie
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Protokół sterowania transmisją
*[TEE]: Środowisko zaufanego wykonania
*[TLS]: Bezpieczeństwo warstwy transportowej
diff --git a/includes/abbreviations.pt-BR.txt b/includes/abbreviations.pt-BR.txt
index 5389c3c2..70cd9baf 100644
--- a/includes/abbreviations.pt-BR.txt
+++ b/includes/abbreviations.pt-BR.txt
@@ -2,42 +2,42 @@
*[ADB]: Android Debug Bridge
*[AOSP]: Projeto Open Source Android
*[ATA]: Acessório de tecnologia avançada
-*[superfície de ataque]: The total number of possible entry points for unauthorized access to a system.
+*[superfície de ataque]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Inicialização Verificada do Android
*[cgroups]: Grupos de Controle
*[CLI]: Interface de Linha de Comando
*[CSV]: Valores Separados por Vírgulas
*[CVE]: Vulnerabilidades e Exposições Comuns
-: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Extensões de Segurança do Sistema de Nomes de Domínio
*[DNS]: Sistema de Nomes de Domínio
*[DoH]: DNS sobre HTTPS
*[DoQ]: DNS sobre QUIC
*[DoH3]: DNS sobre HTTP/3
*[DoT]: DNS sobre TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: Criptografia/Criptografia ponto-a-ponto
*[ECS]: Sub-rede de clientes EDNS
*[EEA]: Espaço Econômico Europeu
-*[entropy]: A measurement of how unpredictable something is.
+*[entropy]: A measurement of how unpredictable something is
*[EOL]: Fim da vida útil
*[Exif]: Formato de arquivo de imagem intercambiável
*[FCM]: Firebase Cloud Messaging
*[FDE]: Criptografia total de disco
*[FIDO]: Fast IDentity Online
*[FS]: Sigilo de encaminhamento
-*[fork]: A new software project created by copying an existing project and adding to it independently.
+*[fork]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: Regulamento Geral de Proteção de Dados
*[GPG]: GNU Privacy Guard (implementação do PGP)
*[GPS]: Sistema de Posicionamento Global
*[GUI]: Interface Gráfica do Usuário
*[GnuPG]: GNU Privacy Guard (implementação do PGP)
*[HDD]: Disco Rígido
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Hypertext Transfer Protocol Secure
*[HTTP]: Hypertext Transfer Protocol
-*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Integrated Circuit Card Identifier
*[IMAP]: Protocolo de Acesso a Mensagens da Internet
*[IMEI]: Identificação Internacional de Equipamento Móvel
@@ -49,19 +49,22 @@
*[ISPs]: Provedores de Internet
*[JNI]: Java Native Interface
*[KYC]: Conheça seu cliente
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Controle de Acesso ao Meio
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: Mobile Equipment Identifier
*[MFA]: Autenticação de Múltiplos Fatores
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Protocolo de Tempo Rede
*[OCI]: Iniciativa Open Container
*[OCSP]: Protocolo de Status de Certificado Online
*[OEM]: Fabricante do Equipamento Original
*[OEMs]: Fabricantes de Equipamentos Originais
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: Sistema Operacional
*[OTP]: Senha de uso único
*[OTPs]: Senhas de uso único
@@ -69,12 +72,12 @@
*[P2P]: Peer-to-Peer
*[PAM]: Linux Pluggable Authentication Modules
*[POP3]: Post Office Protocol 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Informações Pessoalmente Identificáveis
*[QNAME]: Qualified Name
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[limites de taxa]: Limites de taxa são restrições que um serviço impõe ao número de vezes que um usuário pode acessar seus serviços em um período de tempo específico.
-*[rolling release]: Updates which are released frequently rather than at set intervals.
+*[rolling release]: Updates which are released frequently rather than set intervals
*[RSS]: Sindicação bem simples
*[SELinux]: Segurança aprimorada do Linux
*[SIM]: Módulo de Identidade do Assinante
@@ -83,10 +86,12 @@
*[SNI]: Indicação do Nome do Servidor
*[SSD]: Disco de Estado Sólido
*[SSH]: Shell Seguro
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Software como um Serviço (software em nuvem)
*[SoC]: Sistema em um Chip
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Protocolo de Controle de Transmissão
*[TEE]: Ambiente de Execução Confiável
*[TLS]: Segurança da Camada de Transporte
diff --git a/includes/abbreviations.pt.txt b/includes/abbreviations.pt.txt
index 316632be..8a244cf9 100644
--- a/includes/abbreviations.pt.txt
+++ b/includes/abbreviations.pt.txt
@@ -2,42 +2,42 @@
*[ADB]: Bridge de depuração Android
*[AOSP]: Projeto de código aberto Android
*[ATA]: Anexo de tecnologia avançada
-*[superfície de ataque]: The total number of possible entry points for unauthorized access to a system.
