{ align=right }
-**Cryptomator** is an encryption solution designed for privately saving files to any cloud provider. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
[:octicons-home-16: Homepage](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Privacy Policy" }
@@ -49,6 +53,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Picocrypt (File)
+
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -72,6 +80,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### VeraCrypt (Disk)
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -103,6 +115,10 @@ Truecrypt has been [audited a number of times](https://en.wikipedia.org/wiki/Tru
## OS Full Disk Encryption
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
### BitLocker
@@ -227,6 +243,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## Command-line
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Tools with command-line interfaces are useful for integrating [shell scripts](https://en.wikipedia.org/wiki/Shell_script).
### Kryptor
@@ -273,6 +293,12 @@ Tools with command-line interfaces are useful for integrating [shell scripts](ht
## OpenPGP
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Passive Angriffe](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Diensteanbieter](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP is sometimes needed for specific tasks such as digitally signing and encrypting email. PGP has many features and is [complex](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) as it has been around a long time. For tasks such as signing or encrypting files, we suggest the above options.
When encrypting with PGP, you have the option to configure different options in your `gpg.conf` file. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/de/file-sharing.md b/i18n/de/file-sharing.md
index cfe78654..25dac445 100644
--- a/i18n/de/file-sharing.md
+++ b/i18n/de/file-sharing.md
@@ -5,6 +5,10 @@ description: Discover how to privately share your files between your devices, wi
cover: file-sharing.webp
---
+Protects against the following threat(s):
+
+- [:material-server-network: Diensteanbieter](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Discover how to privately share your files between your devices, with your friends and family, or anonymously online.
## File Sharing
@@ -39,7 +43,7 @@ ffsend upload --host https://send.vis.ee/ FILE
{ align=right }
-**OnionShare** is an open-source tool that lets you securely and anonymously share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.
[:octicons-home-16: Homepage](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Onion Service" }
@@ -57,6 +61,8 @@ ffsend upload --host https://send.vis.ee/ FILE
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### Criteria
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
diff --git a/i18n/de/language-tools.md b/i18n/de/language-tools.md
index 1f6f756c..b69f9ff1 100644
--- a/i18n/de/language-tools.md
+++ b/i18n/de/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/de/mobile-browsers.md b/i18n/de/mobile-browsers.md
index da052642..67d77766 100644
--- a/i18n/de/mobile-browsers.md
+++ b/i18n/de/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. Falls du anonym surfen möchtest, solltest du stattdessen [Tor](tor.md) verwenden.
## Android
diff --git a/i18n/de/mobile-phones.md b/i18n/de/mobile-phones.md
index bbc0202a..47e2b701 100644
--- a/i18n/de/mobile-phones.md
+++ b/i18n/de/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/de/multi-factor-authentication.md b/i18n/de/multi-factor-authentication.md
index 8817eb77..c79a9098 100644
--- a/i18n/de/multi-factor-authentication.md
+++ b/i18n/de/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Hardware Keys
diff --git a/i18n/de/notebooks.md b/i18n/de/notebooks.md
index d450ba8b..9925863e 100644
--- a/i18n/de/notebooks.md
+++ b/i18n/de/notebooks.md
@@ -5,6 +5,10 @@ description: These encrypted note-taking apps let you keep track of your notes w
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Diensteanbieter](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Keep track of your notes and journalings without giving them to a third-party.
If you are currently using an application like Evernote, Google Keep, or Microsoft OneNote, we suggest you pick an alternative here that supports E2EE.
diff --git a/i18n/de/os/ios-overview.md b/i18n/de/os/ios-overview.md
index bf0425ee..b0c71887 100644
--- a/i18n/de/os/ios-overview.md
+++ b/i18n/de/os/ios-overview.md
@@ -42,7 +42,7 @@ You can also protect your data by limiting what you sync to iCloud in the first
A paid **iCloud+** subscription (with any iCloud storage plan) comes with some privacy-protecting functionality. While these may provide adequate service for current iCloud customers, we wouldn't recommend purchasing an iCloud+ plan over a [VPN](../vpn.md) and [standalone email aliasing service](../email-aliasing.md) just for these features alone.
-**Private Relay** is a proxy service which relays your Safari traffic through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a full VPN, Private Relay does not protect traffic from your apps outside of Safari.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Hide My Email** is Apple's email aliasing service. You can create an email aliases for free when you *Sign In With Apple* on a website or app, or generate unlimited aliases on demand with a paid iCloud+ plan. Hide My Email has the advantage of using the `@icloud.com` domain for its aliases, which may be less likely to be blocked compared to other email aliasing services, but does not offer functionality offered by standalone services such as automatic PGP encryption or multiple mailbox support.
diff --git a/i18n/de/passwords.md b/i18n/de/passwords.md
index a7725738..8d633c7a 100644
--- a/i18n/de/passwords.md
+++ b/i18n/de/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Passive Angriffe](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Diensteanbieter](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[Introduction to Passwords :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/de/photo-management.md b/i18n/de/photo-management.md
index 89f3a7d0..c526c59a 100644
--- a/i18n/de/photo-management.md
+++ b/i18n/de/photo-management.md
@@ -5,6 +5,11 @@ description: Photo management tools to keep your personal photos safe from the p
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. These options keep your personal photos private, while allowing you to share them only with family and trusted people.
## Ente Photos
diff --git a/i18n/de/real-time-communication.md b/i18n/de/real-time-communication.md
index 9cf3831d..642168d3 100644
--- a/i18n/de/real-time-communication.md
+++ b/i18n/de/real-time-communication.md
@@ -6,6 +6,13 @@ description: Andere Instant Messenger stellen dem Unternehmen, das sie betreibt,
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Angriffe](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Diensteanbieter](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: Massenüberwachung](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[Arten von Kommunikationsnetzen :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -67,7 +74,7 @@ We have some additional tips on configuring and hardening your Signal installati
{ align=right }
-**SimpleX** Chat is an instant messenger that is decentralized and doesn't depend on any unique identifiers such as phone numbers or usernames. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
[:octicons-home-16: Homepage](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Privacy Policy" }
@@ -98,7 +105,7 @@ SimpleX Chat supports basic group chatting functionality, direct messaging, and
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/de/security-keys.md b/i18n/de/security-keys.md
index 6866f156..487106ea 100644
--- a/i18n/de/security-keys.md
+++ b/i18n/de/security-keys.md
@@ -5,6 +5,11 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A physical **security key** adds a very strong layer of protection to your online accounts. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/de/tools.md b/i18n/de/tools.md
index 3e157b66..925b19e0 100644
--- a/i18n/de/tools.md
+++ b/i18n/de/tools.md
@@ -31,6 +31,15 @@ For more details about each project, why they were chosen, and additional tips o
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/de/tor.md b/i18n/de/tor.md
index 27d871ad..ab2e9da9 100644
--- a/i18n/de/tor.md
+++ b/i18n/de/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: Massenüberwachung](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Zensur](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
Das **Tor** Netzwerk besteht aus von Freiwilligen betriebenen Servern, die es kostenlos ermöglichen, die eigene Privatsphäre und Sicherheit im Internet zu verbessern. Einzelpersonen und Organisationen können auch Informationen über das Tor-Netzwerk mit ".onion versteckten Diensten" austauschen, ohne ihre Privatsphäre zu gefährden. Da der Tor-Verkehr schwer zu blockieren und zurückzuverfolgen ist, ist Tor ein effektives Werkzeug zur Zensur Umgehung.
[Detaillierte Tor-Übersicht :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Bevor du dich mit Tor verbindest, stelle bitte sicher, dass du unsere in unserer
-Es gibt eine Vielzahl von Möglichkeiten, sich von deinem Gerät aus mit dem Tor-Netzwerk zu verbinden. Die am häufigsten genutzte ist der **Tor Browser**, ein Fork (Abwandlung) von Firefox, der für anonymes Surfen für Desktop-Computer und für Android entwickelt wurde.
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Einige dieser Anwendungen sind besser als andere, und auch hier hängt die Entscheidung von deinem Bedrohungsmodell ab. Wenn du ein gelegentlicher Tor-Benutzer bist, der sich keine Sorgen darüber macht, dass dein Internetanbieter Beweise gegen dich sammelt, ist es wahrscheinlich in Ordnung, Anwendungen wie [Orbot](#orbot) oder mobile Browseranwendungen zu benutzen, um auf das Tor-Netzwerk zuzugreifen. Wenn mehr Menschen regelmäßig Tor nutzen, hilft das, das schlechte Stigma von Tor zu verringern und senkt zudem die Qualität der "Listen von Tor-Nutzern", die ISPs und Regierungen erstellen können.
-Wenn du Wert auf vollständige Anonymität legst, solltest du **ausschließlich** den Tor-Browser-Client verwenden, idealerweise in einer Kombination aus [Whonix](desktop.md#whonix) und [Qubes](desktop.md#qubes-os). Mobile Browser sind bei Tor weniger verbreitet (daher mehr anfällig für Fingerprinting). Außerdem sind diese Konfigurationen nicht so rigoros gegen Deanonymisierung getestet.
+Wenn du Wert auf vollständige Anonymität legst, solltest du **ausschließlich** den Tor-Browser-Client verwenden, idealerweise in einer Kombination aus [Whonix](desktop.md#whonix) und [Qubes](desktop.md#qubes-os). Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Tor Browser
diff --git a/i18n/de/vpn.md b/i18n/de/vpn.md
index bc15e6c2..339bdd85 100644
--- a/i18n/de/vpn.md
+++ b/i18n/de/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/el/alternative-networks.md b/i18n/el/alternative-networks.md
index 2f610233..6ea4b146 100644
--- a/i18n/el/alternative-networks.md
+++ b/i18n/el/alternative-networks.md
@@ -5,9 +5,15 @@ description: These tools allow you to access networks other than the World Wide
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## Anonymizing Networks
-When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your anonymity, unless you know what you're doing.
+When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### Tor
@@ -15,7 +21,7 @@ When it comes to anonymizing networks, we want to specially note that [Tor](adva
{ align=right }
-The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Τα άτομα και οι οργανισμοί μπορούν επίσης να μοιράζονται πληροφορίες μέσω του δικτύου Tor με τις κρυφές υπηρεσίες ".onion" χωρίς να θέτουν σε κίνδυνο την ιδιωτικότητά τους. Επειδή η διαδικτυακή κυκλοφορία του Tor είναι δύσκολο να μπλοκαριστεί και να ανιχνευθεί, το Tor είναι ένα αποτελεσματικό εργαλείο παράκαμψης της λογοκρισίας.
+The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Τα άτομα και οι οργανισμοί μπορούν επίσης να μοιράζονται πληροφορίες μέσω του δικτύου Tor με τις κρυφές υπηρεσίες ".onion" χωρίς να θέτουν σε κίνδυνο την ιδιωτικότητά τους. Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title=Homepage }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
diff --git a/i18n/el/android/distributions.md b/i18n/el/android/distributions.md
index 339587be..c3c27e85 100644
--- a/i18n/el/android/distributions.md
+++ b/i18n/el/android/distributions.md
@@ -29,6 +29,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A **custom Android-based operating system** (often known as a **custom ROM**) is a popular way to achieve higher levels of privacy and security on your device. This is in contrast to the "stock" version of Android which comes with your phone from the factory, and is often deeply integrated with Google Play Services.
We recommend installing one of these custom Android operating systems on your device, listed in order of preference, depending on your device's compatibility with these operating systems.
diff --git a/i18n/el/android/general-apps.md b/i18n/el/android/general-apps.md
index a00e5afd..a20051c9 100644
--- a/i18n/el/android/general-apps.md
+++ b/i18n/el/android/general-apps.md
@@ -91,6 +91,11 @@ The image orientation metadata is not deleted. If you enable location (in Secure
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/el/browser-extensions.md b/i18n/el/browser-extensions.md
index d5644115..f0a2bf5b 100644
--- a/i18n/el/browser-extensions.md
+++ b/i18n/el/browser-extensions.md
@@ -5,6 +5,10 @@ description: These browser extensions can enhance your browsing experience and p
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
In general, we recommend keeping your browser extensions to a minimum to decrease your attack surface. They have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
However, some provide functionality which can outweigh these downsides in certain situations, particularly when it comes to [content blocking](basics/common-threats.md#mass-surveillance-programs).
@@ -56,7 +60,7 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
{ align=right }
-**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function.
+**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/el/calendar.md b/i18n/el/calendar.md
index edcd57b4..e44bf1ee 100644
--- a/i18n/el/calendar.md
+++ b/i18n/el/calendar.md
@@ -5,6 +5,11 @@ description: Calendars contain some of your most sensitive data; use products th
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Calendars** contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
## Tuta
diff --git a/i18n/el/cloud.md b/i18n/el/cloud.md
index 1b691f08..42467f65 100644
--- a/i18n/el/cloud.md
+++ b/i18n/el/cloud.md
@@ -6,6 +6,11 @@ description: Many cloud storage providers require your trust that they will not
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. The alternatives listed below eliminate the need for trust by implementing secure E2EE.
If these alternatives do not fit your needs, we suggest you look into using encryption software like [Cryptomator](encryption.md#cryptomator-cloud) with another cloud provider. Using Cryptomator in conjunction with **any** cloud provider (including these) may be a good idea to reduce the risk of encryption flaws in a provider's native clients.
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech).
+**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/el/cryptocurrency.md b/i18n/el/cryptocurrency.md
index 2fd5ccf5..348e2546 100644
--- a/i18n/el/cryptocurrency.md
+++ b/i18n/el/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
Making payments online is one of the biggest challenges to privacy. These cryptocurrencies provide transaction privacy by default (something which is **not** guaranteed by the majority of cryptocurrencies), provided you have a strong understanding of how to make private payments effectively. We strongly encourage you first read our payments overview article before making any purchases:
[Making Private Payments :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -22,7 +27,7 @@ Many if not most cryptocurrency projects are scams. Make transactions carefully
{ align=right }
-**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve anonymity. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
[:octicons-home-16: Homepage](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentation}
diff --git a/i18n/el/desktop-browsers.md b/i18n/el/desktop-browsers.md
index 4996c9c7..1bb63658 100644
--- a/i18n/el/desktop-browsers.md
+++ b/i18n/el/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **desktop web browsers** and configurations for standard/non-anonymous browsing. Προτείνουμε τον [Mullvad Browser](#mullvad-browser) εαν σε απασχολεί ιδιαίτερα η ιδιωτικότητα και η προστασία του ψηφιακού σου αποτυπώματος και θέλεις αυτά να υφίστανται από προεπιλογή, [το Firefox](#firefox) για καθημερινή περιήγηση αν κυρίως αναζητάς μια καλή εναλλακτική στο Google Chrome, και τέλος [το Brave](#brave) αν χρειάζεσαι συμβατότητα με περιηγητές τύπου Chromium.
Εάν χρειάζεται να περιηγηθείς στο διαδίκτυο ανώνυμα, θα πρέπει να χρησιμοποιήσεις το [Tor](tor.md). Προτείνουμε ορισμένες ρυθμίσεις στην παρούσα σελίδα, μα όλοι οι περιηγητές εκτός του Tor Browser θα είναι ανιχνεύσιμοι από *κάποιο* με τον έναν ή τον άλλο τρόπο, ανεξαρτήτως ρυθμίσεων.
@@ -67,7 +71,7 @@ These are our currently recommended **desktop web browsers** and configurations
{ align=right }
-Ο **Mullvad Browser** είναι μία έκδοση του [Tor Browser](tor.md#tor-browser) δίχως ενσωματώσεις δικτύου Tor και αποσκοπεί να προσφέρει τις τεχνολογίες "αντι-αποτύπωσης" (anti-fingerprinting) του Tor Browser σε χρήστ(ρι)ες VPN. Αναπτύσσεται από το Tor Project και διανέμεται από τη [Mullvad](vpn.md#mullvad), και **δεν** απαιτεί χρήση του Mullvad VPN.
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. Αναπτύσσεται από το Tor Project και διανέμεται από τη [Mullvad](vpn.md#mullvad), και **δεν** απαιτεί χρήση του Mullvad VPN.
[:octicons-home-16: Homepage](https://mullvad.net/en/browser){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mullvad.net/en/help/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/el/device-integrity.md b/i18n/el/device-integrity.md
index b7161338..8ae31646 100644
--- a/i18n/el/device-integrity.md
+++ b/i18n/el/device-integrity.md
@@ -45,6 +45,10 @@ These tools provide analysis based on the information they have the ability to a
## External Verification Tools
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -128,6 +132,11 @@ iMazing automates and interactively guides you through the process of using [MVT
## On-Device Verification
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
@@ -181,6 +190,10 @@ If your [threat model](basics/threat-modeling.md) requires privacy, you could co
## On-Device Scanners
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install on your device which scan your device for signs of compromise.
@@ -221,7 +234,7 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
{ align=right }
-**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Homepage](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/el/dns.md b/i18n/el/dns.md
index 0a7a804f..7846363c 100644
--- a/i18n/el/dns.md
+++ b/i18n/el/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
Encrypted DNS with third-party servers should only be used to get around basic [DNS blocking](https://en.wikipedia.org/wiki/DNS_blocking) when you can be sure there won't be any consequences. Encrypted DNS will not help you hide any of your browsing activity.
[Learn more about DNS :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/el/document-collaboration.md b/i18n/el/document-collaboration.md
index 08a5f1ad..1410227d 100644
--- a/i18n/el/document-collaboration.md
+++ b/i18n/el/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/el/email-aliasing.md b/i18n/el/email-aliasing.md
index 2b447982..c2f4c549 100644
--- a/i18n/el/email-aliasing.md
+++ b/i18n/el/email-aliasing.md
@@ -5,6 +5,11 @@ description: An email aliasing service allows you to easily generate a new email
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md). True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
diff --git a/i18n/el/encryption.md b/i18n/el/encryption.md
index 5485ba53..e469ce94 100644
--- a/i18n/el/encryption.md
+++ b/i18n/el/encryption.md
@@ -14,11 +14,15 @@ The options listed here are multi-platform and great for creating encrypted back
### Cryptomator (Cloud)
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
{ align=right }
-**Cryptomator** is an encryption solution designed for privately saving files to any cloud provider. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
[:octicons-home-16: Homepage](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Privacy Policy" }
@@ -49,6 +53,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Picocrypt (File)
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -72,6 +80,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### VeraCrypt (Disk)
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -103,6 +115,10 @@ Truecrypt has been [audited a number of times](https://en.wikipedia.org/wiki/Tru
## OS Full Disk Encryption
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
### BitLocker
@@ -227,6 +243,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## Command-line
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Tools with command-line interfaces are useful for integrating [shell scripts](https://en.wikipedia.org/wiki/Shell_script).
### Kryptor
@@ -273,6 +293,12 @@ Tools with command-line interfaces are useful for integrating [shell scripts](ht
## OpenPGP
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP is sometimes needed for specific tasks such as digitally signing and encrypting email. PGP has many features and is [complex](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) as it has been around a long time. For tasks such as signing or encrypting files, we suggest the above options.
When encrypting with PGP, you have the option to configure different options in your `gpg.conf` file. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/el/file-sharing.md b/i18n/el/file-sharing.md
index cfe78654..65d61df7 100644
--- a/i18n/el/file-sharing.md
+++ b/i18n/el/file-sharing.md
@@ -5,6 +5,10 @@ description: Discover how to privately share your files between your devices, wi
cover: file-sharing.webp
---
+Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Discover how to privately share your files between your devices, with your friends and family, or anonymously online.
## File Sharing
@@ -39,7 +43,7 @@ ffsend upload --host https://send.vis.ee/ FILE
{ align=right }
-**OnionShare** is an open-source tool that lets you securely and anonymously share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.
[:octicons-home-16: Homepage](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Onion Service" }
@@ -57,6 +61,8 @@ ffsend upload --host https://send.vis.ee/ FILE
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### Criteria
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
diff --git a/i18n/el/language-tools.md b/i18n/el/language-tools.md
index b1a8d43d..9da71f7e 100644
--- a/i18n/el/language-tools.md
+++ b/i18n/el/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/el/mobile-browsers.md b/i18n/el/mobile-browsers.md
index 862e727e..83d374ed 100644
--- a/i18n/el/mobile-browsers.md
+++ b/i18n/el/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. Εάν χρειάζεται να περιηγηθείτε στο διαδίκτυο ανώνυμα, θα πρέπει σε αυτή την περίπτωση να χρησιμοποιήσετε το [Tor](tor.md).
## Android
diff --git a/i18n/el/mobile-phones.md b/i18n/el/mobile-phones.md
index 05d9bc84..c65b0814 100644
--- a/i18n/el/mobile-phones.md
+++ b/i18n/el/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/el/multi-factor-authentication.md b/i18n/el/multi-factor-authentication.md
index 2f35b299..66eab966 100644
--- a/i18n/el/multi-factor-authentication.md
+++ b/i18n/el/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Hardware Keys
diff --git a/i18n/el/notebooks.md b/i18n/el/notebooks.md
index e4257c5a..a1284c71 100644
--- a/i18n/el/notebooks.md
+++ b/i18n/el/notebooks.md
@@ -5,6 +5,10 @@ description: These encrypted note-taking apps let you keep track of your notes w
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Keep track of your notes and journalings without giving them to a third-party.
If you are currently using an application like Evernote, Google Keep, or Microsoft OneNote, we suggest you pick an alternative here that supports E2EE.
diff --git a/i18n/el/os/ios-overview.md b/i18n/el/os/ios-overview.md
index aa74905f..fa5de913 100644
--- a/i18n/el/os/ios-overview.md
+++ b/i18n/el/os/ios-overview.md
@@ -42,7 +42,7 @@ You can also protect your data by limiting what you sync to iCloud in the first
A paid **iCloud+** subscription (with any iCloud storage plan) comes with some privacy-protecting functionality. While these may provide adequate service for current iCloud customers, we wouldn't recommend purchasing an iCloud+ plan over a [VPN](../vpn.md) and [standalone email aliasing service](../email-aliasing.md) just for these features alone.
-**Private Relay** is a proxy service which relays your Safari traffic through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a full VPN, Private Relay does not protect traffic from your apps outside of Safari.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Hide My Email** is Apple's email aliasing service. You can create an email aliases for free when you *Sign In With Apple* on a website or app, or generate unlimited aliases on demand with a paid iCloud+ plan. Hide My Email has the advantage of using the `@icloud.com` domain for its aliases, which may be less likely to be blocked compared to other email aliasing services, but does not offer functionality offered by standalone services such as automatic PGP encryption or multiple mailbox support.
diff --git a/i18n/el/passwords.md b/i18n/el/passwords.md
index 8d86d9cb..84ebd38c 100644
--- a/i18n/el/passwords.md
+++ b/i18n/el/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[Εισαγωγή στους Κωδικούς :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/el/photo-management.md b/i18n/el/photo-management.md
index f67fdc53..ce234e10 100644
--- a/i18n/el/photo-management.md
+++ b/i18n/el/photo-management.md
@@ -5,6 +5,11 @@ description: Photo management tools to keep your personal photos safe from the p
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. These options keep your personal photos private, while allowing you to share them only with family and trusted people.
## Ente Photos
diff --git a/i18n/el/real-time-communication.md b/i18n/el/real-time-communication.md
index 4bd1f966..4194f9c2 100644
--- a/i18n/el/real-time-communication.md
+++ b/i18n/el/real-time-communication.md
@@ -6,6 +6,13 @@ description: Other instant messengers make all of your private conversations ava
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[Types of Communication Networks :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -67,7 +74,7 @@ We have some additional tips on configuring and hardening your Signal installati
{ align=right }
-**SimpleX** Chat is an instant messenger that is decentralized and doesn't depend on any unique identifiers such as phone numbers or usernames. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
[:octicons-home-16: Homepage](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Privacy Policy" }
@@ -98,7 +105,7 @@ SimpleX Chat supports basic group chatting functionality, direct messaging, and
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/el/security-keys.md b/i18n/el/security-keys.md
index 4c60d2c0..5fb71cc3 100644
--- a/i18n/el/security-keys.md
+++ b/i18n/el/security-keys.md
@@ -5,6 +5,11 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A physical **security key** adds a very strong layer of protection to your online accounts. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/el/tools.md b/i18n/el/tools.md
index a11dd413..7d95741b 100644
--- a/i18n/el/tools.md
+++ b/i18n/el/tools.md
@@ -31,6 +31,15 @@ For more details about each project, why they were chosen, and additional tips o
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/el/tor.md b/i18n/el/tor.md
index 688d5737..921e1aa2 100644
--- a/i18n/el/tor.md
+++ b/i18n/el/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Το Tor** είναι μια ομάδα διακομιστών που λειτουργούν εθελοντικά και σας επιτρέπουν να συνδεθείτε δωρεάν και να βελτιώσετε την ιδιωτικότητα και την ασφάλειά σας στο Διαδίκτυο. Τα άτομα και οι οργανισμοί μπορούν επίσης να μοιράζονται πληροφορίες μέσω του δικτύου Tor με τις κρυφές υπηρεσίες ".onion" χωρίς να θέτουν σε κίνδυνο την ιδιωτικότητά τους. Επειδή η διαδικτυακή κυκλοφορία του Tor είναι δύσκολο να μπλοκαριστεί και να ανιχνευθεί, το Tor είναι ένα αποτελεσματικό εργαλείο παράκαμψης της λογοκρισίας.
[Detailed Tor Overview :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-
-There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android.
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
-If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Tor Browser
diff --git a/i18n/el/vpn.md b/i18n/el/vpn.md
index a2e15518..4ccd88c4 100644
--- a/i18n/el/vpn.md
+++ b/i18n/el/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/eo/alternative-networks.md b/i18n/eo/alternative-networks.md
index 79017cee..4c8a6e25 100644
--- a/i18n/eo/alternative-networks.md
+++ b/i18n/eo/alternative-networks.md
@@ -5,9 +5,15 @@ description: These tools allow you to access networks other than the World Wide
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## Anonymizing Networks
-When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your anonymity, unless you know what you're doing.
+When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### Tor
@@ -15,7 +21,7 @@ When it comes to anonymizing networks, we want to specially note that [Tor](adva
{ align=right }
-The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective censorship circumvention tool.
+The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title=Homepage }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
diff --git a/i18n/eo/android/distributions.md b/i18n/eo/android/distributions.md
index 339587be..c3c27e85 100644
--- a/i18n/eo/android/distributions.md
+++ b/i18n/eo/android/distributions.md
@@ -29,6 +29,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A **custom Android-based operating system** (often known as a **custom ROM**) is a popular way to achieve higher levels of privacy and security on your device. This is in contrast to the "stock" version of Android which comes with your phone from the factory, and is often deeply integrated with Google Play Services.
We recommend installing one of these custom Android operating systems on your device, listed in order of preference, depending on your device's compatibility with these operating systems.
diff --git a/i18n/eo/android/general-apps.md b/i18n/eo/android/general-apps.md
index d13deac9..e3221737 100644
--- a/i18n/eo/android/general-apps.md
+++ b/i18n/eo/android/general-apps.md
@@ -91,6 +91,11 @@ The image orientation metadata is not deleted. If you enable location (in Secure
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/eo/browser-extensions.md b/i18n/eo/browser-extensions.md
index d5644115..f0a2bf5b 100644
--- a/i18n/eo/browser-extensions.md
+++ b/i18n/eo/browser-extensions.md
@@ -5,6 +5,10 @@ description: These browser extensions can enhance your browsing experience and p
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
In general, we recommend keeping your browser extensions to a minimum to decrease your attack surface. They have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
However, some provide functionality which can outweigh these downsides in certain situations, particularly when it comes to [content blocking](basics/common-threats.md#mass-surveillance-programs).
@@ -56,7 +60,7 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
{ align=right }
-**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function.
+**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/eo/calendar.md b/i18n/eo/calendar.md
index edcd57b4..e099cbf9 100644
--- a/i18n/eo/calendar.md
+++ b/i18n/eo/calendar.md
@@ -5,6 +5,11 @@ description: Calendars contain some of your most sensitive data; use products th
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Malaktivaj Atakoj](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Provizantoj de Servoj](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Calendars** contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
## Tuta
diff --git a/i18n/eo/cloud.md b/i18n/eo/cloud.md
index 1b691f08..3f2a9d1b 100644
--- a/i18n/eo/cloud.md
+++ b/i18n/eo/cloud.md
@@ -6,6 +6,11 @@ description: Many cloud storage providers require your trust that they will not
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Malaktivaj Atakoj](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Provizantoj de Servoj](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. The alternatives listed below eliminate the need for trust by implementing secure E2EE.
If these alternatives do not fit your needs, we suggest you look into using encryption software like [Cryptomator](encryption.md#cryptomator-cloud) with another cloud provider. Using Cryptomator in conjunction with **any** cloud provider (including these) may be a good idea to reduce the risk of encryption flaws in a provider's native clients.
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech).
+**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/eo/cryptocurrency.md b/i18n/eo/cryptocurrency.md
index 2fd5ccf5..550adcb3 100644
--- a/i18n/eo/cryptocurrency.md
+++ b/i18n/eo/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: Amasgvatado](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Cenzuro](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
Making payments online is one of the biggest challenges to privacy. These cryptocurrencies provide transaction privacy by default (something which is **not** guaranteed by the majority of cryptocurrencies), provided you have a strong understanding of how to make private payments effectively. We strongly encourage you first read our payments overview article before making any purchases:
[Making Private Payments :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -22,7 +27,7 @@ Many if not most cryptocurrency projects are scams. Make transactions carefully
{ align=right }
-**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve anonymity. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
[:octicons-home-16: Homepage](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentation}
diff --git a/i18n/eo/desktop-browsers.md b/i18n/eo/desktop-browsers.md
index ec7094f4..b74767bc 100644
--- a/i18n/eo/desktop-browsers.md
+++ b/i18n/eo/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **desktop web browsers** and configurations for standard/non-anonymous browsing. We recommend [Mullvad Browser](#mullvad-browser) if you are focused on strong privacy protections and anti-fingerprinting out of the box, [Firefox](#firefox) for casual internet browsers looking for a good alternative to Google Chrome, and [Brave](#brave) if you need Chromium browser compatibility.
If you need to browse the internet anonymously, you should use [Tor](tor.md) instead. We make some configuration recommendations on this page, but all browsers other than Tor Browser will be traceable by *somebody* in some manner or another.
@@ -67,7 +71,7 @@ If you need to browse the internet anonymously, you should use [Tor](tor.md) ins
{ align=right }
-**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed, aimed at providing Tor Browser's anti-fingerprinting browser technologies to VPN users. It is developed by the Tor Project and distributed by [Mullvad](vpn.md#mullvad), and does **not** require the use of Mullvad's VPN.
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. It is developed by the Tor Project and distributed by [Mullvad](vpn.md#mullvad), and does **not** require the use of Mullvad's VPN.
[:octicons-home-16: Homepage](https://mullvad.net/en/browser){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mullvad.net/en/help/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/eo/device-integrity.md b/i18n/eo/device-integrity.md
index fb19bab5..7de334df 100644
--- a/i18n/eo/device-integrity.md
+++ b/i18n/eo/device-integrity.md
@@ -45,6 +45,10 @@ These tools provide analysis based on the information they have the ability to a
## External Verification Tools
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -128,6 +132,11 @@ iMazing automates and interactively guides you through the process of using [MVT
## On-Device Verification
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
@@ -181,6 +190,10 @@ If your [threat model](basics/threat-modeling.md) requires privacy, you could co
## On-Device Scanners
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install on your device which scan your device for signs of compromise.
@@ -221,7 +234,7 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
{ align=right }
-**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Homepage](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/eo/dns.md b/i18n/eo/dns.md
index 0a7a804f..7846363c 100644
--- a/i18n/eo/dns.md
+++ b/i18n/eo/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
Encrypted DNS with third-party servers should only be used to get around basic [DNS blocking](https://en.wikipedia.org/wiki/DNS_blocking) when you can be sure there won't be any consequences. Encrypted DNS will not help you hide any of your browsing activity.
[Learn more about DNS :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/eo/document-collaboration.md b/i18n/eo/document-collaboration.md
index 4f7ed135..9bf30ec2 100644
--- a/i18n/eo/document-collaboration.md
+++ b/i18n/eo/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/eo/email-aliasing.md b/i18n/eo/email-aliasing.md
index 2b447982..c2f4c549 100644
--- a/i18n/eo/email-aliasing.md
+++ b/i18n/eo/email-aliasing.md
@@ -5,6 +5,11 @@ description: An email aliasing service allows you to easily generate a new email
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md). True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
diff --git a/i18n/eo/encryption.md b/i18n/eo/encryption.md
index da9ff73b..af68026a 100644
--- a/i18n/eo/encryption.md
+++ b/i18n/eo/encryption.md
@@ -14,11 +14,15 @@ The options listed here are multi-platform and great for creating encrypted back
### Cryptomator (Cloud)
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Malaktivaj Atakoj](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
{ align=right }
-**Cryptomator** is an encryption solution designed for privately saving files to any cloud provider. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
[:octicons-home-16: Homepage](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Privacy Policy" }
@@ -49,6 +53,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Picocrypt (File)
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -72,6 +80,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### VeraCrypt (Disk)
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -103,6 +115,10 @@ Truecrypt has been [audited a number of times](https://en.wikipedia.org/wiki/Tru
## OS Full Disk Encryption
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
### BitLocker
@@ -227,6 +243,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## Command-line
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Tools with command-line interfaces are useful for integrating [shell scripts](https://en.wikipedia.org/wiki/Shell_script).
### Kryptor
@@ -273,6 +293,12 @@ Tools with command-line interfaces are useful for integrating [shell scripts](ht
## OpenPGP
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Malaktivaj Atakoj](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Provizantoj de Servoj](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP is sometimes needed for specific tasks such as digitally signing and encrypting email. PGP has many features and is [complex](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) as it has been around a long time. For tasks such as signing or encrypting files, we suggest the above options.
When encrypting with PGP, you have the option to configure different options in your `gpg.conf` file. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/eo/file-sharing.md b/i18n/eo/file-sharing.md
index cfe78654..ac0e7649 100644
--- a/i18n/eo/file-sharing.md
+++ b/i18n/eo/file-sharing.md
@@ -5,6 +5,10 @@ description: Discover how to privately share your files between your devices, wi
cover: file-sharing.webp
---
+Protects against the following threat(s):
+
+- [:material-server-network: Provizantoj de Servoj](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Discover how to privately share your files between your devices, with your friends and family, or anonymously online.
## File Sharing
@@ -39,7 +43,7 @@ ffsend upload --host https://send.vis.ee/ FILE
{ align=right }
-**OnionShare** is an open-source tool that lets you securely and anonymously share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.
[:octicons-home-16: Homepage](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Onion Service" }
@@ -57,6 +61,8 @@ ffsend upload --host https://send.vis.ee/ FILE
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### Criteria
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
diff --git a/i18n/eo/language-tools.md b/i18n/eo/language-tools.md
index 1f6f756c..b69f9ff1 100644
--- a/i18n/eo/language-tools.md
+++ b/i18n/eo/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/eo/mobile-browsers.md b/i18n/eo/mobile-browsers.md
index 1fdcb7a1..82ebedc0 100644
--- a/i18n/eo/mobile-browsers.md
+++ b/i18n/eo/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. If you need to browse the internet anonymously, you should use [Tor](tor.md) instead.
## Android
diff --git a/i18n/eo/mobile-phones.md b/i18n/eo/mobile-phones.md
index 05d9bc84..c65b0814 100644
--- a/i18n/eo/mobile-phones.md
+++ b/i18n/eo/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/eo/multi-factor-authentication.md b/i18n/eo/multi-factor-authentication.md
index 6155ae93..87185132 100644
--- a/i18n/eo/multi-factor-authentication.md
+++ b/i18n/eo/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Hardware Keys
diff --git a/i18n/eo/notebooks.md b/i18n/eo/notebooks.md
index d450ba8b..0d981eb2 100644
--- a/i18n/eo/notebooks.md
+++ b/i18n/eo/notebooks.md
@@ -5,6 +5,10 @@ description: These encrypted note-taking apps let you keep track of your notes w
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Provizantoj de Servoj](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Keep track of your notes and journalings without giving them to a third-party.
If you are currently using an application like Evernote, Google Keep, or Microsoft OneNote, we suggest you pick an alternative here that supports E2EE.
diff --git a/i18n/eo/os/ios-overview.md b/i18n/eo/os/ios-overview.md
index b0935919..0100a6f3 100644
--- a/i18n/eo/os/ios-overview.md
+++ b/i18n/eo/os/ios-overview.md
@@ -42,7 +42,7 @@ You can also protect your data by limiting what you sync to iCloud in the first
A paid **iCloud+** subscription (with any iCloud storage plan) comes with some privacy-protecting functionality. While these may provide adequate service for current iCloud customers, we wouldn't recommend purchasing an iCloud+ plan over a [VPN](../vpn.md) and [standalone email aliasing service](../email-aliasing.md) just for these features alone.
-**Private Relay** is a proxy service which relays your Safari traffic through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a full VPN, Private Relay does not protect traffic from your apps outside of Safari.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Hide My Email** is Apple's email aliasing service. You can create an email aliases for free when you *Sign In With Apple* on a website or app, or generate unlimited aliases on demand with a paid iCloud+ plan. Hide My Email has the advantage of using the `@icloud.com` domain for its aliases, which may be less likely to be blocked compared to other email aliasing services, but does not offer functionality offered by standalone services such as automatic PGP encryption or multiple mailbox support.
diff --git a/i18n/eo/passwords.md b/i18n/eo/passwords.md
index d86cbfb0..d6125039 100644
--- a/i18n/eo/passwords.md
+++ b/i18n/eo/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Malaktivaj Atakoj](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Provizantoj de Servoj](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[Introduction to Passwords :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/eo/photo-management.md b/i18n/eo/photo-management.md
index 89f3a7d0..c526c59a 100644
--- a/i18n/eo/photo-management.md
+++ b/i18n/eo/photo-management.md
@@ -5,6 +5,11 @@ description: Photo management tools to keep your personal photos safe from the p
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. These options keep your personal photos private, while allowing you to share them only with family and trusted people.
## Ente Photos
diff --git a/i18n/eo/real-time-communication.md b/i18n/eo/real-time-communication.md
index 4bd1f966..abc3f745 100644
--- a/i18n/eo/real-time-communication.md
+++ b/i18n/eo/real-time-communication.md
@@ -6,6 +6,13 @@ description: Other instant messengers make all of your private conversations ava
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Malaktivaj Atakoj](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Provizantoj de Servoj](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: Amasgvatado](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[Types of Communication Networks :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -67,7 +74,7 @@ We have some additional tips on configuring and hardening your Signal installati
{ align=right }
-**SimpleX** Chat is an instant messenger that is decentralized and doesn't depend on any unique identifiers such as phone numbers or usernames. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
[:octicons-home-16: Homepage](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Privacy Policy" }
@@ -98,7 +105,7 @@ SimpleX Chat supports basic group chatting functionality, direct messaging, and
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/eo/security-keys.md b/i18n/eo/security-keys.md
index 4c60d2c0..5fb71cc3 100644
--- a/i18n/eo/security-keys.md
+++ b/i18n/eo/security-keys.md
@@ -5,6 +5,11 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A physical **security key** adds a very strong layer of protection to your online accounts. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/eo/tools.md b/i18n/eo/tools.md
index 42932575..52a3d3d3 100644
--- a/i18n/eo/tools.md
+++ b/i18n/eo/tools.md
@@ -31,6 +31,15 @@ For more details about each project, why they were chosen, and additional tips o
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/eo/tor.md b/i18n/eo/tor.md
index 0f82d89f..393422ea 100644
--- a/i18n/eo/tor.md
+++ b/i18n/eo/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: Amasgvatado](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Cenzuro](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Tor** is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective censorship circumvention tool.
[Detailed Tor Overview :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-
-There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android.
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
-If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Tor Browser
diff --git a/i18n/eo/vpn.md b/i18n/eo/vpn.md
index 952e2952..9a192acf 100644
--- a/i18n/eo/vpn.md
+++ b/i18n/eo/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/es/alternative-networks.md b/i18n/es/alternative-networks.md
index 6a56c9e2..1a7880be 100644
--- a/i18n/es/alternative-networks.md
+++ b/i18n/es/alternative-networks.md
@@ -5,9 +5,15 @@ description: Estas herramientas te permiten acceder a redes distintas a la World
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## Redes anonimizadoras
-Cuando se trata de redes anonimizadoras, querenos destacar que [Tor](advanced/tor-overview.md) es nuestra primera opción. Es la red anónima más utilizada, fuertemente estudiada y activamente desarrollada. Usar otras redes podría poner en peligro tu anonimato, a menos que sepas lo que estás haciendo.
+Cuando se trata de redes anonimizadoras, querenos destacar que [Tor](advanced/tor-overview.md) es nuestra primera opción. Es la red anónima más utilizada, fuertemente estudiada y activamente desarrollada. Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### Tor
@@ -15,7 +21,7 @@ Cuando se trata de redes anonimizadoras, querenos destacar que [Tor](advanced/to
{ align=right }
-La red **Tor** es un grupo de servidores operados por voluntarios que te permiten conectarte de manera gratuita, además de mejorar tu privacidad y seguridad en Internet. Individuos y organizaciones también pueden compartir información a través de la red Tor con los "servicios ocultos .onion" sin comprometer su privacidad. Debido a que el tráfico de Tor es difícil de bloquear y rastrear, Tor es una herramienta eficaz para eludir la censura.