+*[superfície de ataque]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Boot verificado de Android
*[cgroups]: Grupo de controle
*[CLI]: Interface de Linha de Comando
*[CSV]: Valores separados por vírgulas
*[CVE]: Vulnerabilidades e exposições comuns
-*[dark pattern]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[dark pattern]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Extensões de segurança do sistema de nomes de domínio
*[DNS]: Sistema de nomes de domínio
*[DoH]: DNS sobre HTTPS
*[DoQ]: DNS sobre QUIC
*[DoH3]: DNS sobre HTTP/3
*[DoT]: DNS sobre TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: Encriptação ponta-a-ponta/Encriptado
*[ECS]: Sub-rede do cliente EDNS
*[EEA]: Espaço Económico Europeu
-*[entropy]: A measurement of how unpredictable something is.
+*[entropy]: A measurement of how unpredictable something is
*[EOL]: Expiração
*[Exif]: Formato de ficheiro de imagem intercambiável
*[FCM]: Mensagens em nuvem do Firebase
*[FDE]: Encriptação completa do disco
*[FIDO]: Identidade rápida online
*[FS]: Forward Secrecy
-*[fork]: A new software project created by copying an existing project and adding to it independently.
+*[fork]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: Regulamento Geral de Proteção de Dados (RGPD)
*[GPG]: GNU Privacy Guard (implementação do PGP)
*[GPS]: Sistema de Posicionamento Global
*[GUI]: Interface gráfica do utilizador
*[GnuPG]: GNU Privacy Guard (implementação do PGP)
*[HDD]: Disco rígido
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Protocolo de transferência de hipertexto seguro
*[HTTP]: Protocolo de transferência de hipertexto
-*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Identificador de cartão de circuito integrado
*[IMAP]: Protocolo de acesso a mensagens da Internet
*[IMEI]: Identidade Internacional de Equipamento Móvel
@@ -49,19 +49,22 @@
*[ISPs]: Internet Service Providers – Fornecedores de Internet
*[JNI]: Interface nativa Java
*[KYC]: Conheça o seu cliente
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Controle de Acesso Mídia
*[MDAG]: Proteção de aplicações do Microsoft Defender
*[MEID]: Identificador de equipamento móvel
*[MFA]: Autenticação multi-fator
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Protocolo de Tempo de Rede
*[OCI]: Iniciativa "Recipientes Abertos"
*[OCSP]: Protocolo de Status de Certificados Online
*[OEM]: Fabricante de equipamento original
*[OEMs]: Fabricantes de equipamento original
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: Sistema operativo
*[OTP]: Palavra-passe de utilização única
*[OTPs]: Palavra-passe de utilização única
@@ -69,12 +72,12 @@
*[P2P]: Peer-to-Peer
*[PAM]: Módulos de autenticação plugáveis Linux
*[POP3]: Protocolo de Correio 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Informações pessoais identificáveis
*[QNAME]: Nome qualificado
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[rolling release]: Updates which are released frequently rather than at set intervals.
+*[rolling release]: Updates which are released frequently rather than set intervals
*[RSS]: Really Simple Syndication
*[SELinux]: Linux com segurança reforçada
*[SIM]: Módulo de identidade do assinante
@@ -83,10 +86,12 @@
*[SNI]: Indicação do nome do servidor
*[SSD]: Unidade de disco de estado sólido
*[SSH]: Shell seguro
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Software como serviço (software em nuvem)
*[SoC]: Sistema em chip
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Protocolo de Controlo de Transmissão
*[TEE]: Ambiente de execução fiável
*[TLS]: Segurança da camada de transporte
diff --git a/includes/abbreviations.ru.txt b/includes/abbreviations.ru.txt
index ee1e4d2f..e006b867 100644
--- a/includes/abbreviations.ru.txt
+++ b/includes/abbreviations.ru.txt
@@ -2,42 +2,42 @@
*[ADB]: (англ. Android Debug Bridge) - Отладочный мост Android
*[AOSP]: (англ. Android Open Source Project) - Проект с открытым исходным кодом Android
*[ATA]: (англ. Advanced Technology Attachment) - Интерфейс подключения накопителей к компьютеру
-*[поверхность атаки]: The total number of possible entry points for unauthorized access to a system.
+*[поверхность атаки]: The total number of possible entry points for unauthorized access to a system
*[AVB]: (англ. Android Verified Boot) - Проверенная загрузка Android
*[cgroups]: (англ. Control Groups) - Контрольные группы
*[CLI]: (англ. Command-line interface) - Интерфейс командной строки
*[CSV]: Comma-Separated Values, формат таблиц
*[CVE]: Common Vulnerabilities and Exposures
-*[тёмный паттерн]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[тёмный паттерн]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: (англ. Domain Name System Security Extensions) - Модули безопасности службы доменных имен
*[DNS]: (англ. Domain Name System) - Система доменных имен
*[DoH]: DNS через HTTPS
*[DoQ]: DNS через QUIC
*[DoH3]: DNS через HTTP/3
*[DoT]: DNS через TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: (англ. End-to-End Encryption) - Сквозное шифрование
*[ECS]: Подсеть клиента EDNS
*[ЕЭЗ]: Европейская экономическая зона
-*[энтропия]: A measurement of how unpredictable something is.