+La red **Tor** es un grupo de servidores operados por voluntarios que te permiten conectarte de manera gratuita, además de mejorar tu privacidad y seguridad en Internet. Individuos y organizaciones también pueden compartir información a través de la red Tor con los "servicios ocultos .onion" sin comprometer su privacidad. Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title=Página principal }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Servicio Onion" }
diff --git a/i18n/es/android/distributions.md b/i18n/es/android/distributions.md
index 4580a0b1..af26169e 100644
--- a/i18n/es/android/distributions.md
+++ b/i18n/es/android/distributions.md
@@ -29,6 +29,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Un **sistema operativo personalizado basado en Android** (también conocido como **ROM** personalizada) es una manera popular de alcanzar altos niveles de privacidad y seguridad en tu dispositivo. Esto contrasta con la versión "stock" de Android que viene preinstalada en tu teléfono y está profundamente integrada con los Servicios de Google Play.
Recomendamos instalar uno de estos sistemas operativos personalizados Android en tu dispositivo, listados en orden de preferencia, dependiendo de la compatibilidad de tu dispositivo con estos sistemas operativos.
diff --git a/i18n/es/android/general-apps.md b/i18n/es/android/general-apps.md
index e3abc06a..c67c1f7f 100644
--- a/i18n/es/android/general-apps.md
+++ b/i18n/es/android/general-apps.md
@@ -91,6 +91,11 @@ The image orientation metadata is not deleted. If you enable location (in Secure
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/es/browser-extensions.md b/i18n/es/browser-extensions.md
index 87ba45d7..e744a2cc 100644
--- a/i18n/es/browser-extensions.md
+++ b/i18n/es/browser-extensions.md
@@ -5,6 +5,10 @@ description: Estas extensiones de navegador pueden mejorar tu experiencia de nav
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
En general, recomendamos mantener las extensiones del navegador al mínimo para reducir la superficie de ataque. Tienen acceso privilegiado dentro de tu navegador, requieren que confíes en el desarrollador, pueden hacerte [destacar](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), y [debilitar](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) el aislamiento del sitio.
Sin embargo, algunas ofrecen funcionalidades que pueden compensar estos inconvenientes en determinadas situaciones, especialmente cuando se trata de [bloqueo de contenidos](basics/common-threats.md#mass-surveillance-programs).
@@ -56,7 +60,7 @@ uBlock Origin también tiene una versión "Lite" de su extensión, que ofrece un
{ align=right }
-**uBlock Origin Lite** es un bloqueador de contenidos compatible con Manifest V3. En comparación con el _uBlock Origin_ original, esta extensión no requiere amplios permisos de "lectura/modificación de datos" para funcionar.
+**uBlock Origin Lite** es un bloqueador de contenidos compatible con Manifest V3. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/es/calendar.md b/i18n/es/calendar.md
index cef27e51..dfbc19f0 100644
--- a/i18n/es/calendar.md
+++ b/i18n/es/calendar.md
@@ -5,6 +5,11 @@ description: Los calendarios contienen algunos de tus datos más sensibles; util
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Ataques pasivos](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Proveedores de servicios](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Calendars** contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
## Tuta
diff --git a/i18n/es/cloud.md b/i18n/es/cloud.md
index c4b02185..cf14248f 100644
--- a/i18n/es/cloud.md
+++ b/i18n/es/cloud.md
@@ -6,6 +6,11 @@ description: Muchos proveedores de almacenamiento en la nube exigen que confíes
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Ataques pasivos](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Proveedores de servicios](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. Las alternativas enumeradas a continuación eliminan la necesidad de confianza mediante la implementación de E2EE seguros.
Si estas alternativas no se ajustan a tus necesidades, te sugerimos que busques utilizar un software de encriptación como [Cryptomator](encryption.md#cryptomator-cloud) con otro proveedor en la nube. Utilizar Cryptomator junto con **cualquier** proveedor de la nube(incluidos estos) puede ser una buena idea para reducir el riesgo de fallos de cifrado en los clientes nativos de un proveedor.
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** es un protocolo descentralizado y una plataforma de código abierto para almacenamiento, redes sociales y aplicaciones. Proporciona un espacio seguro y privado donde los usuarios pueden almacenar, compartir y ver sus fotos, vídeos, documentos, etc. Peergos protege tus archivos con cifrado cuántico resistente de extremo a extremo y garantiza que todos los datos sobre tus archivos permanezcan privados. Está construido sobre [IPFS (InterPlanetary File System)](https://ipfs.tech).
+**Peergos** es un protocolo descentralizado y una plataforma de código abierto para almacenamiento, redes sociales y aplicaciones. Proporciona un espacio seguro y privado donde los usuarios pueden almacenar, compartir y ver sus fotos, vídeos, documentos, etc. Peergos protege tus archivos con cifrado cuántico resistente de extremo a extremo y garantiza que todos los datos sobre tus archivos permanezcan privados. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/es/cryptocurrency.md b/i18n/es/cryptocurrency.md
index 5ab73d26..3c0b83cf 100644
--- a/i18n/es/cryptocurrency.md
+++ b/i18n/es/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: Vigilancia masiva](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censura](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
Realizar pagos en línea es uno de los principales desafíos para la privacidad. Estas criptomonedas le brindan privacidad a sus transacciones (algo que **no** está garantizado por la mayoría de las criptomonedas), permitiéndole tener una alta comprensión de cómo hacer pagos privados correctamente. Le recomendamos encarecidamente que primero lea nuestro apartado de pagos antes de realizar cualquier compra:
[Hacer pagos privados: :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -22,7 +27,7 @@ Muchas, si no la mayoría de los proyectos de criptomonedas son estafas. Únicam
{ align=right }
-**Monero** utiliza una cadena de bloques (blockchain) con tecnologías que mejoran la privacidad. Cada transacción realizada con Monero, oculta el monto de la transacción, las direcciones de envío y recepción, además del origen de los fondos sin ningún intermediario, convirtiéndola en una opción ideal para los novatos en las criptomonedas.
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. Cada transacción realizada con Monero, oculta el monto de la transacción, las direcciones de envío y recepción, además del origen de los fondos sin ningún intermediario, convirtiéndola en una opción ideal para los novatos en las criptomonedas.
[:octicons-home-16: Página Principal](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentación}
diff --git a/i18n/es/desktop-browsers.md b/i18n/es/desktop-browsers.md
index 499949a1..ccfc29f8 100644
--- a/i18n/es/desktop-browsers.md
+++ b/i18n/es/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Capitalismo de Vigilancia](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
Estos son nuestros **navegadores** recomendados y las configuraciones para la navegación estándar/no anónima por Internet. Recomendamos [Mullvad Browser](#mullvad-browser) si estás centrado en fuertes protecciones de privacidad y contra huellas digitales desde el primer momento, [Firefox](#firefox) para navegantes ocasionales que buscan una buena alternativa a Google Chrome, y [Brave](#brave) si necesitas compatibilidad con el navegador Chromium.
Si necesitas navegar por Internet de forma anónima, deberías utilizar [Tor](tor.md) . Hacemos algunas recomendaciones de configuración en esta página, pero todos los navegadores que no sean Tor Browser serán rastreables por *alguien* de una forma u otra.
@@ -67,7 +71,7 @@ Si necesitas navegar por Internet de forma anónima, deberías utilizar [Tor](to
{ align=right }
-**Mullvad Browser** es una versión de [Tor Browser](tor.md#tor-browser) con las integraciones de la red Tor eliminadas, con el objetivo de proporcionar las tecnologías de navegación anti huella digital de Tor Browser a los usuarios de VPN. Es desarrollado por el Proyecto Tor y distribuido por [Mullvad](vpn.md#mullvad), y **no** requiere el uso de la VPN de Mullvad.
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. Es desarrollado por el Proyecto Tor y distribuido por [Mullvad](vpn.md#mullvad), y **no** requiere el uso de la VPN de Mullvad.
[:octicons-home-16: Página Principal](https://mullvad.net/en/browser){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mullvad.net/en/help/privacy-policy){ .card-link title="Política de Privacidad" }
diff --git a/i18n/es/device-integrity.md b/i18n/es/device-integrity.md
index 32f9e6a3..d3be722a 100644
--- a/i18n/es/device-integrity.md
+++ b/i18n/es/device-integrity.md
@@ -45,6 +45,10 @@ Estas herramientas proporcionan un análisis basado en la información de tu dis
## Herramientas externas de verificación
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -128,6 +132,11 @@ iMazing automatiza y te guía de forma interactiva a través del proceso de uso
## Verificación en el Dispositivo
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Se trata de aplicaciones que puedes instalar y que comprueban el dispositivo y el sistema operativo en busca de signos de manipulación y validan la identidad del dispositivo.
@@ -181,6 +190,10 @@ Si tu [modelo de amenaza](basics/threat-modeling.md) requiere privacidad, podrí
## Escáneres en el Dispositivo
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Se trata de aplicaciones que puedes instalar en tu dispositivo y que lo escanean en busca de señales de peligro.
@@ -221,7 +234,7 @@ Hypatia es especialmente buena en la detección de stalkerware común: Si sospec
{ align=right }
-**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. Esta también revisa tu dispositivo por indicadores de compromiso de herramientas de jailbreak o programas de espionaje como Pegasus.
+**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Homepage](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/es/dns.md b/i18n/es/dns.md
index c8d54708..aa75eb91 100644
--- a/i18n/es/dns.md
+++ b/i18n/es/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Capitalismo de Vigilancia](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
Un DNS encriptado con servidores de terceros solo debe utilizarse para evitar el [bloqueo de DNS básico](https://en.wikipedia.org/wiki/DNS_blocking) cuándo puedas estar seguro de que no habrá ningunas consecuencias. Un DNS encriptado no te ayudará a esconder ninguna de tu actividad en línea.
[Aprende más sobre DNS :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/es/document-collaboration.md b/i18n/es/document-collaboration.md
index b0ef19aa..3e227164 100644
--- a/i18n/es/document-collaboration.md
+++ b/i18n/es/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/es/email-aliasing.md b/i18n/es/email-aliasing.md
index a5eb6547..8c499b6e 100644
--- a/i18n/es/email-aliasing.md
+++ b/i18n/es/email-aliasing.md
@@ -5,6 +5,11 @@ description: Un servicio de alias de correo electrónico te permite generar con
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. Los alias de correo electrónico que generas son reenviados a una dirección de correo electrónico de tu elección, ocultando tanto tu dirección "principal" de correo electrónico como la identidad de tu [proveedor de correo electrónico](email.md). El verdadero alias de correo electrónico es mejor que el direccionamiento plus, comúnmente utilizado y admitido por muchos proveedores, que permite crear alias como `su nombre+[cualquiercosaaquí]@ejemplo.com`, porque los sitios web, los anunciantes y las redes de seguimiento pueden eliminar trivialmente cualquier cosa después del signo `+`. Organizaciones como la [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) solicitan que los anunciantes [normalicen las direcciones de correo electrónico](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) para poder correlacionarlas y rastrearlas, sin importar las preferencias de privacidad de los usuarios.
diff --git a/i18n/es/encryption.md b/i18n/es/encryption.md
index 1596dff3..1ae09f79 100644
--- a/i18n/es/encryption.md
+++ b/i18n/es/encryption.md
@@ -14,11 +14,15 @@ Las opciones enumeradas aquí son multiplataforma y excelentes para crear copias
### Cryptomator (Nube)
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Ataques pasivos](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
{ align=right }
-**Cryptomator** es una solución de cifrado diseñada para guardar archivos de forma privada en cualquier proveedor en la nube. Le permite crear bóvedas que se almacenan en una unidad virtual, cuyo contenido está cifrado y sincronizado con su proveedor de almacenamiento en la nube.
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. Le permite crear bóvedas que se almacenan en una unidad virtual, cuyo contenido está cifrado y sincronizado con su proveedor de almacenamiento en la nube.
[:octicons-home-16: Página Principal](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Política de Privacidad" }
@@ -49,6 +53,10 @@ La documentación de Cryptomator detalla con más detalle su [objetivo de seguri
### Picocrypt (Archivo)
+
Protects against the following threat(s):
+
+- [:material-target-account: Ataques dirigidos](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -72,6 +80,10 @@ La documentación de Cryptomator detalla con más detalle su [objetivo de seguri
### VeraCrypt (Disco)
+
Protects against the following threat(s):
+
+- [:material-target-account: Ataques dirigidos](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -103,6 +115,10 @@ Truecrypt ha sido [auditado un buen número de veces](https://en.wikipedia.org/w
## Cifrado de Disco Completo del Sistema Operativo
+
Protects against the following threat(s):
+
+- [:material-target-account: Ataques dirigidos](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Para cifrar la unidad desde la que inicia el sistema operativo, por lo general recomendamos habilitar el software de cifrado que viene incluido en el propio sistema operativo, en vez de utilizar una herramienta creada por terceros. Esto se debe a que las herramientas de cifrado propias del sistema operativo suelen utilizar características específicas del sistema operativo y el hardware, como el [criptoprocesador seguro](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) del dispositivo para proteger la computadora contra ataques físicos más avanzados. Para unidades secundarias y externas que *no* se utilizan para iniciar, recomendamos utilizar herramientas de código abierto como [VeraCrypt](#veracrypt-disk) en vez de las siguientes herramientas, porque estas ofrecen más flexibilidad y permiten evitar la dependencia de un proveedor.
### BitLocker
@@ -227,6 +243,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## Línea de Comandos
+
Protects against the following threat(s):
+
+- [:material-target-account: Ataques dirigidos](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Las herramientas con interfaces de línea de comandos son útiles para integrar
scripts de shell.
### Kryptor
@@ -273,6 +293,12 @@ Las herramientas con interfaces de línea de comandos son útiles para integrar
## OpenPGP
+
Protects against the following threat(s):
+
+- [:material-target-account: Ataques dirigidos](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Ataques pasivos](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Proveedores de servicios](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP es a veces necesario para tareas específicas como la firma digital y el cifrado de correo electrónico. PGP tiene muchas funciones y es [complejo](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) ya que existe desde hace mucho tiempo. Para tareas como firmar o cifrar archivos, sugerimos las opciones anteriores.
Al cifrar con PGP, tiene la opción de configurar diferentes opciones en su archivo `gpg.conf`. Recomendamos utilizar las opciones estándar especificadas en las [Preguntas Frecuentes de los Usuarios de GnuPG](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/es/file-sharing.md b/i18n/es/file-sharing.md
index fd016902..b12922c0 100644
--- a/i18n/es/file-sharing.md
+++ b/i18n/es/file-sharing.md
@@ -5,6 +5,10 @@ description: Descubra cómo puede compartir de manera privada sus archivos entre
cover: file-sharing.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Proveedores de servicios](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Descubra cómo puede compartir de manera privada sus archivos entre sus dispositivos, con sus amigos y familia, o de manera anónima en línea.
## Programas para compartir archivos
@@ -39,7 +43,7 @@ ffsend upload --host https://send.vis.ee/ FILE
{ align=right }
-**OnionShare** es una herramienta de código abierto que permite compartir de manera segura y anónima un archivo de cualquier tamaño. Funciona iniciando un servidor web accesible como un servicio onion de Tor, con un enlace indescifrable que se puede compartir con los receptores para descargar o enviar archivos.
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. Funciona iniciando un servidor web accesible como un servicio onion de Tor, con un enlace indescifrable que se puede compartir con los receptores para descargar o enviar archivos.
[:octicons-home-16: Página Principal](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Servicio Onion" }
@@ -57,6 +61,8 @@ ffsend upload --host https://send.vis.ee/ FILE
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### Criterios
**Por favor, tome en cuenta que no estamos afiliados con ninguno de los proyectos que recomendamos.** En adición a [nuestros criterios estándares](about/criteria.md), hemos desarrollado un claro conjunto de requisitos para permitirnos brindar recomendaciones objetivas. Sugerimos que usted se familiarice con esta lista antes de optar por utilizar un proyecto, y realizar su propia investigación para asegurarse que es la elección adecuada.
diff --git a/i18n/es/language-tools.md b/i18n/es/language-tools.md
index 2c8018a9..52c65307 100644
--- a/i18n/es/language-tools.md
+++ b/i18n/es/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/es/mobile-browsers.md b/i18n/es/mobile-browsers.md
index 66843855..ce9a52e1 100644
--- a/i18n/es/mobile-browsers.md
+++ b/i18n/es/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Capitalismo de Vigilancia](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. Si necesitas navegar por Internet de forma anónima, deberías utilizar [Tor](tor.md) .
## Android
diff --git a/i18n/es/mobile-phones.md b/i18n/es/mobile-phones.md
index d6fce6f2..9f8a96cf 100644
--- a/i18n/es/mobile-phones.md
+++ b/i18n/es/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
La mayoría de los **teléfonos celulares** reciben actualizaciones de seguridad en periodos cortos o limitados por parte de los fabricantes; luego de que estos dispositivos alcanzan el final de su periodo de soporte, **no** pueden ser considerados como seguros porque no recibirán actualizaciones de seguridad del firmware o los controladores.
Los dispositivos móviles listados aquí proporcionan una larga vida útil de actualizaciones de seguridad garantizadas y permiten la instalación de un sistema operativo personalizado sin violar el modelo de seguridad de Android.
diff --git a/i18n/es/multi-factor-authentication.md b/i18n/es/multi-factor-authentication.md
index 32a148de..37fba8e8 100644
--- a/i18n/es/multi-factor-authentication.md
+++ b/i18n/es/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: Estas herramientas te ayudan a proteger tus cuentas de Internet con
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Ataques dirigidos](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Hardware Keys
diff --git a/i18n/es/notebooks.md b/i18n/es/notebooks.md
index 157f4b2a..845fde7e 100644
--- a/i18n/es/notebooks.md
+++ b/i18n/es/notebooks.md
@@ -5,6 +5,10 @@ description: Estas aplicaciones encriptadas para tomar notas te permiten hacer u
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Proveedores de servicios](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Mantén el control de tus notas y diarios sin darlos a un tercero.
Si actualmente utilizas una aplicación como Evernote, Google Keep o Microsoft OneNote, te sugerimos que elijas aquí una alternativa que soporte [Cifrado de extremo a extremo (E2EE)](https://es.wikipedia.org/wiki/Cifrado_de_extremo_a_extremo).
diff --git a/i18n/es/os/ios-overview.md b/i18n/es/os/ios-overview.md
index b1c118e0..9170e82d 100644
--- a/i18n/es/os/ios-overview.md
+++ b/i18n/es/os/ios-overview.md
@@ -42,7 +42,7 @@ También puedes proteger tus datos limitando lo que sincronizas con iCloud. En l
Una suscripción de pago a **iCloud+** (con cualquier plan de almacenamiento de iCloud) incluye algunas funciones de protección de la privacidad. While these may provide adequate service for current iCloud customers, we wouldn't recommend purchasing an iCloud+ plan over a [VPN](../vpn.md) and [standalone email aliasing service](../email-aliasing.md) just for these features alone.
-**Relay Privado** es un servicio proxy que retransmite tu tráfico de Safari a través de dos servidores: uno propiedad de Apple y otro de un proveedor externo (incluyendo Akamai, Cloudflare y Fastly). En teoría, esto debería impedir que cualquier proveedor de la cadena -incluido Apple- tenga plena visibilidad de los sitios web que visitas mientras estás conectado. A diferencia de una VPN completa, el Relay Privado no protege el tráfico de tus aplicaciones fuera de Safari.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). En teoría, esto debería impedir que cualquier proveedor de la cadena -incluido Apple- tenga plena visibilidad de los sitios web que visitas mientras estás conectado. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Ocultar Mi Correo Electrónico** es el servicio de alias de correo electrónico de Apple. Puede crear un alias de correo electrónico de forma gratuita al *Iniciar sesión con Apple* en un sitio web o una aplicación, o generar alias ilimitados bajo demanda con un plan iCloud+ de pago. Ocultar Mi Correo Electrónico tiene la ventaja de utilizar el dominio `@icloud.com` para sus alias, que puede ser menos susceptible de ser bloqueado en comparación con otros servicios de alias de correo electrónico, pero no ofrece la funcionalidad que ofrecen los servicios independientes, como el cifrado PGP automático o la compatibilidad con múltiples buzones de correo.
diff --git a/i18n/es/passwords.md b/i18n/es/passwords.md
index aa2c4852..d2bb7704 100644
--- a/i18n/es/passwords.md
+++ b/i18n/es/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Ataques dirigidos](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Ataques pasivos](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Proveedores de servicios](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[Introducción a las Contraseñas :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/es/photo-management.md b/i18n/es/photo-management.md
index d877cf2c..61937a13 100644
--- a/i18n/es/photo-management.md
+++ b/i18n/es/photo-management.md
@@ -5,6 +5,11 @@ description: Herramientas de gestión de fotos para mantener tus fotos personale
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. Estas opciones mantienen la privacidad de tus fotos personales y te permiten compartirlas solo con familiares y personas de confianza.