+*[энтропия]: A measurement of how unpredictable something is
*[EOL]: (англ. End-of-Life) - Конец поддержки
*[Exif]: (англ. Exchangeable image file format) - Метаданные в фотографиях или видео
*[FCM]: (англ. Firebase Cloud Messaging) - Сервис для отправки push-уведомлений и сообщений
*[FDE]: (англ. Full Disk Encryption) - Полное шифрование диска
*[FIDO]: (англ. Fast IDentity Online) - Стандарт для быстрой и безопасной аутентификации онлайн
*[ПС]: Прямая секретность (Forward Secrecy)
-*[форк]: A new software project created by copying an existing project and adding to it independently.
+*[форк]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: (англ. General Data Protection Regulation) - Это регламент ЕС, направленный на защиту персональных данных
*[GPG]: GNU Privacy Guard (реализация PGP)
*[GPS]: Глобальная система позиционирования
*[GUI]: Графический пользовательский интерфейс
*[GnuPG]: GNU Privacy Guard (реализация PGP)
*[HDD]: Жесткий диск
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Безопасный протокол передачи гипертекста
*[HTTP]: Протокол передачи гипертекста
-*[гипервизор]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[гипервизор]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Integrated Circuit Card Identifier
*[IMAP]: Протокол доступа к сообщениям в интернете
*[IMEI]: Международная идентификация мобильного оборудования
@@ -49,19 +49,22 @@
*[ISPs]: Интернет-провайдеры
*[JNI]: Нативный интерфейс Java
*[KYC]: Знай своего клиента (Know Your Customer)
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Управление доступом к среде
*[MDAG]: Защита приложений при помощи Microsoft Defender
*[MEID]: Идентификатор мобильного оборудования
*[MFA]: Многофакторная аутентификация
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Сетевой протокол времени
*[OCI]: Инициатива, которая создаёт открытые стандарты для контейнеров
*[OCSP]: Протокол состояния сетевого сертификата
*[OEM]: Оригинальный производитель оборудования
*[OEMs]: Оригинальные производители оборудования
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[ОС]: Операционная система
*[OTP]: Одноразовый пароль (One-Time Password)
*[OTPs]: Одноразовые пароли (One-Time Passwords)
@@ -69,12 +72,12 @@
*[P2P]: Peer-to-Peer
*[PAM]: Подключаемые модули аутентификации Linux
*[POP3]: Протокол почтового отделения версии 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[ПД]: Персональные данные
*[QNAME]: Квалифицированное имя элемента, атрибута или идентификатора в документе XML
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Ограничения на количество запросов или действий, которые можно выполнить в определенный период времени.
-*[rolling release]: Updates which are released frequently rather than at set intervals.
+*[rolling release]: Updates which are released frequently rather than set intervals
*[RSS]: Способ распространения лент новостей или изменений в блогах
*[SELinux]: Linux с повышенной безопасностью
*[SIM]: Модуль идентификации абонента
@@ -83,10 +86,12 @@
*[SNI]: Индикация имени сервера
*[SSD]: Твердотельный накопитель
*[SSH]: Безопасная оболочка
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Программное обеспечение как услуга (облачное программное обеспечение)
*[SoC]: Система на кристалле (System on Chip)
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Протокол управления передачей данных
*[TEE]: Доверенная среда исполнения
*[TLS]: Протокол защиты транспортного уровня
diff --git a/includes/abbreviations.sv.txt b/includes/abbreviations.sv.txt
index 9591f871..2cb3b9ba 100644
--- a/includes/abbreviations.sv.txt
+++ b/includes/abbreviations.sv.txt
@@ -2,42 +2,42 @@
*[ADB]: Felsökning av Android
*[AOSP]: Android Open Source-projekt
*[ATA]: Avancerad teknikbilaga
-*[attackyta]: The total number of possible entry points for unauthorized access to a system.
+*[attackyta]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Android verifierad uppstart
*[cgroups]: Kontrollgrupper
*[CLI]: Kommandoradsgränssnitt
*[CSV]: Kommaseparerade värden
*[CVE]: Vanliga sårbarheter och exponeringar
-*[dark pattern]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[dark pattern]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Säkerhetstillägg för domännamnssystem
*[DNS]: Domännamnssystem
*[DoH]: DNS över HTTPS
*[DoQ]: DNS över QUIC
*[DoH3]: DNS över HTTPS
*[DoT]: DNS över TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: End-to-End-kryptering/krypterad
*[ECS]: EDNS Client Subnet
*[EEA]: Europeiska ekonomiska samarbetsområdet
-*[entropy]: A measurement of how unpredictable something is.
+*[entropy]: A measurement of how unpredictable something is
*[EOL]: Slutet av livslängden
*[Exif]: Utbytbart bildfilformat
*[FCM]: Firebase Cloud Messaging
*[FDE]: Fullständig diskkryptering
*[FIDO]: Snabb IDentitet online
*[FS]: Forward Secrecy
-*[fork]: A new software project created by copying an existing project and adding to it independently.
+*[fork]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: Allmän dataskyddsförordning
*[GPG]: GNU Privacy Guard (PGP-implementering)
*[GPS]: Globalt positioneringssystem
*[GUI]: Grafiskt användargränssnitt
*[GnuPG]: GNU Privacy Guard (PGP-implementering)
*[HDD]: Hårddisk
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Hypertext Transfer Protocol Säkert
*[HTTP]: Hypertextöverföringsprotokoll
-*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Identifierare för integrerat kretskort
*[IMAP]: Protokoll för åtkomst till Internetmeddelanden
*[IMEI]: Internationell identitet för mobil utrustning
@@ -49,19 +49,22 @@
*[ISPs]: Internetleverantör
*[JNI]: Java inbyggt gränssnitt
*[KYC]: Know Your Customer
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Medieåtkomstkontroll
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: Identifiering av mobil utrustning
*[MFA]: Multi-Faktor Autentisering
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Nätverkstidsprotokoll
*[OCI]: Initiativ för öppna behållare
*[OCSP]: Certifikatstatus online
*[OEM]: Originalutrustningstillverkare
*[OEMs]: Originalutrustningstillverkare
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: Operativsystem
*[OTP]: Engångslösenord
*[OTPs]: Engångslösenord
@@ -69,12 +72,12 @@
*[P2P]: Peer-To-Peer
*[PAM]: Linux Pluggable autentiseringsmoduler
*[POP3]: Postkontorets protokoll 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Personligt identifierbar information
*[QNAME]: Kvalificerat namn
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[rullande utgåva]: Updates which are released frequently rather than at set intervals.
+*[rullande utgåva]: Updates which are released frequently rather than set intervals
*[RSS]: Riktigt enkel syndikering
*[SELinux]: Linux med förbättrad säkerhet
*[SIM]: Modul för abonnentidentitet
@@ -83,10 +86,12 @@
*[SNI]: Serverns namnindikering
*[SSD]: Ssd-disk
*[SSH]: Säkert skal
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Programvara som tjänst (molnprogramvara)
*[SoC]: System på chip
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Protokoll för överföringskontroll
*[TEE]: Miljö för tillförlitlig utförande
*[TLS]: Säkerhet för transportlager
diff --git a/includes/abbreviations.tr.txt b/includes/abbreviations.tr.txt
index 3a217efe..4cd621b3 100644
--- a/includes/abbreviations.tr.txt
+++ b/includes/abbreviations.tr.txt
@@ -2,42 +2,42 @@
*[ADB]: Android Hata Ayıklama Köprüsü
*[AOSP]: Android Açık Kaynak Projesi
*[ATA]: İleri Teknoloji Eklentisi
-*[saldırı yüzeyi]: The total number of possible entry points for unauthorized access to a system.
+*[saldırı yüzeyi]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Android Onaylanmış Önyükleme
*[cgroups]: Kontrol Grupları
*[CLI]: Komut Satırı Arayüzü
*[CSV]: CSV Dosyası
*[CVE]: Yaygın Zafiyetler ve Açıklar
-*[karanlık desen]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[karanlık desen]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Alan Adı Sistemi Güvenlik Eklentileri
*[DNS]: Alan Adı Sistemi
*[DoH]: HTTPS üzerinden DNS
*[DoQ]: QUIC üzerinden DNS
*[DoH3]: HTTP/3 üzerinden DNS
*[DoT]: TLS üzerinden DNS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: Uçtan Uca Şifreleme/Şifreli
*[ECS]: EDNS İstemci Alt Ağı
*[AEA]: Avrupa Ekonomik Alanı
-*[entropi]: A measurement of how unpredictable something is.
+*[entropi]: A measurement of how unpredictable something is
*[EOL]: Kullanım Ömrü Sonu
*[Exif]: Değişebilir görüntü dosyası biçimi
*[FCM]: Firebase Cloud Messaging
*[FDE]: Tam Disk Şifreleme
*[FIDO]: Fast IDentity Online
*[FS]: İleriye dönük gizlilik
-*[çatal]: A new software project created by copying an existing project and adding to it independently.
+*[çatal]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: Genel Veri Koruma Tüzüğü
*[GPG]: GNU Privacy Guard (PGP uygulaması)
*[GPS]: Küresel Konum Belirleme Sistemi
*[GUI]: Grafik Kullanıcı Arayüzü
*[GnuPG]: GNU Privacy Guard (PGP uygulaması)
*[HDD]: Sabit Disk Sürücüsü
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Güvenli Hiper Metin Transfer Protokolü
*[HTTP]: Hiper Metin Transfer Protokolü
-*[hipervizör]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[hipervizör]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Entegre Devre Kartı Tanımlayıcısı
*[IMAP]: İnternet Mesaj Erişim Protokolü
*[IMEI]: Uluslararası Mobil Cihaz Kodu
@@ -49,19 +49,22 @@
*[İSS'ler]: İnternet Servis Sağlayıcıları
*[JNI]: Java Yerel Arayüzü
*[KYC]: Müşterini Tanı
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Ortam Erişim Yönetimi
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: Mobil Ekipman Tanımlayıcı
*[MFA]: Çok Faktörlü Kimlik Doğrulama
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Ağ Zaman Protokolü
*[OCI]: Açık Konteyner Girişimi
*[OCSP]: Çevrimiçi Sertifika Durum Protokolü
*[OEM]: Orijinal Ürün Üreticisi
*[OEM'ler]: Orijinal Ürün Üreticiler
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[İS]: İşletim Sistemi
*[OTP]: Tek Seferlik Parola
*[OTP'ler]: Tek Seferlik Parolalar
@@ -69,12 +72,12 @@
*[P2P]: Eşler Arası
*[PAM]: Linux Takılabilir Kimlik Doğrulama Modülleri
*[POP3]: Postane Protokolü 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Kişiyi Tanımlamak İçin Kullanılan Bilgiler
*[QNAME]: Nitelikli Ad
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[oran sınırları]: Ücret sınırları, bir hizmetin, bir kullanıcının belirli bir süre içinde hizmetlerine kaç kez erişebileceği konusunda getirdiği kısıtlamalardır.