## Ente Photos
diff --git a/i18n/es/real-time-communication.md b/i18n/es/real-time-communication.md
index fc6adff0..7ca50d17 100644
--- a/i18n/es/real-time-communication.md
+++ b/i18n/es/real-time-communication.md
@@ -6,6 +6,13 @@ description: Otros servicios de mensajería instantánea ponen todas sus convers
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Ataques pasivos](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Proveedores de servicios](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: Vigilancia masiva](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: Capitalismo de Vigilancia](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[Tipos de Redes de Comunicación :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -67,7 +74,7 @@ Tenemos algunos consejos adicionales para configurar y endurecer su instalación
{ align=right }
-**SimpleX** Chat es un servicio de mensajería instantánea descentralizado que no depende de ningún identificador único, como números de teléfono o nombres de usuario. Los usuarios de SimpleX Chat pueden escanear un código QR o hacer clic en un enlace de invitación para participar en conversaciones de grupo.
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Los usuarios de SimpleX Chat pueden escanear un código QR o hacer clic en un enlace de invitación para participar en conversaciones de grupo.
[:octicons-home-16: Página Principal](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Politica de Privacidad" }
@@ -98,7 +105,7 @@ SimpleX Chat soporta funcionalidades básicas de chat en grupo, mensajería dire
{ align=right }
-**Briar** es un servicio de mensajería instantánea encriptado que [conecta](https://briarproject.org/how-it-works/) a otros clientes usando la red Tor. Briar también puede conectarse a través de Wi-Fi o Bluetooth si está cerca. El modo de malla local de Briar puede ser útil cuando la disponibilidad de Internet es un problema.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar también puede conectarse a través de Wi-Fi o Bluetooth si está cerca. El modo de malla local de Briar puede ser útil cuando la disponibilidad de Internet es un problema.
[:octicons-home-16: Página Principal](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="k title="Política de Privacidad" }
diff --git a/i18n/es/security-keys.md b/i18n/es/security-keys.md
index e18d0dc7..8dbab340 100644
--- a/i18n/es/security-keys.md
+++ b/i18n/es/security-keys.md
@@ -5,6 +5,11 @@ description: Estas herramientas te ayudan a proteger tus cuentas de Internet con
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A physical **security key** adds a very strong layer of protection to your online accounts. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/es/tools.md b/i18n/es/tools.md
index 3749c16a..df9813f1 100644
--- a/i18n/es/tools.md
+++ b/i18n/es/tools.md
@@ -31,6 +31,15 @@ Para obtener más información sobre cada proyecto, por qué han sido elegidos y
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/es/tor.md b/i18n/es/tor.md
index a8b12784..d516ce2c 100644
--- a/i18n/es/tor.md
+++ b/i18n/es/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: Capitalismo de Vigilancia](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: Vigilancia masiva](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censura](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Tor** es un grupo de servidores operados por voluntarios que te permiten conectarte gratuitamente, además de mejorar tu privacidad y seguridad en Internet. Individuos y organizaciones también pueden compartir información a través de la red Tor con los "servicios ocultos .onion" sin comprometer su privacidad. Debido a que el tráfico de Tor es difícil de bloquear y rastrear, Tor es una herramienta eficaz para eludir la censura.
[Descripción detallada de Tor :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Antes de conectarte a Tor, por favor, asegúrate de haber leído nuestro [overvi
-Hay varias maneras de conectarte a la red Tor desde tu dispositivo, la más utilizada es **Tor Browser**, un fork de Firefox diseñado para la navegación anónima para computadoras y Android.
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Algunas de estas aplicaciones son mejores que otras y, una vez más, la decisión depende de tu modelo de amenazas. Si eres un usuario ocasional de Tor que no está preocupado porque tu ISP recopile pruebas contra ti, usar aplicaciones como [Orbot](#orbot) o aplicaciones de navegador móvil para acceder a la red Tor probablemente esté bien. Aumentar el número de personas que usan Tor a diario ayuda a reducir el mal estigma de Tor, y disminuye la calidad de las "listas de usuarios de Tor" que los ISP y los gobiernos pueden compilar.
-Si un anonimato más completo es primordial para tu situación, deberías **solo** usar el cliente de escritorio de Tor Browser, idealmente en una configuración [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os). Los navegadores móviles son menos comunes en Tor (y más susceptibles de huellas digitales como resultado), y otras configuraciones no se prueban tan rigurosamente contra la desanonimización.
+Si un anonimato más completo es primordial para tu situación, deberías **solo** usar el cliente de escritorio de Tor Browser, idealmente en una configuración [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os). Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Tor Browser
diff --git a/i18n/es/vpn.md b/i18n/es/vpn.md
index 39756a4a..31c90d7f 100644
--- a/i18n/es/vpn.md
+++ b/i18n/es/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: Capitalismo de Vigilancia](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/fa/alternative-networks.md b/i18n/fa/alternative-networks.md
index 31daf00d..719ba6f7 100644
--- a/i18n/fa/alternative-networks.md
+++ b/i18n/fa/alternative-networks.md
@@ -5,9 +5,15 @@ description: These tools allow you to access networks other than the World Wide
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## Anonymizing Networks
-When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your anonymity, unless you know what you're doing.
+When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### شبکه تور
@@ -15,7 +21,7 @@ When it comes to anonymizing networks, we want to specially note that [Tor](adva
{ align=right }
-The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective censorship circumvention tool.
+The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title=Homepage }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
diff --git a/i18n/fa/android/distributions.md b/i18n/fa/android/distributions.md
index 339587be..c3c27e85 100644
--- a/i18n/fa/android/distributions.md
+++ b/i18n/fa/android/distributions.md
@@ -29,6 +29,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A **custom Android-based operating system** (often known as a **custom ROM**) is a popular way to achieve higher levels of privacy and security on your device. This is in contrast to the "stock" version of Android which comes with your phone from the factory, and is often deeply integrated with Google Play Services.
We recommend installing one of these custom Android operating systems on your device, listed in order of preference, depending on your device's compatibility with these operating systems.
diff --git a/i18n/fa/android/general-apps.md b/i18n/fa/android/general-apps.md
index d13deac9..e3221737 100644
--- a/i18n/fa/android/general-apps.md
+++ b/i18n/fa/android/general-apps.md
@@ -91,6 +91,11 @@ The image orientation metadata is not deleted. If you enable location (in Secure
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/fa/browser-extensions.md b/i18n/fa/browser-extensions.md
index d5644115..f0a2bf5b 100644
--- a/i18n/fa/browser-extensions.md
+++ b/i18n/fa/browser-extensions.md
@@ -5,6 +5,10 @@ description: These browser extensions can enhance your browsing experience and p
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
In general, we recommend keeping your browser extensions to a minimum to decrease your attack surface. They have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
However, some provide functionality which can outweigh these downsides in certain situations, particularly when it comes to [content blocking](basics/common-threats.md#mass-surveillance-programs).
@@ -56,7 +60,7 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
{ align=right }
-**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function.
+**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/fa/calendar.md b/i18n/fa/calendar.md
index edcd57b4..e44bf1ee 100644
--- a/i18n/fa/calendar.md
+++ b/i18n/fa/calendar.md
@@ -5,6 +5,11 @@ description: Calendars contain some of your most sensitive data; use products th
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Calendars** contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
## Tuta
diff --git a/i18n/fa/cloud.md b/i18n/fa/cloud.md
index 1b691f08..42467f65 100644
--- a/i18n/fa/cloud.md
+++ b/i18n/fa/cloud.md
@@ -6,6 +6,11 @@ description: Many cloud storage providers require your trust that they will not
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. The alternatives listed below eliminate the need for trust by implementing secure E2EE.
If these alternatives do not fit your needs, we suggest you look into using encryption software like [Cryptomator](encryption.md#cryptomator-cloud) with another cloud provider. Using Cryptomator in conjunction with **any** cloud provider (including these) may be a good idea to reduce the risk of encryption flaws in a provider's native clients.
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech).
+**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/fa/cryptocurrency.md b/i18n/fa/cryptocurrency.md
index 2fd5ccf5..348e2546 100644
--- a/i18n/fa/cryptocurrency.md
+++ b/i18n/fa/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
Making payments online is one of the biggest challenges to privacy. These cryptocurrencies provide transaction privacy by default (something which is **not** guaranteed by the majority of cryptocurrencies), provided you have a strong understanding of how to make private payments effectively. We strongly encourage you first read our payments overview article before making any purchases:
[Making Private Payments :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -22,7 +27,7 @@ Many if not most cryptocurrency projects are scams. Make transactions carefully
{ align=right }
-**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve anonymity. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
[:octicons-home-16: Homepage](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentation}
diff --git a/i18n/fa/desktop-browsers.md b/i18n/fa/desktop-browsers.md
index d6baaf3d..b9d55cfd 100644
--- a/i18n/fa/desktop-browsers.md
+++ b/i18n/fa/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **desktop web browsers** and configurations for standard/non-anonymous browsing. اگر شما دنبال حفاظت قوی از حریم خصوصی و anti-fingerprinting هستید ما به شما مرورگر، [Mullvad Browser](#mullvad-browser) را توصیه میکنیم، [Firefox](#firefox) را برای کاربران عادی اینترنتی که به دنبال جایگزین مناسبی برای Google Chrome هستند پیشنهاد میکنیم و [Brave](#brave) در صورتی نیاز به سازگاری با مرورگر Chromium دارید.
اگر نیاز به مرور اینترنت به صورت ناشناس دارید، بهتر است از مرورگر [Tor](tor.md) استفاده کنید. ما در این صفحه برخی از تنظیمات را توصیه میکنیم، اما تمامی مرورگرها به جز Tor Browser به طریقی یا ناگزیر توسط *کسی* قابل ردیابی هستند.
@@ -67,7 +71,7 @@ These are our currently recommended **desktop web browsers** and configurations
{ align=right }
-**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed, aimed at providing Tor Browser's anti-fingerprinting browser technologies to VPN users. It is developed by the Tor Project and distributed by [Mullvad](vpn.md#mullvad), and does **not** require the use of Mullvad's VPN.
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. It is developed by the Tor Project and distributed by [Mullvad](vpn.md#mullvad), and does **not** require the use of Mullvad's VPN.
[:octicons-home-16: Homepage](https://mullvad.net/en/browser){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mullvad.net/en/help/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/fa/device-integrity.md b/i18n/fa/device-integrity.md
index fb19bab5..7de334df 100644
--- a/i18n/fa/device-integrity.md
+++ b/i18n/fa/device-integrity.md
@@ -45,6 +45,10 @@ These tools provide analysis based on the information they have the ability to a
## External Verification Tools
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -128,6 +132,11 @@ iMazing automates and interactively guides you through the process of using [MVT
## On-Device Verification
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
@@ -181,6 +190,10 @@ If your [threat model](basics/threat-modeling.md) requires privacy, you could co
## On-Device Scanners
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install on your device which scan your device for signs of compromise.
@@ -221,7 +234,7 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
{ align=right }
-**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Homepage](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/fa/dns.md b/i18n/fa/dns.md
index 0a7a804f..7846363c 100644
--- a/i18n/fa/dns.md
+++ b/i18n/fa/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
Encrypted DNS with third-party servers should only be used to get around basic [DNS blocking](https://en.wikipedia.org/wiki/DNS_blocking) when you can be sure there won't be any consequences. Encrypted DNS will not help you hide any of your browsing activity.
[Learn more about DNS :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/fa/document-collaboration.md b/i18n/fa/document-collaboration.md
index 4f7ed135..9bf30ec2 100644
--- a/i18n/fa/document-collaboration.md
+++ b/i18n/fa/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/fa/email-aliasing.md b/i18n/fa/email-aliasing.md
index 2b447982..c2f4c549 100644
--- a/i18n/fa/email-aliasing.md
+++ b/i18n/fa/email-aliasing.md
@@ -5,6 +5,11 @@ description: An email aliasing service allows you to easily generate a new email
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md). True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
diff --git a/i18n/fa/encryption.md b/i18n/fa/encryption.md
index da9ff73b..4e15e295 100644
--- a/i18n/fa/encryption.md
+++ b/i18n/fa/encryption.md
@@ -14,11 +14,15 @@ The options listed here are multi-platform and great for creating encrypted back
### Cryptomator (Cloud)
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
{ align=right }
-**Cryptomator** is an encryption solution designed for privately saving files to any cloud provider. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
[:octicons-home-16: Homepage](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Privacy Policy" }
@@ -49,6 +53,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Picocrypt (File)
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -72,6 +80,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### VeraCrypt (Disk)
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -103,6 +115,10 @@ Truecrypt has been [audited a number of times](https://en.wikipedia.org/wiki/Tru
## OS Full Disk Encryption
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
### BitLocker
@@ -227,6 +243,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## Command-line
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Tools with command-line interfaces are useful for integrating [shell scripts](https://en.wikipedia.org/wiki/Shell_script).
### Kryptor
@@ -273,6 +293,12 @@ Tools with command-line interfaces are useful for integrating [shell scripts](ht
## OpenPGP
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP is sometimes needed for specific tasks such as digitally signing and encrypting email. PGP has many features and is [complex](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) as it has been around a long time. For tasks such as signing or encrypting files, we suggest the above options.
When encrypting with PGP, you have the option to configure different options in your `gpg.conf` file. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/fa/file-sharing.md b/i18n/fa/file-sharing.md
index cfe78654..65d61df7 100644
--- a/i18n/fa/file-sharing.md
+++ b/i18n/fa/file-sharing.md
@@ -5,6 +5,10 @@ description: Discover how to privately share your files between your devices, wi
cover: file-sharing.webp
---
+Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Discover how to privately share your files between your devices, with your friends and family, or anonymously online.
## File Sharing
@@ -39,7 +43,7 @@ ffsend upload --host https://send.vis.ee/ FILE
{ align=right }
-**OnionShare** is an open-source tool that lets you securely and anonymously share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.
[:octicons-home-16: Homepage](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Onion Service" }
@@ -57,6 +61,8 @@ ffsend upload --host https://send.vis.ee/ FILE
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### Criteria
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
diff --git a/i18n/fa/language-tools.md b/i18n/fa/language-tools.md
index 1f6f756c..b69f9ff1 100644
--- a/i18n/fa/language-tools.md
+++ b/i18n/fa/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/fa/mobile-browsers.md b/i18n/fa/mobile-browsers.md
index 43ec5abe..457c4dfb 100644
--- a/i18n/fa/mobile-browsers.md
+++ b/i18n/fa/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. If you need to browse the internet anonymously, you should use [Tor](tor.md) instead.
## Android
diff --git a/i18n/fa/mobile-phones.md b/i18n/fa/mobile-phones.md
index 05d9bc84..c65b0814 100644
--- a/i18n/fa/mobile-phones.md
+++ b/i18n/fa/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/fa/multi-factor-authentication.md b/i18n/fa/multi-factor-authentication.md
index 6155ae93..87185132 100644
--- a/i18n/fa/multi-factor-authentication.md
+++ b/i18n/fa/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Hardware Keys
diff --git a/i18n/fa/notebooks.md b/i18n/fa/notebooks.md
index 593b0309..20eb0eca 100644
--- a/i18n/fa/notebooks.md
+++ b/i18n/fa/notebooks.md
@@ -5,6 +5,10 @@ description: These encrypted note-taking apps let you keep track of your notes w
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
یادداشت ها و ژورنال های خود را بدون دادن به شخص ثالث پیگیری کنید.
اگر در حال حاضر از برنامهای مانند Evernote، Google Keep یا Microsoft OneNote استفاده میکنید، پیشنهاد میکنیم یک جایگزین را در اینجا انتخاب کنید که از E2EE پشتیبانی میکند.
diff --git a/i18n/fa/os/ios-overview.md b/i18n/fa/os/ios-overview.md
index 25bd54bd..bba55cc6 100644
--- a/i18n/fa/os/ios-overview.md
+++ b/i18n/fa/os/ios-overview.md
@@ -42,7 +42,7 @@ You can also protect your data by limiting what you sync to iCloud in the first
A paid **iCloud+** subscription (with any iCloud storage plan) comes with some privacy-protecting functionality. While these may provide adequate service for current iCloud customers, we wouldn't recommend purchasing an iCloud+ plan over a [VPN](../vpn.md) and [standalone email aliasing service](../email-aliasing.md) just for these features alone.
-**Private Relay** is a proxy service which relays your Safari traffic through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a full VPN, Private Relay does not protect traffic from your apps outside of Safari.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Hide My Email** is Apple's email aliasing service. You can create an email aliases for free when you *Sign In With Apple* on a website or app, or generate unlimited aliases on demand with a paid iCloud+ plan. Hide My Email has the advantage of using the `@icloud.com` domain for its aliases, which may be less likely to be blocked compared to other email aliasing services, but does not offer functionality offered by standalone services such as automatic PGP encryption or multiple mailbox support.
diff --git a/i18n/fa/passwords.md b/i18n/fa/passwords.md
index d86cbfb0..c4cb82c1 100644
--- a/i18n/fa/passwords.md
+++ b/i18n/fa/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[Introduction to Passwords :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/fa/photo-management.md b/i18n/fa/photo-management.md
index 89f3a7d0..c526c59a 100644
--- a/i18n/fa/photo-management.md
+++ b/i18n/fa/photo-management.md
@@ -5,6 +5,11 @@ description: Photo management tools to keep your personal photos safe from the p
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. These options keep your personal photos private, while allowing you to share them only with family and trusted people.
## Ente Photos
diff --git a/i18n/fa/real-time-communication.md b/i18n/fa/real-time-communication.md
index 4bd1f966..4194f9c2 100644
--- a/i18n/fa/real-time-communication.md
+++ b/i18n/fa/real-time-communication.md
@@ -6,6 +6,13 @@ description: Other instant messengers make all of your private conversations ava
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[Types of Communication Networks :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -67,7 +74,7 @@ We have some additional tips on configuring and hardening your Signal installati
{ align=right }
-**SimpleX** Chat is an instant messenger that is decentralized and doesn't depend on any unique identifiers such as phone numbers or usernames. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
[:octicons-home-16: Homepage](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Privacy Policy" }
@@ -98,7 +105,7 @@ SimpleX Chat supports basic group chatting functionality, direct messaging, and
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/fa/security-keys.md b/i18n/fa/security-keys.md
index 4c60d2c0..5fb71cc3 100644
--- a/i18n/fa/security-keys.md
+++ b/i18n/fa/security-keys.md
@@ -5,6 +5,11 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A physical **security key** adds a very strong layer of protection to your online accounts. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/fa/tools.md b/i18n/fa/tools.md
index 6f51dded..47b81a0f 100644
--- a/i18n/fa/tools.md
+++ b/i18n/fa/tools.md
@@ -31,6 +31,15 @@ For more details about each project, why they were chosen, and additional tips o
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/fa/tor.md b/i18n/fa/tor.md
index 0f82d89f..5b2163c2 100644
--- a/i18n/fa/tor.md
+++ b/i18n/fa/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Tor** is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective censorship circumvention tool.
[Detailed Tor Overview :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-
-There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android.
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
-If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Tor Browser
diff --git a/i18n/fa/vpn.md b/i18n/fa/vpn.md
index 53662a7e..0e98572b 100644
--- a/i18n/fa/vpn.md
+++ b/i18n/fa/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/fr/alternative-networks.md b/i18n/fr/alternative-networks.md
index a16ab5ea..3772f4ea 100644
--- a/i18n/fr/alternative-networks.md
+++ b/i18n/fr/alternative-networks.md
@@ -5,9 +5,15 @@ description: Ces outils vous permettent d'accéder à des réseaux autres que le
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## Réseaux d'anonymisation
-En ce qui concerne les réseaux d'anonymisation, nous tenons à souligner que [Tor](advanced/tor-overview.md) est notre premier choix. C'est de loin le réseau anonyme le plus utilisé, le plus étudié et le plus activement développé. L'utilisation d'autres réseaux est plus susceptible de compromettre votre anonymat, à moins que vous ne sachiez ce que vous faites.
+En ce qui concerne les réseaux d'anonymisation, nous tenons à souligner que [Tor](advanced/tor-overview.md) est notre premier choix. C'est de loin le réseau anonyme le plus utilisé, le plus étudié et le plus activement développé. Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### Tor
@@ -15,7 +21,7 @@ En ce qui concerne les réseaux d'anonymisation, nous tenons à souligner que [T
{ align=right }
-Le réseau **Tor** est un groupe de serveurs gérés par des bénévoles qui vous permet de vous connecter gratuitement et d'améliorer votre confidentialité et votre sécurité sur Internet. Les particuliers et les organisations peuvent également partager des informations sur le réseau Tor avec des "services cachés .onion" sans compromettre leur vie privée. Parce que le trafic Tor est difficile à bloquer et à tracer, Tor est un outil efficace pour contourner la censure.