-*[yuvarlanan sürüm]: Updates which are released frequently rather than at set intervals.
+*[yuvarlanan sürüm]: Updates which are released frequently rather than set intervals
*[RSS]: Gerçekten Basit Dağıtım
*[SELinux]: Güvenliği Geliştirilmiş Linux
*[SIM]: Abone Kimlik Modülü
@@ -83,10 +86,12 @@
*[SNI]: Sunucu Adı Göstergesi
*[SSD]: Katı Hâl Sürücüsü
*[SSH]: Güvenli Kabuk
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Hizmet Olarak Yazılım (bulut yazılım)
*[SoC]: Yongada Sistem
-*[TOA]: Single Sign-On
+*[TOA]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: İletim Kontrol Protokolü
*[TEE]: Güvenilir Yürütme Ortamı
*[TLS]: Taşıma Katmanı Güvenliği
diff --git a/includes/abbreviations.uk.txt b/includes/abbreviations.uk.txt
index c4422818..1c799a08 100644
--- a/includes/abbreviations.uk.txt
+++ b/includes/abbreviations.uk.txt
@@ -2,42 +2,42 @@
*[ADB]: Налагоджувальний міст для Android (Android Debugging Bridge)
*[AOSP]: Проект з відкритим вихідним кодом Android (Android Open Source Project)
*[ATA]: Передове технологічне обладнання (Advanced Technology Attachment)
-*[поверхня атаки]: The total number of possible entry points for unauthorized access to a system.
+*[поверхня атаки]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Перевірене завантаження Android (Android Verified Boot)
*[cgroups]: Контрольні групи Linux (Control Groups)
*[CLI]: Інтерфейс командного рядка (Command Line Interface)
*[CSV]: Значення, розділені комами (Comma-Separated Values)
*[CVE]: Поширені вразливості та ризики (Common Vulnerabilities and Exposures)
-*[dark pattern]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[dark pattern]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Розширення безпеки системи доменних імен (Domain Name System Security Extensions)
*[DNS]: Система доменних імен (Domain Name System)
*[DoH]: DNS через HTTPS (DNS over HTTPS)
*[DoQ]: DNS через QUIC (DNS over QUIC)
*[DoH3]: DNS через HTTP/3 (DNS over HTTP/3)
*[DoT]: DNS через TLS (DNS over TLS)
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: Наскрізне шифрування/зашифроване (End-to-End Encryption/Encrypted)
*[ECS]: Клієнтська підмережа EDNS (EDNS Client Subnet)
*[EEA]: Європейська економічна зона (European Economic Area)
-*[ентропія]: A measurement of how unpredictable something is.
+*[ентропія]: A measurement of how unpredictable something is
*[EOL]: Кінець життя/терміну служби (End-of-Life)
*[Exif]: Обмінний формат файлів зображень (Exchangeable image file format)
*[FCM]: Хмарний обмін повідомленнями Firebase (Firebase Cloud Messaging)
*[FDE]: Повне шифрування диска (Full Disk Encryption)
*[FIDO]: Швидка ідентифікація особи онлайн (Fast IDentity Online)
*[FS]: Forward Secrecy
-*[форк]: A new software project created by copying an existing project and adding to it independently.