+Le réseau **Tor** est un groupe de serveurs gérés par des bénévoles qui vous permet de vous connecter gratuitement et d'améliorer votre confidentialité et votre sécurité sur Internet. Les particuliers et les organisations peuvent également partager des informations sur le réseau Tor avec des "services cachés .onion" sans compromettre leur vie privée. Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title="Page d'accueil" }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Service onion" }
diff --git a/i18n/fr/android/distributions.md b/i18n/fr/android/distributions.md
index 840f9d08..dda55361 100644
--- a/i18n/fr/android/distributions.md
+++ b/i18n/fr/android/distributions.md
@@ -29,6 +29,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A **custom Android-based operating system** (often known as a **custom ROM**) is a popular way to achieve higher levels of privacy and security on your device. This is in contrast to the "stock" version of Android which comes with your phone from the factory, and is often deeply integrated with Google Play Services.
We recommend installing one of these custom Android operating systems on your device, listed in order of preference, depending on your device's compatibility with these operating systems.
diff --git a/i18n/fr/android/general-apps.md b/i18n/fr/android/general-apps.md
index d35cb3db..474307fe 100644
--- a/i18n/fr/android/general-apps.md
+++ b/i18n/fr/android/general-apps.md
@@ -91,6 +91,11 @@ The image orientation metadata is not deleted. If you enable location (in Secure
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/fr/browser-extensions.md b/i18n/fr/browser-extensions.md
index 95de2d49..94e8777c 100644
--- a/i18n/fr/browser-extensions.md
+++ b/i18n/fr/browser-extensions.md
@@ -5,6 +5,10 @@ description: These browser extensions can enhance your browsing experience and p
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
In general, we recommend keeping your browser extensions to a minimum to decrease your attack surface. They have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
However, some provide functionality which can outweigh these downsides in certain situations, particularly when it comes to [content blocking](basics/common-threats.md#mass-surveillance-programs).
@@ -56,7 +60,7 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
{ align=right }
-**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function.
+**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/fr/calendar.md b/i18n/fr/calendar.md
index 47fcc509..dffcecb0 100644
--- a/i18n/fr/calendar.md
+++ b/i18n/fr/calendar.md
@@ -5,6 +5,11 @@ description: Les calendriers contiennent certaines de vos données les plus sens
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Attaques passives](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Fournisseurs de service](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Calendars** contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
## Tuta
diff --git a/i18n/fr/cloud.md b/i18n/fr/cloud.md
index 2b2dcee9..bc60fe28 100644
--- a/i18n/fr/cloud.md
+++ b/i18n/fr/cloud.md
@@ -6,6 +6,11 @@ description: De nombreux fournisseurs de stockage cloud nécessitent que vous le
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Attaques passives](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Fournisseurs de service](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. Les alternatives énumérées ci-dessous éliminent le besoin de confiance en mettant en œuvre un E2EE sécurisé.
Si ces alternatives ne répondent pas à vos besoins, nous vous suggérons d'utiliser un logiciel de chiffrement tel que [Cryptomator](encryption.md#cryptomator-cloud) avec un autre fournisseur de cloud. L'utilisation de Cryptomator en conjonction avec **tout** fournisseur de cloud (y compris ceux-ci) peut être une bonne idée pour réduire le risque de failles de chiffrement dans les clients natifs d'un fournisseur.
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech).
+**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/fr/cryptocurrency.md b/i18n/fr/cryptocurrency.md
index 45b0b0c0..825e3800 100644
--- a/i18n/fr/cryptocurrency.md
+++ b/i18n/fr/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: Surveillance de masse](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censure](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
Effectuer des paiements en ligne est l'un des plus grands défis en matière de protection de la vie privée. Ces crypto-monnaies garantissent par défaut la confidentialité des transactions (ce qui n'est **pas** garanti par la majorité des crypto-monnaies), à condition que vous ayez une bonne compréhension de la façon d'effectuer des paiements privés de manière efficace. Nous vous encourageons vivement à lire notre article sur les paiements avant d'effectuer tout achat :
[Effectuer des paiements privés :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -20,9 +25,9 @@ De nombreux projets de crypto-monnaies, voire la plupart, sont des escroqueries.
-{ align=right }
+{ align=right }
-**Monero** utilise une chaîne de blocs avec des technologies de protection de la vie privée qui obscurcissent les transactions afin d'obtenir un anonymat. Chaque transaction Monero cache le montant de la transaction, les adresses d'envoi et de réception, ainsi que la source des fonds, sans aucune difficulté, ce qui en fait un choix idéal pour les novices en matière de crypto-monnaies.
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. Chaque transaction Monero cache le montant de la transaction, les adresses d'envoi et de réception, ainsi que la source des fonds, sans aucune difficulté, ce qui en fait un choix idéal pour les novices en matière de crypto-monnaies.
[:octicons-home-16: Page d'accueil](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentation}
diff --git a/i18n/fr/desktop-browsers.md b/i18n/fr/desktop-browsers.md
index 62c4c863..108a3486 100644
--- a/i18n/fr/desktop-browsers.md
+++ b/i18n/fr/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Capitalisme de surveillance](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
Voici les **navigateurs internet** et configurations actuellement recommandés pour la navigation standard/non-anonyme. Nous recommandons [Mullvad Browser](#mullvad-browser) si vous recherchez des protections solides de la vie privée et une protection contre la capture des empreintes numériques, [Firefox](#firefox) pour les internautes occasionnels qui recherchent une bonne alternative à Google Chrome, et [Brave](#brave) si vous avez besoin d'une compatibilité avec le navigateur Chromium.
Si vous avez besoin de naviguer anonymement sur Internet, vous devriez plutôt utiliser [Tor](tor.md). Nous faisons quelques recommandations de configuration sur cette page, mais tous les navigateurs autres que Tor Browser seront traçables par *quelqu'un* d'une manière ou d'une autre.
@@ -65,9 +69,9 @@ Si vous avez besoin de naviguer anonymement sur Internet, vous devriez plutôt u
-{ align=right }
+{ align=right }
-Le **Navigateur Mullvad** est une version du [Navigateur Tor](tor.md#tor-browser) dont l'intégration au réseau Tor a été supprimée, visant à fournir les technologies de protection contre la capture des empreintes numériques du Navigateur Tor aux utilisateurs de VPN. Il est développé par le projet Tor et distribué par [Mullvad](vpn.md#mullvad), et n'exige **pas** l'utilisation du VPN de Mullvad.
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. Il est développé par le projet Tor et distribué par [Mullvad](vpn.md#mullvad), et n'exige **pas** l'utilisation du VPN de Mullvad.
[:octicons-home-16: Page d'accueil](https://mullvad.net/en/browser){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mullvad.net/en/help/privacy-policy){ .card-link title="Politique de confidentialité" }
diff --git a/i18n/fr/device-integrity.md b/i18n/fr/device-integrity.md
index 3f0faf43..9e87be4b 100644
--- a/i18n/fr/device-integrity.md
+++ b/i18n/fr/device-integrity.md
@@ -45,6 +45,10 @@ Ces outils fournissent une analyse basée sur les informations auxquelles ils on
## Outils de vérification externes
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -128,6 +132,11 @@ iMazing automatise et vous guide de manière interactive tout au long du process
## Vérification sur l'appareil
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Il s'agit d'applications que vous pouvez installer et qui vérifient que votre appareil et votre système d'exploitation ne présentent pas de signes d'altération et qui valident l'identité de votre appareil.
@@ -181,6 +190,10 @@ Si votre [modèle de menace](basics/threat-modeling.md) nécessite une certaine
## Scanners embarqués
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Il s'agit d'applications que vous pouvez installer sur votre appareil et qui l'analysent pour détecter des signes de compromission.
@@ -221,7 +234,7 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
{ align=right }
-**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. Il vérifie également que votre appareil ne présente pas d'indicateurs de compromission par des outils de jailbreak ou des logiciels espions tels que Pegasus.
+**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Homepage](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/fr/dns.md b/i18n/fr/dns.md
index e07179a7..a917f0d7 100644
--- a/i18n/fr/dns.md
+++ b/i18n/fr/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Capitalisme de surveillance](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
Les DNS chiffrés avec des serveurs tiers ne doivent être utilisés que pour contourner le [blocage DNS](https://en.wikipedia.org/wiki/DNS_blocking) de base lorsque vous pouvez être sûr qu'il n'y aura pas de conséquences. Le DNS chiffré ne vous aidera pas à dissimuler vos activités de navigation.
[En savoir plus sur les DNS :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/fr/document-collaboration.md b/i18n/fr/document-collaboration.md
index 19a93455..0b1b3fd2 100644
--- a/i18n/fr/document-collaboration.md
+++ b/i18n/fr/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/fr/email-aliasing.md b/i18n/fr/email-aliasing.md
index ad0e7eea..5645be97 100644
--- a/i18n/fr/email-aliasing.md
+++ b/i18n/fr/email-aliasing.md
@@ -5,6 +5,11 @@ description: Un service d'alias d'adresses électroniques vous permet de génér
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. Les alias que vous générez sont ensuite transférés vers une adresse électronique de votre choix, masquant ainsi votre adresse électronique "principale" et l'identité de votre [fournisseur d'adresses électroniques](email.md). Un véritable alias d'adresse électronique est préférable à l'adressage plus couramment utilisé et pris en charge par de nombreux fournisseurs, qui vous permet de créer des alias du type "nom de famille+[n'importe où]@exemple.com", parce que les sites web, les annonceurs et les réseaux de suivi peuvent trivialement supprimer tout ce qui se trouve après le signe `+`. Des organisations telles que l'[IAB] (https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) exigent que les annonceurs [normalisent les adresses électroniques] (https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) afin qu'elles puissent être corrélées et suivies, sans tenir compte des souhaits des utilisateurs en matière de protection de la vie privée.
diff --git a/i18n/fr/encryption.md b/i18n/fr/encryption.md
index cd0512b8..b5b01d95 100644
--- a/i18n/fr/encryption.md
+++ b/i18n/fr/encryption.md
@@ -14,11 +14,15 @@ Les options répertoriées ici sont multiplateformes et parfaites pour créer de
### Cryptomator (Cloud)
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Attaques passives](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
-{ align=right }
+{ align=right }
-**Cryptomator** est une solution de chiffrement conçue pour enregistrer vos fichiers de manière privée vers n'importe quel fournisseur de cloud. Il vous permet de créer des coffres-forts qui sont stockés sur un disque virtuel, dont le contenu est chiffré et synchronisé avec votre fournisseur de stockage cloud.
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. Il vous permet de créer des coffres-forts qui sont stockés sur un disque virtuel, dont le contenu est chiffré et synchronisé avec votre fournisseur de stockage cloud.
[:octicons-home-16: Homepage](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Privacy Policy" }
@@ -49,6 +53,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Picocrypt (Fichier)
+
Protects against the following threat(s):
+
+- [:material-target-account: Attaques ciblées](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -72,6 +80,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### VeraCrypt (Disque)
+
Protects against the following threat(s):
+
+- [:material-target-account: Attaques ciblées](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -103,6 +115,10 @@ Truecrypt a été [audité un certain nombre de fois](https://fr.wikipedia.org/w
## Chiffrement complet du disque du système d'exploitation
+
Protects against the following threat(s):
+
+- [:material-target-account: Attaques ciblées](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Pour chiffrer le disque à partir duquel votre système d'exploitation démarre, nous recommandons généralement d'activer le logiciel de chiffrement fourni avec votre système d'exploitation plutôt que d'utiliser un outil tiers. En effet, les outils de chiffrement natifs de votre système d'exploitation utilisent souvent des fonctions spécifiques au système d'exploitation et au matériel, telles que le [cryptoprocesseur sécurisé](https://fr.wikipedia.org/wiki/Cryptoprocesseur_s%C3%A9curis%C3%A9) de votre appareil, pour protéger votre ordinateur contre des attaques physiques plus avancées. Pour les disques secondaires et les disques externes sur lesquels vous *ne démarrez pas*, nous recommandons toujours l'utilisation d'outils open-source tels que [VeraCrypt](#veracrypt-disk) plutôt que les outils ci-dessous, car ils offrent une flexibilité supplémentaire et vous permettent d'éviter l'enfermement dans un fournisseur.
### BitLocker
@@ -227,6 +243,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## Ligne de commande
+
Protects against the following threat(s):
+
+- [:material-target-account: Attaques ciblées](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Les outils dotés d'une interface de ligne de commande sont utiles pour intégrer des [scripts shell](https://fr.wikipedia.org/wiki/Script_shell).
### Kryptor
@@ -273,6 +293,12 @@ Les outils dotés d'une interface de ligne de commande sont utiles pour intégre
## OpenPGP
+
Protects against the following threat(s):
+
+- [:material-target-account: Attaques ciblées](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Attaques passives](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Fournisseurs de service](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP est parfois nécessaire pour des tâches spécifiques telles que la signature numérique et le chiffrage des e-mails. PGP possède de nombreuses fonctionnalités et est [complexe](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) car il existe depuis longtemps. Pour des tâches telles que la signature ou le chiffrement des fichiers, nous suggérons les options ci-dessus.
Lorsque vous chiffrez avec PGP, vous avez la possibilité de configurer différentes options dans votre fichier `gpg.conf` . We recommend staying with the standard options specified in the [GnuPG user FAQ](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/fr/file-sharing.md b/i18n/fr/file-sharing.md
index 0291dcf5..b8c7f855 100644
--- a/i18n/fr/file-sharing.md
+++ b/i18n/fr/file-sharing.md
@@ -5,6 +5,10 @@ description: Découvrez comment partager vos fichiers en toute confidentialité
cover: file-sharing.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Fournisseurs de service](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Découvrez comment partager vos fichiers en toute confidentialité entre vos appareils, avec vos amis et votre famille, ou de manière anonyme en ligne.
## Partage de fichiers
@@ -37,9 +41,9 @@ ffsend upload --host https://send.vis.ee/ FICHIER
-{ align=right }
+{ align=right }
-**OnionShare** est un outil open-source qui vous permet de partager de manière sécurisée et anonyme un fichier de n'importe quelle taille. Il fonctionne en démarrant un serveur web accessible en tant que service oignon Tor, avec une URL non devinable que vous pouvez partager avec les destinataires pour télécharger ou envoyer des fichiers.
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. Il fonctionne en démarrant un serveur web accessible en tant que service oignon Tor, avec une URL non devinable que vous pouvez partager avec les destinataires pour télécharger ou envoyer des fichiers.
[:octicons-home-16: Page d'accueil](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Service onion" }
@@ -57,6 +61,8 @@ ffsend upload --host https://send.vis.ee/ FICHIER
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### Critères
**Veuillez noter que nous ne sommes affiliés à aucun des projets que nous recommandons.** En plus de [nos critères de base](about/criteria.md), nous avons développé un ensemble d'exigences claires pour nous permettre de fournir des recommandations objectives. Nous vous suggérons de vous familiariser avec cette liste avant de choisir d'utiliser un projet, et de mener vos propres recherches pour vous assurer que c'est le bon choix pour vous.
diff --git a/i18n/fr/language-tools.md b/i18n/fr/language-tools.md
index 0a4fc0aa..4efaaaa2 100644
--- a/i18n/fr/language-tools.md
+++ b/i18n/fr/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/fr/mobile-browsers.md b/i18n/fr/mobile-browsers.md
index d153e570..07669135 100644
--- a/i18n/fr/mobile-browsers.md
+++ b/i18n/fr/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Capitalisme de surveillance](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. Si vous avez besoin de naviguer anonymement sur Internet, vous devriez plutôt utiliser [Tor](tor.md).
## Android
diff --git a/i18n/fr/mobile-phones.md b/i18n/fr/mobile-phones.md
index 323b7f9b..69b6430b 100644
--- a/i18n/fr/mobile-phones.md
+++ b/i18n/fr/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/fr/multi-factor-authentication.md b/i18n/fr/multi-factor-authentication.md
index 36a0913d..1c12146f 100644
--- a/i18n/fr/multi-factor-authentication.md
+++ b/i18n/fr/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Attaques ciblées](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Hardware Keys
diff --git a/i18n/fr/notebooks.md b/i18n/fr/notebooks.md
index db152ec9..d290d34d 100644
--- a/i18n/fr/notebooks.md
+++ b/i18n/fr/notebooks.md
@@ -5,6 +5,10 @@ description: These encrypted note-taking apps let you keep track of your notes w
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Fournisseurs de service](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Gardez une trace de vos notes et de vos journaux sans les donner à un tiers.
Si vous utilisez actuellement une application comme Evernote, Google Keep, ou Microsoft OneNote, nous vous suggérons de choisir ici une alternative qui supporte le E2EE.
diff --git a/i18n/fr/os/ios-overview.md b/i18n/fr/os/ios-overview.md
index a1969b6d..6062f654 100644
--- a/i18n/fr/os/ios-overview.md
+++ b/i18n/fr/os/ios-overview.md
@@ -42,7 +42,7 @@ Vous pouvez également protéger vos données en limitant ce que vous synchronis
Un abonnement payant à **iCloud+** (avec n'importe quelle offre de stockage iCloud) est assorti de fonctionnalités de protection de la vie privée. Bien qu'elles puissent fournir un service adéquat aux clients actuels d'iCloud, nous ne recommanderions pas l'achat d'une offre iCloud+ plutôt qu'un [VPN](../vpn.md) et qu'un [service d'alias d'e-mail indépendant](../email-aliasing.md), rien que pour ces fonctionnalités.
-**Relai privé** est un service proxy qui relaie votre trafic Safari à travers deux serveurs : l'un appartenant à Apple et l'autre à un fournisseur tiers (notamment Akamai, Cloudflare et Fastly). En théorie, cela devrait empêcher tout fournisseur de la chaîne, y compris Apple, d'avoir une complète visibilité sur les sites web que vous visitez lorsque vous êtes connecté. Contrairement à un VPN complet, relai privé ne protège pas le trafic de vos applications en dehors de Safari.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). En théorie, cela devrait empêcher tout fournisseur de la chaîne, y compris Apple, d'avoir une complète visibilité sur les sites web que vous visitez lorsque vous êtes connecté. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Masquer mon adresse e-mail** est le service d'alias de d'e-mail d'Apple. Vous pouvez créer un alias d'e-mail gratuitement lorsque vous faite *Se connecter avec Apple* sur un site web ou une application, ou générer un nombre illimité d'alias à la demande avec une offre iCloud+ payante. Masque mon adresse e-mail a l'avantage d'utiliser le domaine `@icloud.com` pour ses alias, ce qui peut être moins susceptible d'être bloqué par rapport à d'autres services d'alias d'email, mais n'offre pas de fonctionnalité offerte par des services indépendants tels que le chiffrement PGP automatique ou la prise en charge de plusieurs boîtes aux lettres.
diff --git a/i18n/fr/passwords.md b/i18n/fr/passwords.md
index 19540a39..03982e85 100644
--- a/i18n/fr/passwords.md
+++ b/i18n/fr/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Attaques ciblées](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Attaques passives](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Fournisseurs de service](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Les **gestionnaires de mots de passe** vous permettent de stocker et de gérer en toute sécurité des mots de passe et autres identifiants à l'aide d'un mot de passe maître.
[Introduction aux mots de passe :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/fr/photo-management.md b/i18n/fr/photo-management.md
index d1e57657..15574673 100644
--- a/i18n/fr/photo-management.md
+++ b/i18n/fr/photo-management.md
@@ -5,6 +5,11 @@ description: Outils de gestion des photos pour protéger vos photos personnelles
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. Ces options préservent la confidentialité de vos photos personnelles, tout en vous permettant de ne les partager qu'avec votre famille et des personnes de confiance.
## Ente Photos
diff --git a/i18n/fr/real-time-communication.md b/i18n/fr/real-time-communication.md
index f313e422..38282149 100644
--- a/i18n/fr/real-time-communication.md
+++ b/i18n/fr/real-time-communication.md
@@ -6,6 +6,13 @@ description: Les autres messageries instantanées mettent toutes vos conversatio
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Attaques passives](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Fournisseurs de service](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: Surveillance de masse](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: Capitalisme de surveillance](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[Types de réseaux de communication :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -65,9 +72,9 @@ Nous avons quelques conseils supplémentaires pour configurer et renforcer votre
-{ align=right }
+{ align=right }
-**SimpleX** Chat est une messagerie instantanée décentralisée qui ne dépend d'aucun identifiant unique tel qu'un numéro de téléphone ou un nom d'utilisateur. Les utilisateurs de SimpleX Chat peuvent scanner un code QR ou cliquer sur un lien d'invitation pour participer à des conversations de groupe.
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Les utilisateurs de SimpleX Chat peuvent scanner un code QR ou cliquer sur un lien d'invitation pour participer à des conversations de groupe.
[:octicons-home-16: Page d'accueil](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Politique de confidentialité" }
@@ -98,7 +105,7 @@ SimpleX Chat prend en charge les fonctionnalités de base des conversations de g
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network. Briar peut également se connecter par Wi-Fi ou Bluetooth lorsqu'il se trouve à proximité. Le mode de maillage local de Briar peut être utile lorsque la disponibilité d’internet pose problème.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar peut également se connecter par Wi-Fi ou Bluetooth lorsqu'il se trouve à proximité. Le mode de maillage local de Briar peut être utile lorsque la disponibilité d’internet pose problème.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/fr/security-keys.md b/i18n/fr/security-keys.md
index da475afb..ff09f7ba 100644
--- a/i18n/fr/security-keys.md
+++ b/i18n/fr/security-keys.md
@@ -5,6 +5,11 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A physical **security key** adds a very strong layer of protection to your online accounts. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/fr/tools.md b/i18n/fr/tools.md
index fc60f8b2..1a04c289 100644
--- a/i18n/fr/tools.md
+++ b/i18n/fr/tools.md
@@ -31,6 +31,15 @@ Pour avoir plus de détails sur chaque projet, pour savoir pourquoi ils ont ét
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/fr/tor.md b/i18n/fr/tor.md
index bdd16714..3636c01e 100644
--- a/i18n/fr/tor.md
+++ b/i18n/fr/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: Capitalisme de surveillance](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: Surveillance de masse](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censure](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Tor** est un groupe de serveurs gérés par des bénévoles qui vous permet de vous connecter gratuitement et d'améliorer votre confidentialité et votre sécurité sur Internet. Les particuliers et les organisations peuvent également partager des informations sur le réseau Tor avec des "services cachés .onion" sans compromettre leur vie privée. Parce que le trafic Tor est difficile à bloquer et à tracer, Tor est un outil efficace pour contourner la censure.
[Introduction détaillée de Tor :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Avant de vous connecter à Tor, assurez-vous d'avoir lu notre [introduction](adv
-Il existe plusieurs façons de se connecter au réseau Tor à partir de votre appareil, la plus utilisée étant le **Navigateur Tor**, un fork de Firefox conçu pour la navigation anonyme sur les ordinateurs de bureau et Android.
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Certaines de ces applications sont meilleures que d'autres et, une fois encore, la décision dépend de votre modèle de menace. Si vous êtes un utilisateur occasionnel de Tor et que vous ne craignez pas que votre FAI collecte des preuves contre vous, l'utilisation d'applications comme [Orbot](#orbot) ou de navigateurs mobiles pour accéder au réseau Tor est probablement suffisante. L'augmentation du nombre de personnes qui utilisent Tor au quotidien permet de réduire la mauvaise image de Tor et de diminuer la qualité des "listes d'utilisateurs de Tor" que les FAIs et les gouvernements peuvent compiler.
-Si un anonymat plus complet est primordial dans votre situation, vous devriez **uniquement** utiliser le client bureau du Navigateur Tor, idéalement dans une configuration [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os). Les navigateurs mobiles sont moins courants sur Tor (et donc plus facilement identifiables), et d'autres configurations ne sont pas aussi rigoureusement testées contre la désanonymisation.
+Si un anonymat plus complet est primordial dans votre situation, vous devriez **uniquement** utiliser le client bureau du Navigateur Tor, idéalement dans une configuration [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os). Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Navigateur Tor
diff --git a/i18n/fr/vpn.md b/i18n/fr/vpn.md
index 8e3e8865..a2d61fa2 100644
--- a/i18n/fr/vpn.md
+++ b/i18n/fr/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: Capitalisme de surveillance](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/he/alternative-networks.md b/i18n/he/alternative-networks.md
index d81e5e43..3db3b72a 100644
--- a/i18n/he/alternative-networks.md
+++ b/i18n/he/alternative-networks.md
@@ -5,9 +5,15 @@ description: These tools allow you to access networks other than the World Wide
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## Anonymizing Networks
-When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your anonymity, unless you know what you're doing.
+When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### Tor
@@ -15,7 +21,7 @@ When it comes to anonymizing networks, we want to specially note that [Tor](adva
{ align=right }
-The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. אנשים וארגונים יכולים גם לשתף מידע על גבי רשת Tor עם ".onion hidden services" מבלי לפגוע בפרטיותם. מכיוון שקשה לחסום ולעקוב אחר תעבורת Tor, Tor הוא כלי יעיל לעקוף צנזורה.
+The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. אנשים וארגונים יכולים גם לשתף מידע על גבי רשת Tor עם ".onion hidden services" מבלי לפגוע בפרטיותם. Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title=Homepage }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
diff --git a/i18n/he/android/distributions.md b/i18n/he/android/distributions.md
index a4a7c613..f96ff3fd 100644
--- a/i18n/he/android/distributions.md
+++ b/i18n/he/android/distributions.md
@@ -29,6 +29,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A **custom Android-based operating system** (often known as a **custom ROM**) is a popular way to achieve higher levels of privacy and security on your device. This is in contrast to the "stock" version of Android which comes with your phone from the factory, and is often deeply integrated with Google Play Services.
We recommend installing one of these custom Android operating systems on your device, listed in order of preference, depending on your device's compatibility with these operating systems.
diff --git a/i18n/he/android/general-apps.md b/i18n/he/android/general-apps.md
index 8047a9a4..5c90c0f7 100644
--- a/i18n/he/android/general-apps.md
+++ b/i18n/he/android/general-apps.md
@@ -91,6 +91,11 @@ The image orientation metadata is not deleted. If you enable location (in Secure
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/he/browser-extensions.md b/i18n/he/browser-extensions.md
index 00ae44ac..078fd0f8 100644
--- a/i18n/he/browser-extensions.md
+++ b/i18n/he/browser-extensions.md
@@ -5,6 +5,10 @@ description: These browser extensions can enhance your browsing experience and p
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
In general, we recommend keeping your browser extensions to a minimum to decrease your attack surface. They have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
However, some provide functionality which can outweigh these downsides in certain situations, particularly when it comes to [content blocking](basics/common-threats.md#mass-surveillance-programs).
@@ -56,7 +60,7 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
{ align=right }
-**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function.
+**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/he/calendar.md b/i18n/he/calendar.md
index 112bf118..5db8e0f3 100644
--- a/i18n/he/calendar.md
+++ b/i18n/he/calendar.md
@@ -5,6 +5,11 @@ description: Calendars contain some of your most sensitive data; use products th
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: התקפות פסיביות](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: ספקי שירות](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Calendars** contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
## Tuta
diff --git a/i18n/he/cloud.md b/i18n/he/cloud.md
index 39a9da0e..2e30ed50 100644
--- a/i18n/he/cloud.md
+++ b/i18n/he/cloud.md
@@ -6,6 +6,11 @@ description: ספקי אחסון בענן רבים דורשים את האמון
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: התקפות פסיביות](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: ספקי שירות](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. החלופות המפורטות להלן מבטלות את הצורך באמון על ידי הטמעת E2EE מאובטחת.
אם חלופות אלה אינן מתאימות לצרכים שלך, אנו מציעים לך לבדוק שימוש בתוכנת הצפנה כמו [Cryptomator](encryption.md#cryptomator-cloud) עם ספק ענן אחר. שימוש ב-Cryptomator בשילוב עם **כל** ספק ענן (כולל אלה) עשוי להיות רעיון טוב כדי להפחית את הסיכון לפגמי הצפנה אצל הלקוחות המקומיים של הספק.
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech).
+**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/he/cryptocurrency.md b/i18n/he/cryptocurrency.md
index 17ca2f30..062899d1 100644
--- a/i18n/he/cryptocurrency.md
+++ b/i18n/he/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: מעקב המוני](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: צנזורה](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
ביצוע תשלומים אונליין הוא אחד האתגרים הגדולים ביותר לפרטיות. מטבעות קריפטוגרפיים אלו מספקים פרטיות עסקאות כברירת מחדל (דבר ש**לא** מובטח על ידי רוב מטבעות הקריפטו), בתנאי שיש לך הבנה טובה כיצד לבצע תשלומים פרטיים ביעילות. אנו ממליצים בחום שתקרא תחילה את מאמר סקירת התשלומים שלנו לפני ביצוע רכישות כלשהן:
[ביצוע תשלומים פרטיים :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -20,9 +25,9 @@ cover: cryptocurrency.webp
-{ align=right }
+{ align=right }
-**Monero** משתמש בבלוקצ'יין עם טכנולוגיות משפרות פרטיות המטשטשות עסקאות כדי להשיג אנונימיות. כל עסקת Monero מסתירה את סכום העסקה, כתובות שליחה וקבלה, ומקור הכספים ללא שום חישוקים לדלג דרכם, מה שהופך אותה לבחירה אידיאלית עבור טירוני מטבעות קריפטוגרפיים.
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. כל עסקת Monero מסתירה את סכום העסקה, כתובות שליחה וקבלה, ומקור הכספים ללא שום חישוקים לדלג דרכם, מה שהופך אותה לבחירה אידיאלית עבור טירוני מטבעות קריפטוגרפיים.
[:octicons-home-16: Homepage](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentation}
diff --git a/i18n/he/desktop-browsers.md b/i18n/he/desktop-browsers.md
index 403409dd..bd1c1285 100644
--- a/i18n/he/desktop-browsers.md
+++ b/i18n/he/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: קפיטליזם מעקב](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **desktop web browsers** and configurations for standard/non-anonymous browsing. אנו ממליצים על [Mullvad Browser](#mullvad-browser) אם אתה מתמקד בהגנת פרטיות חזקה ואנטי-טביעת אצבע מהקופסה, [Firefox](#firefox) עבור דפדפני אינטרנט מזדמנים המחפשים אלטרנטיבה טובה ל-Google Chrome, ו-[Brave](#brave) אם אתה צריך תאימות לדפדפן Chromium.
אם אתה צריך לגלוש באינטרנט באופן אנונימי, אתה צריך להשתמש [Tor](tor.md) במקום. אנו מציעים כמה המלצות תצורה בדף זה, אך כל הדפדפנים מלבד דפדפן Tor יהיו ניתנים למעקב על ידי *מישהו* בצורה כזו או אחרת.
@@ -65,9 +69,9 @@ These are our currently recommended **desktop web browsers** and configurations
-{ align=right }
+{ align=right }
-**Mullvad Browser** הוא גרסה של [דפדפן Tor](tor.md#tor-browser) עם שילובי רשת Tor שהוסרו, שמטרתה לספק את טכנולוגיות הדפדפן נגד טביעת אצבע של Tor Browser למשתמשי VPN. הוא פותח על ידי Tor Project ומופץ על ידי [Mullvad](vpn.md#mullvad), ו**לא** דורש שימוש ב-VPN של Mullvad.
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. הוא פותח על ידי Tor Project ומופץ על ידי [Mullvad](vpn.md#mullvad), ו**לא** דורש שימוש ב-VPN של Mullvad.
[:octicons-home-16: Homepage](https://mullvad.net/en/browser){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mullvad.net/en/help/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/he/device-integrity.md b/i18n/he/device-integrity.md
index e0b6c7a9..bde319d8 100644
--- a/i18n/he/device-integrity.md
+++ b/i18n/he/device-integrity.md
@@ -45,6 +45,10 @@ These tools provide analysis based on the information they have the ability to a
## External Verification Tools
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -128,6 +132,11 @@ iMazing automates and interactively guides you through the process of using [MVT
## On-Device Verification
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
@@ -181,6 +190,10 @@ If your [threat model](basics/threat-modeling.md) requires privacy, you could co
## On-Device Scanners
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install on your device which scan your device for signs of compromise.
@@ -221,7 +234,7 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
{ align=right }
-**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Homepage](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/he/dns.md b/i18n/he/dns.md
index 39dbc541..47ac3b7a 100644
--- a/i18n/he/dns.md
+++ b/i18n/he/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: קפיטליזם מעקב](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
יש להשתמש ב-DNS מוצפן עם שרתי צד שלישי רק כדי לעקוף [חסימת DNS](https://en.wikipedia.org/wiki/DNS_blocking) בסיסית כאשר אתה יכול להיות בטוח שלא יהיו השלכות. DNS מוצפן לא יעזור לך להסתיר את פעילות הגלישה שלך.
[למד עוד :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/he/document-collaboration.md b/i18n/he/document-collaboration.md
index 87097d70..17b63e5a 100644
--- a/i18n/he/document-collaboration.md
+++ b/i18n/he/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/he/email-aliasing.md b/i18n/he/email-aliasing.md
index bb868639..a5cae81d 100644
--- a/i18n/he/email-aliasing.md
+++ b/i18n/he/email-aliasing.md
@@ -5,6 +5,11 @@ description: An email aliasing service allows you to easily generate a new email
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md). True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
diff --git a/i18n/he/encryption.md b/i18n/he/encryption.md
index 84faeee6..f7af3a13 100644
--- a/i18n/he/encryption.md
+++ b/i18n/he/encryption.md
@@ -14,11 +14,15 @@ cover: encryption.webp
### Cryptomator (ענן)
+
Protects against the following threat(s):
+
+- [:material-bug-outline: התקפות פסיביות](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
-{ align=right }
+{ align=right }
-**Cryptomator** הוא פתרון הצפנה המיועד לשמירה פרטית של קבצים לכל ספק ענן. הוא מאפשר לך ליצור כספות המאוחסנות בכונן וירטואלי, שתוכנן מוצפן ומסונכרן עם ספק אחסון הענן שלך.
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. הוא מאפשר לך ליצור כספות המאוחסנות בכונן וירטואלי, שתוכנן מוצפן ומסונכרן עם ספק אחסון הענן שלך.
[:octicons-home-16: Homepage](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Privacy Policy" }
@@ -49,6 +53,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Picocrypt (קובץ)
+
Protects against the following threat(s):
+
+- [:material-target-account: התקפות ממוקדות](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -72,6 +80,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### VeraCrypt (דיסק)
+
Protects against the following threat(s):
+
+- [:material-target-account: התקפות ממוקדות](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -103,6 +115,10 @@ Truecrypt [נבדק מספר פעמים](https://en.wikipedia.org/wiki/TrueCrypt
## הצפנת דיסק מלא של מערכת ההפעלה
+
Protects against the following threat(s):
+
+- [:material-target-account: התקפות ממוקדות](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
להצפנת הכונן שמערכת ההפעלה שלך מאתחלת ממנו, אנו ממליצים בדרך כלל להפעיל את תוכנת ההצפנה שמגיעה עם מערכת ההפעלה שלך במקום להשתמש בכלי של צד שלישי. הסיבה לכך היא שכלי ההצפנה המקוריים של מערכת ההפעלה שלך עושים לעתים קרובות שימוש בתכונות ספציפיות למערכת ההפעלה ולחומרה כמו [מעבד ההצפנה המאובטח](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) במכשיר שלך כדי להגן על המחשב שלך מפני התקפות פיזיות מתקדמות יותר. עבור כוננים משניים וכוננים חיצוניים שאתה *אינך* מאתחל מהם, אנו עדיין ממליצים להשתמש בכלי קוד פתוח כמו [VeraCrypt](#veracrypt-disk) על הכלים שלהלן, מכיוון שהם מציעים גמישות נוספת ומאפשרים לך להימנע מנעילת ספקים.
### BitLocker
@@ -227,6 +243,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## שורת הפקודה
+
Protects against the following threat(s):
+
+- [:material-target-account: התקפות ממוקדות](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
כלים עם ממשקי שורת פקודה שימושיים לשילוב [סקריפטים של מעטפת](https://en.wikipedia.org/wiki/Shell_script).
### Kryptor
@@ -273,6 +293,12 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## OpenPGP
+
Protects against the following threat(s):
+
+- [:material-target-account: התקפות ממוקדות](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: התקפות פסיביות](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: ספקי שירות](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
לעתים יש צורך ב-OpenPGP עבור משימות ספציפיות כמו חתימה דיגיטלית והצפנת דואר אלקטרוני. ל-PGP תכונות רבות והוא [מורכב](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) כפי שהוא קיים זמן רב. עבור משימות כגון חתימה או הצפנה של קבצים, אנו מציעים את האפשרויות לעיל.
בעת הצפנה באמצעות PGP, יש לך אפשרות להגדיר אפשרויות שונות בקובץ `gpg.conf` שלך. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/he/file-sharing.md b/i18n/he/file-sharing.md
index a1a12da4..c04bbe9e 100644
--- a/i18n/he/file-sharing.md
+++ b/i18n/he/file-sharing.md
@@ -5,6 +5,10 @@ description: גלה כיצד לשתף את הקבצים שלך באופן פרט
cover: file-sharing.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: ספקי שירות](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
גלה כיצד לשתף את הקבצים שלך באופן פרטי בין המכשירים שלך, עם החברים והמשפחה שלך, או באופן אנונימי באינטרנט.
## שיתוף קבצים
@@ -37,9 +41,9 @@ ffsend upload -- host https://send.vis.ee/ FILE
-{ align=right }
+{ align=right }
-**OnionShare** הוא כלי קוד פתוח המאפשר לך לשתף בצורה מאובטחת ואנונימית קובץ בכל גודל. זה עובד על ידי הפעלת שרת אינטרנט נגיש כשירות Tor onion, עם כתובת URL בלתי ניתנת לניחוש שתוכל לשתף עם הנמענים כדי להוריד או לשלוח קבצים.
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. זה עובד על ידי הפעלת שרת אינטרנט נגיש כשירות Tor onion, עם כתובת URL בלתי ניתנת לניחוש שתוכל לשתף עם הנמענים כדי להוריד או לשלוח קבצים.
[:octicons-home-16: Homepage](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Onion Service" }
@@ -57,6 +61,8 @@ ffsend upload -- host https://send.vis.ee/ FILE
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### קריטריונים
**שים לב שאיננו קשורים לאף אחד מהפרויקטים שאנו ממליצים עליהם.** בנוסף ל [הקריטריונים הסטנדרטיים שלנו](about/criteria.md), פיתחנו סט ברור של דרישות כדי לאפשר לנו לספק המלצות אובייקטיביות. אנו מציעים לך להכיר את הרשימה הזו לפני שתבחר להשתמש בפרויקט, ולערוך מחקר משלך כדי להבטיח שזו הבחירה הנכונה עבורך.
diff --git a/i18n/he/language-tools.md b/i18n/he/language-tools.md
index 0165fd76..ec7403dd 100644
--- a/i18n/he/language-tools.md
+++ b/i18n/he/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/he/mobile-browsers.md b/i18n/he/mobile-browsers.md
index cb6b39b6..dc708b01 100644
--- a/i18n/he/mobile-browsers.md
+++ b/i18n/he/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: קפיטליזם מעקב](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. אם אתה צריך לגלוש באינטרנט באופן אנונימי, אתה צריך להשתמש [Tor](tor.md) במקום.
## אנדרואיד
diff --git a/i18n/he/mobile-phones.md b/i18n/he/mobile-phones.md
index a8b41862..47aa836e 100644
--- a/i18n/he/mobile-phones.md
+++ b/i18n/he/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/he/multi-factor-authentication.md b/i18n/he/multi-factor-authentication.md
index b2d11869..bc5c378a 100644
--- a/i18n/he/multi-factor-authentication.md
+++ b/i18n/he/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: התקפות ממוקדות](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Hardware Keys
diff --git a/i18n/he/notebooks.md b/i18n/he/notebooks.md
index eb7b24ca..a658cd20 100644
--- a/i18n/he/notebooks.md
+++ b/i18n/he/notebooks.md
@@ -5,6 +5,10 @@ description: These encrypted note-taking apps let you keep track of your notes w
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: ספקי שירות](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
עקוב אחר ההערות והיומנים שלך מבלי למסור אותם לצד שלישי.
אם אתה משתמש כעת באפליקציה כמו Evernote, Google Keep או Microsoft OneNote, אנו מציעים שתבחר כאן חלופה שתומכת ב-E2EE.
diff --git a/i18n/he/os/ios-overview.md b/i18n/he/os/ios-overview.md
index 130ec90e..b03e9d9d 100644
--- a/i18n/he/os/ios-overview.md
+++ b/i18n/he/os/ios-overview.md
@@ -42,7 +42,7 @@ iOS devices are frequently praised by security experts for their robust data pro
מנוי **iCloud+** בתשלום (עם כל תוכנית אחסון של iCloud) מגיע עם פונקציונליות מסוימת להגנה על הפרטיות. While these may provide adequate service for current iCloud customers, we wouldn't recommend purchasing an iCloud+ plan over a [VPN](../vpn.md) and [standalone email aliasing service](../email-aliasing.md) just for these features alone.