+*[форк]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: Загальний регламент про захист даних ЄС (General Data Protection Regulation)
*[GPG]: GNU Privacy Guard (реалізація PGP)
*[GPS]: Система глобального позиціювання (Global Positioning System)
*[GUI]: Графічний інтерфейс користувача (Graphical User Interface)
*[GnuPG]: GNU Privacy Guard (реалізація PGP)
*[HDD]: Жорсткий диск (Hard Disk Drive)
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Безпечний протокол передачі гіпертексту (Hypertext Transfer Protocol Secure)
*[HTTP]: Протокол передачі гіпертексту (Hypertext Transfer Protocol)
-*[гіпервізор]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[гіпервізор]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Ідентифікатор плати інтегральної мікросхеми (Integrated Circuit Card Identifier)
*[IMAP]: Протокол доступу до Інтернет-повідомлень (Internet Message Access Protocol)
*[IMEI]: Міжнародний ідентифікатор мобільного обладнання (International Mobile Equipment Identity)
@@ -49,19 +49,22 @@
*[ISPs]: Інтернет-провайдери (Internet Service Providers)
*[JNI]: Java Native Interface
*[KYC]: Know Your Customer
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Media Access Control
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: Mobile Equipment Identifier
*[MFA]: Multi-Factor Authentication
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Network Time Protocol
*[OCI]: Open Container Initiative
*[OCSP]: Online Certificate Status Protocol
*[OEM]: Original Equipment Manufacturer
*[OEMs]: Original Equipment Manufacturers
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: Operating System
*[OTP]: One-Time Password
*[OTPs]: One-Time Passwords
@@ -69,12 +72,12 @@
*[P2P]: Peer-to-Peer
*[PAM]: Linux Pluggable Authentication Modules
*[POP3]: Post Office Protocol 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Personally Identifiable Information
*[QNAME]: Qualified Name
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[rolling release]: Updates which are released frequently rather than at set intervals.
+*[rolling release]: Updates which are released frequently rather than set intervals
*[RSS]: Really Simple Syndication
*[SELinux]: Security-Enhanced Linux
*[SIM]: Subscriber Identity Module
@@ -83,10 +86,12 @@
*[SNI]: Server Name Indication
*[SSD]: Solid-State Drive
*[SSH]: Secure Shell
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Software as a Service (cloud software)
*[SoC]: System on Chip
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Transmission Control Protocol
*[TEE]: Trusted Execution Environment
*[TLS]: Transport Layer Security
diff --git a/includes/abbreviations.vi.txt b/includes/abbreviations.vi.txt
index d8a21651..de1c9c55 100644
--- a/includes/abbreviations.vi.txt
+++ b/includes/abbreviations.vi.txt
@@ -2,42 +2,42 @@
*[ADB]: Android Debug Bridge
*[AOSP]: Android Open Source Project
*[ATA]: Advanced Technology Attachment
-*[attack surface]: The total number of possible entry points for unauthorized access to a system.
+*[attack surface]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Android Verified Boot
*[cgroups]: Control Groups
*[CLI]: Command Line Interface
*[CSV]: Comma-Separated Values
*[CVE]: Common Vulnerabilities and Exposures
-*[dark pattern]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[dark pattern]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: Domain Name System Security Extensions
*[DNS]: Domain Name System
*[DoH]: DNS over HTTPS
*[DoQ]: DNS over QUIC
*[DoH3]: DNS over HTTP/3
*[DoT]: DNS over TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: End-to-End Encryption/Encrypted
*[ECS]: EDNS Client Subnet
*[EEA]: European Economic Area
-*[entropy]: A measurement of how unpredictable something is.
+*[entropy]: A measurement of how unpredictable something is
*[EOL]: End-of-Life
*[Exif]: Exchangeable image file format
*[FCM]: Firebase Cloud Messaging
*[FDE]: Full Disk Encryption
*[FIDO]: Fast IDentity Online
*[FS]: Forward Secrecy
-*[fork]: A new software project created by copying an existing project and adding to it independently.
+*[fork]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: General Data Protection Regulation
*[GPG]: GNU Privacy Guard (PGP implementation)
*[GPS]: Global Positioning System
*[GUI]: Graphical User Interface
*[GnuPG]: GNU Privacy Guard (PGP implementation)
*[HDD]: Hard Disk Drive
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: Hypertext Transfer Protocol Secure
*[HTTP]: Hypertext Transfer Protocol
-*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: Integrated Circuit Card Identifier
*[IMAP]: Internet Message Access Protocol
*[IMEI]: International Mobile Equipment Identity
@@ -49,19 +49,22 @@
*[ISPs]: Internet Service Providers
*[JNI]: Java Native Interface
*[KYC]: Know Your Customer
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Media Access Control
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: Mobile Equipment Identifier
*[MFA]: Multi-Factor Authentication
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Network Time Protocol
*[OCI]: Open Container Initiative
*[OCSP]: Online Certificate Status Protocol
*[OEM]: Original Equipment Manufacturer
*[OEMs]: Original Equipment Manufacturers
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: Operating System
*[OTP]: One-Time Password
*[OTPs]: One-Time Passwords
@@ -69,12 +72,12 @@
*[P2P]: Peer-to-Peer
*[PAM]: Linux Pluggable Authentication Modules
*[POP3]: Post Office Protocol 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Personally Identifiable Information
*[QNAME]: Qualified Name
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[rolling release]: Updates which are released frequently rather than at set intervals.