-**ממסר פרטי** הוא שירות פרוקסי המעביר את תעבורת הספארי שלך דרך שני שרתים: אחד בבעלות אפל ואחד בבעלות ספק צד שלישי (כולל Akamai, Cloudflare ו-Fastly). בתיאוריה זה אמור למנוע מכל ספק בודד בשרשרת - כולל אפל - לקבל ראות מלאה באילו אתרים אתה מבקר בזמן שאתה מחובר. בניגוד ל-VPN מלא, Private Relay אינו מגן על תעבורה מהאפליקציות שלך מחוץ ל-Safari.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). בתיאוריה זה אמור למנוע מכל ספק בודד בשרשרת - כולל אפל - לקבל ראות מלאה באילו אתרים אתה מבקר בזמן שאתה מחובר. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**הסתר את האימייל שלי** הוא שירות כינוי האימייל של אפל. אתה יכול ליצור כינוי אימייל בחינם כשאתה *נכנס עם Apple* באתר או באפליקציה, או יוצר כינויים ללא הגבלה לפי דרישה עם תוכנית iCloud+ בתשלום. Hide My Email יש את היתרון בשימוש בדומיין `@icloud.com` עבור הכינויים שלו, אשר עשוי להיות פחות סביר שייחסם בהשוואה לשירותי כינוי דוא"ל אחרים, אך אינו מציע פונקציונליות המוצעת על ידי שירותים עצמאיים כגון כהצפנת PGP אוטומטית או תמיכה במספר תיבות דואר.
diff --git a/i18n/he/passwords.md b/i18n/he/passwords.md
index e5c6a0b9..52d164b3 100644
--- a/i18n/he/passwords.md
+++ b/i18n/he/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: התקפות ממוקדות](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: התקפות פסיביות](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: ספקי שירות](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[מבוא לסיסמאות :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/he/photo-management.md b/i18n/he/photo-management.md
index e665dd8d..dca2d038 100644
--- a/i18n/he/photo-management.md
+++ b/i18n/he/photo-management.md
@@ -5,6 +5,11 @@ description: Photo management tools to keep your personal photos safe from the p
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. These options keep your personal photos private, while allowing you to share them only with family and trusted people.
## Ente Photos
diff --git a/i18n/he/real-time-communication.md b/i18n/he/real-time-communication.md
index 5dae8d2f..c48bbdba 100644
--- a/i18n/he/real-time-communication.md
+++ b/i18n/he/real-time-communication.md
@@ -6,6 +6,13 @@ description: Other instant messengers make all of your private conversations ava
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: התקפות פסיביות](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: ספקי שירות](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: מעקב המוני](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: קפיטליזם מעקב](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[סוגי רשתות תקשורת :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -65,9 +72,9 @@ Contact lists on Signal are encrypted using your Signal PIN and the server does
-{ align=right }
+{ align=right }
-**SimpleX** Chat הוא מסנג'ר מיידי מבוזר ואינו תלוי במזהים ייחודיים כגון מספרי טלפון או שמות משתמש. משתמשי SimpleX Chat יכולים לסרוק קוד QR או ללחוץ על קישור הזמנה כדי להשתתף בשיחות קבוצתיות.
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. משתמשי SimpleX Chat יכולים לסרוק קוד QR או ללחוץ על קישור הזמנה כדי להשתתף בשיחות קבוצתיות.
[:octicons-home-16: Homepage](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Privacy Policy" }
@@ -98,7 +105,7 @@ SimpleX Chat תומך בפונקציונליות בסיסית של צ'אט קב
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network. Briar יכול גם להתחבר באמצעות Wi-Fi או Bluetooth כאשר הוא נמצא בקרבה מקומית. מצב הרשת המקומי של Briar יכול להיות שימושי כאשר זמינות האינטרנט היא בעיה.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar יכול גם להתחבר באמצעות Wi-Fi או Bluetooth כאשר הוא נמצא בקרבה מקומית. מצב הרשת המקומי של Briar יכול להיות שימושי כאשר זמינות האינטרנט היא בעיה.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/he/security-keys.md b/i18n/he/security-keys.md
index 524e705a..b4b2be48 100644
--- a/i18n/he/security-keys.md
+++ b/i18n/he/security-keys.md
@@ -5,6 +5,11 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A physical **security key** adds a very strong layer of protection to your online accounts. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/he/tools.md b/i18n/he/tools.md
index c175dafc..50973a0c 100644
--- a/i18n/he/tools.md
+++ b/i18n/he/tools.md
@@ -31,6 +31,15 @@ If you want assistance figuring out the best privacy tools and alternative progr
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/he/tor.md b/i18n/he/tor.md
index 8cfe45ce..fde331e0 100644
--- a/i18n/he/tor.md
+++ b/i18n/he/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: קפיטליזם מעקב](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: מעקב המוני](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: צנזורה](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Tor** is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. אנשים וארגונים יכולים גם לשתף מידע על גבי רשת Tor עם ".onion hidden services" מבלי לפגוע בפרטיותם. מכיוון שקשה לחסום ולעקוב אחר תעבורת Tor, Tor הוא כלי יעיל לעקוף צנזורה.
[סקירת Tor מפורטת :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-
-ישנן מגוון דרכים שלך להתחבר לרשת Tor מהמכשיר, הנפוץ ביותר הוא דפדפן **Tor**, נגזרת של Firefox המיועד לגלישה אנונימית למחשבים שולחניים ואנדרואיד.
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
-If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## דפדפן Tor
diff --git a/i18n/he/vpn.md b/i18n/he/vpn.md
index 6fef05c1..36407581 100644
--- a/i18n/he/vpn.md
+++ b/i18n/he/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: קפיטליזם מעקב](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/hi/alternative-networks.md b/i18n/hi/alternative-networks.md
index 79017cee..4c8a6e25 100644
--- a/i18n/hi/alternative-networks.md
+++ b/i18n/hi/alternative-networks.md
@@ -5,9 +5,15 @@ description: These tools allow you to access networks other than the World Wide
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## Anonymizing Networks
-When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your anonymity, unless you know what you're doing.
+When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### Tor
@@ -15,7 +21,7 @@ When it comes to anonymizing networks, we want to specially note that [Tor](adva
{ align=right }
-The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective censorship circumvention tool.
+The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title=Homepage }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
diff --git a/i18n/hi/android/distributions.md b/i18n/hi/android/distributions.md
index 339587be..c3c27e85 100644
--- a/i18n/hi/android/distributions.md
+++ b/i18n/hi/android/distributions.md
@@ -29,6 +29,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A **custom Android-based operating system** (often known as a **custom ROM**) is a popular way to achieve higher levels of privacy and security on your device. This is in contrast to the "stock" version of Android which comes with your phone from the factory, and is often deeply integrated with Google Play Services.
We recommend installing one of these custom Android operating systems on your device, listed in order of preference, depending on your device's compatibility with these operating systems.
diff --git a/i18n/hi/android/general-apps.md b/i18n/hi/android/general-apps.md
index d13deac9..e3221737 100644
--- a/i18n/hi/android/general-apps.md
+++ b/i18n/hi/android/general-apps.md
@@ -91,6 +91,11 @@ The image orientation metadata is not deleted. If you enable location (in Secure
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/hi/browser-extensions.md b/i18n/hi/browser-extensions.md
index d5644115..f0a2bf5b 100644
--- a/i18n/hi/browser-extensions.md
+++ b/i18n/hi/browser-extensions.md
@@ -5,6 +5,10 @@ description: These browser extensions can enhance your browsing experience and p
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
In general, we recommend keeping your browser extensions to a minimum to decrease your attack surface. They have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
However, some provide functionality which can outweigh these downsides in certain situations, particularly when it comes to [content blocking](basics/common-threats.md#mass-surveillance-programs).
@@ -56,7 +60,7 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
{ align=right }
-**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function.
+**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/hi/calendar.md b/i18n/hi/calendar.md
index edcd57b4..e44bf1ee 100644
--- a/i18n/hi/calendar.md
+++ b/i18n/hi/calendar.md
@@ -5,6 +5,11 @@ description: Calendars contain some of your most sensitive data; use products th
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Calendars** contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
## Tuta
diff --git a/i18n/hi/cloud.md b/i18n/hi/cloud.md
index 1b691f08..42467f65 100644
--- a/i18n/hi/cloud.md
+++ b/i18n/hi/cloud.md
@@ -6,6 +6,11 @@ description: Many cloud storage providers require your trust that they will not
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. The alternatives listed below eliminate the need for trust by implementing secure E2EE.
If these alternatives do not fit your needs, we suggest you look into using encryption software like [Cryptomator](encryption.md#cryptomator-cloud) with another cloud provider. Using Cryptomator in conjunction with **any** cloud provider (including these) may be a good idea to reduce the risk of encryption flaws in a provider's native clients.
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech).
+**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/hi/cryptocurrency.md b/i18n/hi/cryptocurrency.md
index 2fd5ccf5..348e2546 100644
--- a/i18n/hi/cryptocurrency.md
+++ b/i18n/hi/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
Making payments online is one of the biggest challenges to privacy. These cryptocurrencies provide transaction privacy by default (something which is **not** guaranteed by the majority of cryptocurrencies), provided you have a strong understanding of how to make private payments effectively. We strongly encourage you first read our payments overview article before making any purchases:
[Making Private Payments :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -22,7 +27,7 @@ Many if not most cryptocurrency projects are scams. Make transactions carefully
{ align=right }
-**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve anonymity. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
[:octicons-home-16: Homepage](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentation}
diff --git a/i18n/hi/desktop-browsers.md b/i18n/hi/desktop-browsers.md
index ec7094f4..b74767bc 100644
--- a/i18n/hi/desktop-browsers.md
+++ b/i18n/hi/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **desktop web browsers** and configurations for standard/non-anonymous browsing. We recommend [Mullvad Browser](#mullvad-browser) if you are focused on strong privacy protections and anti-fingerprinting out of the box, [Firefox](#firefox) for casual internet browsers looking for a good alternative to Google Chrome, and [Brave](#brave) if you need Chromium browser compatibility.
If you need to browse the internet anonymously, you should use [Tor](tor.md) instead. We make some configuration recommendations on this page, but all browsers other than Tor Browser will be traceable by *somebody* in some manner or another.
@@ -67,7 +71,7 @@ If you need to browse the internet anonymously, you should use [Tor](tor.md) ins
{ align=right }
-**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed, aimed at providing Tor Browser's anti-fingerprinting browser technologies to VPN users. It is developed by the Tor Project and distributed by [Mullvad](vpn.md#mullvad), and does **not** require the use of Mullvad's VPN.
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. It is developed by the Tor Project and distributed by [Mullvad](vpn.md#mullvad), and does **not** require the use of Mullvad's VPN.
[:octicons-home-16: Homepage](https://mullvad.net/en/browser){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mullvad.net/en/help/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/hi/device-integrity.md b/i18n/hi/device-integrity.md
index fb19bab5..7de334df 100644
--- a/i18n/hi/device-integrity.md
+++ b/i18n/hi/device-integrity.md
@@ -45,6 +45,10 @@ These tools provide analysis based on the information they have the ability to a
## External Verification Tools
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -128,6 +132,11 @@ iMazing automates and interactively guides you through the process of using [MVT
## On-Device Verification
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
@@ -181,6 +190,10 @@ If your [threat model](basics/threat-modeling.md) requires privacy, you could co
## On-Device Scanners
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install on your device which scan your device for signs of compromise.
@@ -221,7 +234,7 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
{ align=right }
-**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Homepage](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/hi/dns.md b/i18n/hi/dns.md
index 0a7a804f..7846363c 100644
--- a/i18n/hi/dns.md
+++ b/i18n/hi/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
Encrypted DNS with third-party servers should only be used to get around basic [DNS blocking](https://en.wikipedia.org/wiki/DNS_blocking) when you can be sure there won't be any consequences. Encrypted DNS will not help you hide any of your browsing activity.
[Learn more about DNS :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/hi/document-collaboration.md b/i18n/hi/document-collaboration.md
index 4f7ed135..9bf30ec2 100644
--- a/i18n/hi/document-collaboration.md
+++ b/i18n/hi/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/hi/email-aliasing.md b/i18n/hi/email-aliasing.md
index 2b447982..c2f4c549 100644
--- a/i18n/hi/email-aliasing.md
+++ b/i18n/hi/email-aliasing.md
@@ -5,6 +5,11 @@ description: An email aliasing service allows you to easily generate a new email
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md). True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
diff --git a/i18n/hi/encryption.md b/i18n/hi/encryption.md
index da9ff73b..4e15e295 100644
--- a/i18n/hi/encryption.md
+++ b/i18n/hi/encryption.md
@@ -14,11 +14,15 @@ The options listed here are multi-platform and great for creating encrypted back
### Cryptomator (Cloud)
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
{ align=right }
-**Cryptomator** is an encryption solution designed for privately saving files to any cloud provider. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
[:octicons-home-16: Homepage](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Privacy Policy" }
@@ -49,6 +53,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Picocrypt (File)
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -72,6 +80,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### VeraCrypt (Disk)
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -103,6 +115,10 @@ Truecrypt has been [audited a number of times](https://en.wikipedia.org/wiki/Tru
## OS Full Disk Encryption
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
### BitLocker
@@ -227,6 +243,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## Command-line
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Tools with command-line interfaces are useful for integrating [shell scripts](https://en.wikipedia.org/wiki/Shell_script).
### Kryptor
@@ -273,6 +293,12 @@ Tools with command-line interfaces are useful for integrating [shell scripts](ht
## OpenPGP
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP is sometimes needed for specific tasks such as digitally signing and encrypting email. PGP has many features and is [complex](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) as it has been around a long time. For tasks such as signing or encrypting files, we suggest the above options.
When encrypting with PGP, you have the option to configure different options in your `gpg.conf` file. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/hi/file-sharing.md b/i18n/hi/file-sharing.md
index cfe78654..65d61df7 100644
--- a/i18n/hi/file-sharing.md
+++ b/i18n/hi/file-sharing.md
@@ -5,6 +5,10 @@ description: Discover how to privately share your files between your devices, wi
cover: file-sharing.webp
---
+Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Discover how to privately share your files between your devices, with your friends and family, or anonymously online.
## File Sharing
@@ -39,7 +43,7 @@ ffsend upload --host https://send.vis.ee/ FILE
{ align=right }
-**OnionShare** is an open-source tool that lets you securely and anonymously share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.
[:octicons-home-16: Homepage](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Onion Service" }
@@ -57,6 +61,8 @@ ffsend upload --host https://send.vis.ee/ FILE
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### Criteria
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
diff --git a/i18n/hi/language-tools.md b/i18n/hi/language-tools.md
index 1f6f756c..b69f9ff1 100644
--- a/i18n/hi/language-tools.md
+++ b/i18n/hi/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/hi/mobile-browsers.md b/i18n/hi/mobile-browsers.md
index 1fdcb7a1..82ebedc0 100644
--- a/i18n/hi/mobile-browsers.md
+++ b/i18n/hi/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. If you need to browse the internet anonymously, you should use [Tor](tor.md) instead.
## Android
diff --git a/i18n/hi/mobile-phones.md b/i18n/hi/mobile-phones.md
index 05d9bc84..c65b0814 100644
--- a/i18n/hi/mobile-phones.md
+++ b/i18n/hi/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/hi/multi-factor-authentication.md b/i18n/hi/multi-factor-authentication.md
index 6155ae93..87185132 100644
--- a/i18n/hi/multi-factor-authentication.md
+++ b/i18n/hi/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Hardware Keys
diff --git a/i18n/hi/notebooks.md b/i18n/hi/notebooks.md
index d450ba8b..27e9eada 100644
--- a/i18n/hi/notebooks.md
+++ b/i18n/hi/notebooks.md
@@ -5,6 +5,10 @@ description: These encrypted note-taking apps let you keep track of your notes w
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Keep track of your notes and journalings without giving them to a third-party.
If you are currently using an application like Evernote, Google Keep, or Microsoft OneNote, we suggest you pick an alternative here that supports E2EE.
diff --git a/i18n/hi/os/ios-overview.md b/i18n/hi/os/ios-overview.md
index b0935919..0100a6f3 100644
--- a/i18n/hi/os/ios-overview.md
+++ b/i18n/hi/os/ios-overview.md
@@ -42,7 +42,7 @@ You can also protect your data by limiting what you sync to iCloud in the first
A paid **iCloud+** subscription (with any iCloud storage plan) comes with some privacy-protecting functionality. While these may provide adequate service for current iCloud customers, we wouldn't recommend purchasing an iCloud+ plan over a [VPN](../vpn.md) and [standalone email aliasing service](../email-aliasing.md) just for these features alone.
-**Private Relay** is a proxy service which relays your Safari traffic through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a full VPN, Private Relay does not protect traffic from your apps outside of Safari.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Hide My Email** is Apple's email aliasing service. You can create an email aliases for free when you *Sign In With Apple* on a website or app, or generate unlimited aliases on demand with a paid iCloud+ plan. Hide My Email has the advantage of using the `@icloud.com` domain for its aliases, which may be less likely to be blocked compared to other email aliasing services, but does not offer functionality offered by standalone services such as automatic PGP encryption or multiple mailbox support.
diff --git a/i18n/hi/passwords.md b/i18n/hi/passwords.md
index d86cbfb0..c4cb82c1 100644
--- a/i18n/hi/passwords.md
+++ b/i18n/hi/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[Introduction to Passwords :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/hi/photo-management.md b/i18n/hi/photo-management.md
index 89f3a7d0..c526c59a 100644
--- a/i18n/hi/photo-management.md
+++ b/i18n/hi/photo-management.md
@@ -5,6 +5,11 @@ description: Photo management tools to keep your personal photos safe from the p
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. These options keep your personal photos private, while allowing you to share them only with family and trusted people.
## Ente Photos
diff --git a/i18n/hi/real-time-communication.md b/i18n/hi/real-time-communication.md
index 4bd1f966..4194f9c2 100644
--- a/i18n/hi/real-time-communication.md
+++ b/i18n/hi/real-time-communication.md
@@ -6,6 +6,13 @@ description: Other instant messengers make all of your private conversations ava
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[Types of Communication Networks :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -67,7 +74,7 @@ We have some additional tips on configuring and hardening your Signal installati
{ align=right }
-**SimpleX** Chat is an instant messenger that is decentralized and doesn't depend on any unique identifiers such as phone numbers or usernames. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
[:octicons-home-16: Homepage](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Privacy Policy" }
@@ -98,7 +105,7 @@ SimpleX Chat supports basic group chatting functionality, direct messaging, and
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/hi/security-keys.md b/i18n/hi/security-keys.md
index 4c60d2c0..5fb71cc3 100644
--- a/i18n/hi/security-keys.md
+++ b/i18n/hi/security-keys.md
@@ -5,6 +5,11 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A physical **security key** adds a very strong layer of protection to your online accounts. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/hi/tools.md b/i18n/hi/tools.md
index 42932575..52a3d3d3 100644
--- a/i18n/hi/tools.md
+++ b/i18n/hi/tools.md
@@ -31,6 +31,15 @@ For more details about each project, why they were chosen, and additional tips o
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/hi/tor.md b/i18n/hi/tor.md
index 0f82d89f..5b2163c2 100644
--- a/i18n/hi/tor.md
+++ b/i18n/hi/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Tor** is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective censorship circumvention tool.
[Detailed Tor Overview :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-
-There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android.
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
-If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Tor Browser
diff --git a/i18n/hi/vpn.md b/i18n/hi/vpn.md
index 952e2952..9a192acf 100644
--- a/i18n/hi/vpn.md
+++ b/i18n/hi/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/hu/alternative-networks.md b/i18n/hu/alternative-networks.md
index 03e60edb..437d8718 100644
--- a/i18n/hu/alternative-networks.md
+++ b/i18n/hu/alternative-networks.md
@@ -5,9 +5,15 @@ description: These tools allow you to access networks other than the World Wide
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## Anonymizing Networks
-When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your anonymity, unless you know what you're doing.
+When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### Tor
@@ -15,7 +21,7 @@ When it comes to anonymizing networks, we want to specially note that [Tor](adva
{ align=right }
-The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. A magánszemélyek és szervezetek a Tor-hálózaton keresztül a ".onion rejtett szolgáltatásokkal" is megoszthatnak információkat anélkül, hogy veszélyeztetnék a magánéletüket. Mivel a Tor forgalmat nehéz blokkolni és nyomon követni, a Tor hatékony eszköz a cenzúra megkerülésére.