+*[rolling release]: Updates which are released frequently rather than set intervals
*[RSS]: Really Simple Syndication
*[SELinux]: Security-Enhanced Linux
*[SIM]: Subscriber Identity Module
@@ -83,10 +86,12 @@
*[SNI]: Server Name Indication
*[SSD]: Solid-State Drive
*[SSH]: Secure Shell
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Software as a Service (cloud software)
*[SoC]: System on Chip
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Transmission Control Protocol
*[TEE]: Trusted Execution Environment
*[TLS]: Transport Layer Security
diff --git a/includes/abbreviations.zh-Hant.txt b/includes/abbreviations.zh-Hant.txt
index 66e5e5c8..042beb4b 100644
--- a/includes/abbreviations.zh-Hant.txt
+++ b/includes/abbreviations.zh-Hant.txt
@@ -2,42 +2,42 @@
*[ADB]: Android 偵錯橋接器
*[AOSP]: Android 開放原始碼計畫
*[ATA]: 高技術配置
-*[攻擊面]: The total number of possible entry points for unauthorized access to a system.
+*[攻擊面]: The total number of possible entry points for unauthorized access to a system
*[AVB]: Android 驗證啟動
*[cgroups]: 對照組
*[CLI]: 命令列介面
*[CSV]: 字元分隔值
*[CVE]: 公共漏洞和暴露
-*[詐欺性設計模式]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[詐欺性設計模式]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: 網域名稱系統安全擴充套件
*[DNS]: 域名系統
*[DoH]: 基於 HTTPS 的 DNS 服務 (DNS over HTTPS)
*[DoQ]: 基於 QUIC 的 DNS 服務 (DNS over QUIC)
*[DoH3]: 基於 HTTP/3 的 DNS 服務 (DNS over HTTP/3)
*[DoT]: 基於 TLS 的 DNS 服務 (DNS over TLS)
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: 端對端加密
*[ECS]: EDNS 客戶端子網
*[EEA]: 歐洲經濟區
-*[entropy]: A measurement of how unpredictable something is.
+*[entropy]: A measurement of how unpredictable something is
*[EOL]: 產品壽命結束
*[Exif]: 可交換影像檔案格式
*[FCM]: Firebase 雲端訊息傳遞
*[FDE]: 完整磁碟加密
*[FIDO]: 快速線上身份驗證
*[FS]: 前向保密
-*[分支]: A new software project created by copying an existing project and adding to it independently.
+*[分支]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: 一般資料保護規定 (歐盟)
*[GPG]: GNU Privacy Guard (基於 PGP 協定)
*[GPS]: 全球定位系統
*[GUI]: 圖形使用者介面
*[GnuPG]: GNU Privacy Guard (基於 PGP 協定)
*[HDD]: 傳統硬碟 (又稱機械硬碟)
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: 安全超文本傳輸協議
*[HTTP]: 超文本傳輸協議
-*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: 集成式迴路卡識別碼
*[IMAP]: 網際網路訊息存取協定
*[IMEI]: 國際行動裝置識別碼
@@ -49,19 +49,22 @@
*[ISPs]: 網際網路服務提供商
*[JNI]: Java 原生介面
*[KYC]: 客戶身分審查
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: 媒體存取控制
*[MDAG]: Microsoft Defender 應用程式防護
*[MEID]: 行動裝置識別碼
*[MFA]: 多重要素驗證
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: 網路時間協定
*[OCI]: 開放容器標準
*[OCSP]: 線上憑證狀態協定
*[OEM]: 原始設備製造商
*[OEMs]: 原始設備製造商
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: 操作系統
*[OTP]: 一次性密碼
*[OTPs]: 一次性密碼
@@ -69,12 +72,12 @@
*[P2P]: 點對點網路 (又稱對等式網路)
*[PAM]: Linux 插入式驗證模組
*[POP3]: 郵局協定第 3 版
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: 個人可識別資訊
*[QNAME]: 限定名稱
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[滾動式更新]: Updates which are released frequently rather than at set intervals.
+*[滾動式更新]: Updates which are released frequently rather than set intervals
*[RSS]: 簡易資訊聚合格式
*[SELinux]: 安全增強型 Linux
*[SIM]: 使用者身分模組
@@ -83,10 +86,12 @@
*[SNI]: 伺服器名稱指示
*[SSD]: 固態硬碟
*[SSH]: 安全殼層
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: 軟體即服務 (雲端軟體)
*[SoC]: 系統晶片
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: 傳輸控制通訊協定
*[TEE]: 受信任執行環境
*[TLS]: 傳輸層安全性
diff --git a/includes/abbreviations.zh.txt b/includes/abbreviations.zh.txt
index b4fc9fbe..3aef4ac2 100644
--- a/includes/abbreviations.zh.txt
+++ b/includes/abbreviations.zh.txt
@@ -2,42 +2,42 @@
*[ADB]: 安卓调试桥接器
*[AOSP]: 安卓开源项目
*[ATA]: 先进技术附件
-*[攻击面]: The total number of possible entry points for unauthorized access to a system.
+*[攻击面]: The total number of possible entry points for unauthorized access to a system
*[AVB]: 安卓验证启动
*[cgroups]: 控制组
*[CLI]: 命令行界面
*[CSV]: 逗号分隔值
*[CVE]: 常见漏洞和风险
-*[dark pattern]: A deceptive design pattern intended to trick a user into taking certain actions.
-*[digital legacy]: A feature that allows you to give other people access to your data when you die.
+*[dark pattern]: A deceptive design pattern intended to trick a user into doing things
+*[digital legacy feature]: Digital Legacy refers to features that allow you to give other people access to your data when you die
*[DNSSEC]: 域名系统安全扩展
*[DNS]: 域名系统
*[DoH]: DNS over HTTPS
*[DoQ]: DNS over QUIC
*[DoH3]: DNS over HTTP/3
*[DoT]: DNS over TLS
-*[DPI]: Deep Packet Inspection
+*[DPI]: Deep Packet Inspection identifies and blocks packet with specific payloads
*[E2EE]: 端到端加密
*[ECS]: EDNS 客户子网
*[EEA]: 欧洲经济区
-*[entropy]: A measurement of how unpredictable something is.
+*[entropy]: A measurement of how unpredictable something is
*[EOL]: 服务终止
*[Exif]: 可交换图片文件格式
*[FCM]: Firebase云消息
*[FDE]: 全盘加密
*[FIDO]: 快速在线身份认证
*[FS]: 前向保密
-*[fork]: A new software project created by copying an existing project and adding to it independently.
+*[fork]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: 通用数据保护条例(欧盟)
*[GPG]: GNU Privacy Guard (PGP 实现)
*[GPS]: 全球定位系统
*[GUI]: 图形用户界面
*[GnuPG]: GNU Privacy Guard (PGP 实现)
*[HDD]: 机械硬盘
-*[HOTP]: HMAC (Hash-based Message Authentication Code)-based One-Time Password
+*[HOTP]: HMAC (Hash-based Message Authentication Code) based One-Time Password
*[HTTPS]: 安全超文本传输协议
*[HTTP]: 超文本传输协议
-*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems.
+*[hypervisor]: Computer software, firmware, or hardware that splits the resources of a CPU among multiple operating systems
*[ICCID]: 集成电路卡标识符
*[IMAP]: 互联网消息访问协议
*[IMEI]: 国际移动设备识别码
@@ -49,19 +49,22 @@
*[ISPs]: Internet Service Providers
*[JNI]: Java Native Interface
*[KYC]: Know Your Customer
-*[LUKS]: Linux Unified Key Setup (full disk encryption)
+*[LLaVA]: Large Language and Vision Assistant (multimodal AI model)
+*[LLMs]: Large Language Models (AI models such as ChatGPT)
+*[LUKS]: Linux Unified Key Setup (Full-Disk Encryption)
*[MAC]: Media Access Control
*[MDAG]: Microsoft Defender Application Guard
*[MEID]: Mobile Equipment Identifier
*[MFA]: 多因素认证
-*[NVMe]: Non-Volatile Memory Express
-*[NAT]: Network Address Translation
-*[NAT-PMP]: NAT (Network Address Translation) Port Mapping Protocol
+*[NVMe]: Nonvolatile Memory Express
+*[NAT]: Network address translation
+*[NAT-PMP]: NAT Port Mapping Protocol
*[NTP]: Network Time Protocol
*[OCI]: Open Container Initiative
*[OCSP]: Online Certificate Status Protocol
*[OEM]: 原始设备制造商
*[OEMs]: Original Equipment Manufacturers
+*[open-weights]: An open weights-model is an AI model that anyone can download and use, but for which the underlying training data and/or algorithms are proprietary.
*[OS]: 操作系统
*[OTP]: 一次性口令
*[OTPs]: 一次性口令
@@ -69,12 +72,12 @@
*[P2P]: 点对点传输
*[PAM]: Linux Pluggable Authentication Modules
*[POP3]: Post Office Protocol 3
-*[PGP]: Pretty Good Privacy
+*[PGP]: Pretty Good Privacy (see OpenPGP)
*[PII]: Personally Identifiable Information
*[QNAME]: Qualified Name
-*[QUIC]: A network protocol that is based on UDP, but aims to combine the speed of UDP with the reliability of TCP.
+*[QUIC]: A network protocol based on UDP, but aiming to combine the speed of UDP with the reliability of TCP.
*[rate limits]: Rate limits are restrictions that a service imposes on the number of times a user can access their services within a specified period of time.
-*[rolling release]: Updates which are released frequently rather than at set intervals.
+*[rolling release]: Updates which are released frequently rather than set intervals
*[RSS]: Really Simple Syndication
*[SELinux]: Security-Enhanced Linux
*[SIM]: Subscriber Identity Module
@@ -83,10 +86,12 @@
*[SNI]: Server Name Indication
*[SSD]: Solid-State Drive
*[SSH]: Secure Shell
-*[SUID]: Set User Identity
+*[SUID]: Set Owner User ID
*[SaaS]: Software as a Service (cloud software)
*[SoC]: System on Chip
-*[SSO]: Single Sign-On
+*[SSO]: Single sign-on
+*[system prompt]: The system prompt of an AI chat is the general instructions given by a human to guide how it should operate.
+*[temperature]: AI temperature is a parameter used in AI models to control the level of randomness and creativity in the generated text.
*[TCP]: Transmission Control Protocol
*[TEE]: Trusted Execution Environment
*[TLS]: Transport Layer Security