+The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. A magánszemélyek és szervezetek a Tor-hálózaton keresztül a ".onion rejtett szolgáltatásokkal" is megoszthatnak információkat anélkül, hogy veszélyeztetnék a magánéletüket. Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title=Homepage }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
diff --git a/i18n/hu/android/distributions.md b/i18n/hu/android/distributions.md
index 71a82737..63b41010 100644
--- a/i18n/hu/android/distributions.md
+++ b/i18n/hu/android/distributions.md
@@ -29,6 +29,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A **custom Android-based operating system** (often known as a **custom ROM**) is a popular way to achieve higher levels of privacy and security on your device. This is in contrast to the "stock" version of Android which comes with your phone from the factory, and is often deeply integrated with Google Play Services.
We recommend installing one of these custom Android operating systems on your device, listed in order of preference, depending on your device's compatibility with these operating systems.
diff --git a/i18n/hu/android/general-apps.md b/i18n/hu/android/general-apps.md
index d73ccbf0..e74d81bb 100644
--- a/i18n/hu/android/general-apps.md
+++ b/i18n/hu/android/general-apps.md
@@ -91,6 +91,11 @@ The image orientation metadata is not deleted. If you enable location (in Secure
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/hu/browser-extensions.md b/i18n/hu/browser-extensions.md
index 13126350..f53fa84f 100644
--- a/i18n/hu/browser-extensions.md
+++ b/i18n/hu/browser-extensions.md
@@ -5,6 +5,10 @@ description: These browser extensions can enhance your browsing experience and p
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
In general, we recommend keeping your browser extensions to a minimum to decrease your attack surface. They have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
However, some provide functionality which can outweigh these downsides in certain situations, particularly when it comes to [content blocking](basics/common-threats.md#mass-surveillance-programs).
@@ -56,7 +60,7 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
{ align=right }
-**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function.
+**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/hu/calendar.md b/i18n/hu/calendar.md
index d75106c8..1ddaa170 100644
--- a/i18n/hu/calendar.md
+++ b/i18n/hu/calendar.md
@@ -5,6 +5,11 @@ description: Calendars contain some of your most sensitive data; use products th
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Calendars** contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
## Tuta
diff --git a/i18n/hu/cloud.md b/i18n/hu/cloud.md
index de87c685..a61945e5 100644
--- a/i18n/hu/cloud.md
+++ b/i18n/hu/cloud.md
@@ -6,6 +6,11 @@ description: Many cloud storage providers require your trust that they will not
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. The alternatives listed below eliminate the need for trust by implementing secure E2EE.
If these alternatives do not fit your needs, we suggest you look into using encryption software like [Cryptomator](encryption.md#cryptomator-cloud) with another cloud provider. Using Cryptomator in conjunction with **any** cloud provider (including these) may be a good idea to reduce the risk of encryption flaws in a provider's native clients.
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech).
+**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/hu/cryptocurrency.md b/i18n/hu/cryptocurrency.md
index 308b577f..67bbd2ad 100644
--- a/i18n/hu/cryptocurrency.md
+++ b/i18n/hu/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
Making payments online is one of the biggest challenges to privacy. These cryptocurrencies provide transaction privacy by default (something which is **not** guaranteed by the majority of cryptocurrencies), provided you have a strong understanding of how to make private payments effectively. We strongly encourage you first read our payments overview article before making any purchases:
[Making Private Payments :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -22,7 +27,7 @@ Many if not most cryptocurrency projects are scams. Make transactions carefully
{ align=right }
-**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve anonymity. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
[:octicons-home-16: Homepage](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentation}
diff --git a/i18n/hu/desktop-browsers.md b/i18n/hu/desktop-browsers.md
index f3181c87..23783e6f 100644
--- a/i18n/hu/desktop-browsers.md
+++ b/i18n/hu/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **desktop web browsers** and configurations for standard/non-anonymous browsing. A [Mullvad Böngészőt](#mullvad-browser) ajánljuk, ha kiemelten fontos számodra az erős adatvédelem és az alapértelmezett ujjlenyomat-védelem, a [Firefox](#firefox)-ot azoknak ajánljuk, akik jó alternatívát keresnek a Google Chrome-hoz, és csak hétköznapi internetezők. A [Brave](#brave)-et pedig akkor, ha szükséged van a Chromium böngésző kompatibilitására.
Ha névtelenül szeretnél böngészni az interneten, használd inkább a [Tor](tor.md) szolgáltatást. Ezen az oldalon teszünk néhány konfigurációs ajánlást, de a Tor Böngésző kivételével minden más böngésző *lekövehtető* valamilyen módon.
@@ -67,8 +71,7 @@ Ha névtelenül szeretnél böngészni az interneten, használd inkább a [Tor](
{ align=right }
-
-A **Mullvad Böngésző** egy verziója a [Tor Böngésző](tor.md#tor-browser)nek, amelyből a Tor hálózati integrációkat eltávolították, célja pedig az, hogy a Tor Böngésző ujjlenyomat-védelmi böngészőtechnológiáit VPN-felhasználók számára is elérhetővé tegye. A böngészőt a Tor Project fejlesztette és a [Mullvad](vpn.md#mullvad) terjeszti, és **nem** igényli a Mullvad VPN használatát.
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. A böngészőt a Tor Project fejlesztette és a [Mullvad](vpn.md#mullvad) terjeszti, és **nem** igényli a Mullvad VPN használatát.
[:octicons-home-16: Honlap](https://mullvad.net/en/browser){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mullvad.net/en/help/privacy-policy){ .card-link title="Adatvédelmi tájékoztató" }
diff --git a/i18n/hu/device-integrity.md b/i18n/hu/device-integrity.md
index 81909171..c422f09b 100644
--- a/i18n/hu/device-integrity.md
+++ b/i18n/hu/device-integrity.md
@@ -45,6 +45,10 @@ These tools provide analysis based on the information they have the ability to a
## External Verification Tools
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -128,6 +132,11 @@ iMazing automates and interactively guides you through the process of using [MVT
## On-Device Verification
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
@@ -181,6 +190,10 @@ If your [threat model](basics/threat-modeling.md) requires privacy, you could co
## On-Device Scanners
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install on your device which scan your device for signs of compromise.
@@ -221,7 +234,7 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
{ align=right }
-**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Homepage](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/hu/dns.md b/i18n/hu/dns.md
index cdd76950..6be305d2 100644
--- a/i18n/hu/dns.md
+++ b/i18n/hu/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
Titkosított DNS-t harmadik féltől származó szerverekkel csak alapvető [DNS-blokkolás](https://en.wikipedia.org/wiki/DNS_blocking) megkerülésére kellene használni, ha biztos vagy benne, hogy annak nem lesz semmilyen következménye. A titkosított DNS nem fog segíteni elrejteni a böngészési tevékenységedet.
[További Információk a DNS-ről :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/hu/document-collaboration.md b/i18n/hu/document-collaboration.md
index 34fa5dba..aedcc63a 100644
--- a/i18n/hu/document-collaboration.md
+++ b/i18n/hu/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/hu/email-aliasing.md b/i18n/hu/email-aliasing.md
index 9dce7250..d6384b52 100644
--- a/i18n/hu/email-aliasing.md
+++ b/i18n/hu/email-aliasing.md
@@ -5,6 +5,11 @@ description: An email aliasing service allows you to easily generate a new email
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md). True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
diff --git a/i18n/hu/encryption.md b/i18n/hu/encryption.md
index f218397f..1bed6849 100644
--- a/i18n/hu/encryption.md
+++ b/i18n/hu/encryption.md
@@ -14,11 +14,15 @@ The options listed here are multi-platform and great for creating encrypted back
### Cryptomator (Cloud)
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
{ align=right }
-**Cryptomator** is an encryption solution designed for privately saving files to any cloud provider. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
[:octicons-home-16: Homepage](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Privacy Policy" }
@@ -49,6 +53,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Picocrypt (File)
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -72,6 +80,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### VeraCrypt (Disk)
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -103,6 +115,10 @@ Truecrypt has been [audited a number of times](https://en.wikipedia.org/wiki/Tru
## OS Full Disk Encryption
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
### BitLocker
@@ -227,6 +243,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## Parancssor
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Tools with command-line interfaces are useful for integrating [shell scripts](https://en.wikipedia.org/wiki/Shell_script).
### Kryptor
@@ -273,6 +293,12 @@ Tools with command-line interfaces are useful for integrating [shell scripts](ht
## OpenPGP
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP is sometimes needed for specific tasks such as digitally signing and encrypting email. PGP has many features and is [complex](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) as it has been around a long time. For tasks such as signing or encrypting files, we suggest the above options.
When encrypting with PGP, you have the option to configure different options in your `gpg.conf` file. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/hu/file-sharing.md b/i18n/hu/file-sharing.md
index 303fa016..7d84a81c 100644
--- a/i18n/hu/file-sharing.md
+++ b/i18n/hu/file-sharing.md
@@ -5,6 +5,10 @@ description: Fedezd fel, hogyan oszthatod meg fájljaid privát módon készül
cover: file-sharing.webp
---
+Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Fedezd fel, hogyan oszthatod meg fájljaid privát módon készülékek között, barátaiddal és családtagjaiddal vagy névtelenül online.
## Fájlmegosztás
@@ -39,7 +43,7 @@ ffsend upload --host https://send.vis.ee/ FÁJL
{ align=right }
-Az **OnionShare** egy nyílt forráskódú eszköz, amellyel biztonságosan és névtelenül oszthatsz meg bármilyen méretű fájlt. Úgy működik, hogy egy Tor onion szolgáltatásként elérhető webszervert indít el, egy kitalálhatatlan URL-címmel együtt, amit megoszthatsz a címzettekkel fájlok letöltéséhez vagy küldéséhez.
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. Úgy működik, hogy egy Tor onion szolgáltatásként elérhető webszervert indít el, egy kitalálhatatlan URL-címmel együtt, amit megoszthatsz a címzettekkel fájlok letöltéséhez vagy küldéséhez.
[:octicons-home-16: Homepage](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Onion Service" }
@@ -57,6 +61,8 @@ Az **OnionShare** egy nyílt forráskódú eszköz, amellyel biztonságosan és
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### Követelmények
**Tartsd figyelemben, hogy nem állunk kapcsolatban az általunk ajánlott projektek egyikével sem.** Az [alap kritériumaink mellett](about/criteria.md), egyértelmű követelményrendszert dolgoztunk ki, hogy objektív ajánlásokat tudjunk tenni. Javasoljuk, hogy ismerkedj meg ezzel a listával, mielőtt kiválasztanál egy projektet, és végezz saját kutatásokat, hogy megbizonyosodj arról, hogy ez a megfelelő választás számodra.
diff --git a/i18n/hu/language-tools.md b/i18n/hu/language-tools.md
index cc92f28d..8553df4a 100644
--- a/i18n/hu/language-tools.md
+++ b/i18n/hu/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/hu/mobile-browsers.md b/i18n/hu/mobile-browsers.md
index 062dc586..85bc6f16 100644
--- a/i18n/hu/mobile-browsers.md
+++ b/i18n/hu/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. If you need to browse the internet anonymously, you should use [Tor](tor.md) instead.
## Android
diff --git a/i18n/hu/mobile-phones.md b/i18n/hu/mobile-phones.md
index cfd46b26..df158551 100644
--- a/i18n/hu/mobile-phones.md
+++ b/i18n/hu/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/hu/multi-factor-authentication.md b/i18n/hu/multi-factor-authentication.md
index f77adc3c..7f850422 100644
--- a/i18n/hu/multi-factor-authentication.md
+++ b/i18n/hu/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Hardware Keys
diff --git a/i18n/hu/notebooks.md b/i18n/hu/notebooks.md
index 85144621..8e64326f 100644
--- a/i18n/hu/notebooks.md
+++ b/i18n/hu/notebooks.md
@@ -5,6 +5,10 @@ description: These encrypted note-taking apps let you keep track of your notes w
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Kövesd nyomon jegyzeteid és naplóid anélkül, hogy harmadik félnek adnád át azokat.
Ha jelenleg olyan alkalmazást használsz, mint az Evernote, a Google Keep vagy a Microsoft OneNote, javasoljuk, hogy válassz egy olyan alternatívát, amely támogatja az End-to-End titksoítást.
diff --git a/i18n/hu/os/ios-overview.md b/i18n/hu/os/ios-overview.md
index 668186b7..1dd65551 100644
--- a/i18n/hu/os/ios-overview.md
+++ b/i18n/hu/os/ios-overview.md
@@ -42,7 +42,7 @@ You can also protect your data by limiting what you sync to iCloud in the first
A paid **iCloud+** subscription (with any iCloud storage plan) comes with some privacy-protecting functionality. While these may provide adequate service for current iCloud customers, we wouldn't recommend purchasing an iCloud+ plan over a [VPN](../vpn.md) and [standalone email aliasing service](../email-aliasing.md) just for these features alone.
-**Private Relay** is a proxy service which relays your Safari traffic through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a full VPN, Private Relay does not protect traffic from your apps outside of Safari.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Hide My Email** is Apple's email aliasing service. You can create an email aliases for free when you *Sign In With Apple* on a website or app, or generate unlimited aliases on demand with a paid iCloud+ plan. Hide My Email has the advantage of using the `@icloud.com` domain for its aliases, which may be less likely to be blocked compared to other email aliasing services, but does not offer functionality offered by standalone services such as automatic PGP encryption or multiple mailbox support.
diff --git a/i18n/hu/passwords.md b/i18n/hu/passwords.md
index 7b33b7fb..ebcaba88 100644
--- a/i18n/hu/passwords.md
+++ b/i18n/hu/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[Introduction to Passwords :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/hu/photo-management.md b/i18n/hu/photo-management.md
index 64b143ee..f2ca837f 100644
--- a/i18n/hu/photo-management.md
+++ b/i18n/hu/photo-management.md
@@ -5,6 +5,11 @@ description: Photo management tools to keep your personal photos safe from the p
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. These options keep your personal photos private, while allowing you to share them only with family and trusted people.
## Ente Photos
diff --git a/i18n/hu/real-time-communication.md b/i18n/hu/real-time-communication.md
index 28f7dfa8..a0cb3f75 100644
--- a/i18n/hu/real-time-communication.md
+++ b/i18n/hu/real-time-communication.md
@@ -6,6 +6,13 @@ description: Other instant messengers make all of your private conversations ava
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[Types of Communication Networks :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -67,7 +74,7 @@ We have some additional tips on configuring and hardening your Signal installati
{ align=right }
-**SimpleX** Chat is an instant messenger that is decentralized and doesn't depend on any unique identifiers such as phone numbers or usernames. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
[:octicons-home-16: Homepage](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Privacy Policy" }
@@ -98,7 +105,7 @@ SimpleX Chat supports basic group chatting functionality, direct messaging, and
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/hu/security-keys.md b/i18n/hu/security-keys.md
index f0b7ee46..f226f82d 100644
--- a/i18n/hu/security-keys.md
+++ b/i18n/hu/security-keys.md
@@ -5,6 +5,11 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A physical **security key** adds a very strong layer of protection to your online accounts. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/hu/tools.md b/i18n/hu/tools.md
index 2be0cf45..e6c6df2e 100644
--- a/i18n/hu/tools.md
+++ b/i18n/hu/tools.md
@@ -31,6 +31,15 @@ Ha további információt szeretnél megtudni az egyes projektekről, hogy miér
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/hu/tor.md b/i18n/hu/tor.md
index 823fe0df..e2eace4e 100644
--- a/i18n/hu/tor.md
+++ b/i18n/hu/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Tor** is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. A magánszemélyek és szervezetek a Tor-hálózaton keresztül a ".onion rejtett szolgáltatásokkal" is megoszthatnak információkat anélkül, hogy veszélyeztetnék a magánéletüket. Mivel a Tor forgalmat nehéz blokkolni és nyomon követni, a Tor hatékony eszköz a cenzúra megkerülésére.
[Részletes Tor áttekintés :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Mielőtt csatlakoznál a Torhoz, kérjük, olvasd el az [áttekintést](advanced
-A Tor-hálózathoz többféleképpen is csatlakozhatsz az eszközödről, a leggyakrabban használt a **Tor Böngésző**, a Firefox egy elágazása, amelyet anonim böngészésre terveztek asztali számítógépekre és Androidra.
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Néhány ilyen alkalmazás jobb, mint mások, a választás a fenyegetettségi szintedtől függ. Ha alkalmi Tor-felhasználó vagy, és nem aggódsz amiatt, hogy az internetszolgáltatód bizonyítékokat gyűjt rólad, akkor az olyan alkalmazások, mint az [Orbot](#orbot) vagy a mobil böngésző alkalmazások használata a Tor-hálózat eléréséhez valószínűleg rendben van. Az emberek számának növelése, akik mindennaposan használják a Tor-t, segít csökkenteni a Tor rossz hírnevét, és csökkenti az ISP-k (internetszolgáltatók) és kormányok által összeállított "Tor felhasználók listáinak" minőségét.
-Ha a teljes anonimitás a legfontosabb számodra, akkor **csak** az asztali Tor Browser klienst használd, ideális esetben egy [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) konfigurációban. A mobil böngészők kevésbé elterjedtek a Toron (emiatt könnyebben lehet ujjlenyomatolni azokat), és más konfigurációkat nem tesztelnek olyan szigorúan a deanonimizálás ellen.
+Ha a teljes anonimitás a legfontosabb számodra, akkor **csak** az asztali Tor Browser klienst használd, ideális esetben egy [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) konfigurációban. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Tor Böngésző
diff --git a/i18n/hu/vpn.md b/i18n/hu/vpn.md
index 5a72abf6..50478f73 100644
--- a/i18n/hu/vpn.md
+++ b/i18n/hu/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/id/alternative-networks.md b/i18n/id/alternative-networks.md
index 7cb3470e..a3ebda7c 100644
--- a/i18n/id/alternative-networks.md
+++ b/i18n/id/alternative-networks.md
@@ -5,9 +5,15 @@ description: These tools allow you to access networks other than the World Wide
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## Anonymizing Networks
-When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your anonymity, unless you know what you're doing.
+When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### Tor
@@ -15,7 +21,7 @@ When it comes to anonymizing networks, we want to specially note that [Tor](adva
{ align=right }
-The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individu dan organisasi juga dapat berbagi informasi melalui jaringan Tor dengan "layanan tersembunyi .onion" tanpa mengorbankan privasi mereka. Karena lalu lintas Tor sulit diblokir dan dilacak, Tor merupakan alat pengelabuan sensor yang efektif.
+The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individu dan organisasi juga dapat berbagi informasi melalui jaringan Tor dengan "layanan tersembunyi .onion" tanpa mengorbankan privasi mereka. Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title=Homepage }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
diff --git a/i18n/id/android/distributions.md b/i18n/id/android/distributions.md
index 292d2a8d..2997d65f 100644
--- a/i18n/id/android/distributions.md
+++ b/i18n/id/android/distributions.md
@@ -29,6 +29,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A **custom Android-based operating system** (often known as a **custom ROM**) is a popular way to achieve higher levels of privacy and security on your device. This is in contrast to the "stock" version of Android which comes with your phone from the factory, and is often deeply integrated with Google Play Services.
We recommend installing one of these custom Android operating systems on your device, listed in order of preference, depending on your device's compatibility with these operating systems.
diff --git a/i18n/id/android/general-apps.md b/i18n/id/android/general-apps.md
index e119f124..70f29724 100644
--- a/i18n/id/android/general-apps.md
+++ b/i18n/id/android/general-apps.md
@@ -91,6 +91,11 @@ The image orientation metadata is not deleted. If you enable location (in Secure
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/id/browser-extensions.md b/i18n/id/browser-extensions.md
index f42588a8..ca4f1c6e 100644
--- a/i18n/id/browser-extensions.md
+++ b/i18n/id/browser-extensions.md
@@ -5,6 +5,10 @@ description: These browser extensions can enhance your browsing experience and p
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
In general, we recommend keeping your browser extensions to a minimum to decrease your attack surface. They have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
However, some provide functionality which can outweigh these downsides in certain situations, particularly when it comes to [content blocking](basics/common-threats.md#mass-surveillance-programs).
@@ -56,7 +60,7 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
{ align=right }
-**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function.
+**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/id/calendar.md b/i18n/id/calendar.md
index d5d18ecc..7a01dc06 100644
--- a/i18n/id/calendar.md
+++ b/i18n/id/calendar.md
@@ -5,6 +5,11 @@ description: Calendars contain some of your most sensitive data; use products th
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Serangan Pasif](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Penyedia Layanan](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Calendars** contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
## Tuta
diff --git a/i18n/id/cloud.md b/i18n/id/cloud.md
index 4835d48a..2421006c 100644
--- a/i18n/id/cloud.md
+++ b/i18n/id/cloud.md
@@ -6,6 +6,11 @@ description: Many cloud storage providers require your trust that they will not
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Serangan Pasif](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Penyedia Layanan](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. The alternatives listed below eliminate the need for trust by implementing secure E2EE.
If these alternatives do not fit your needs, we suggest you look into using encryption software like [Cryptomator](encryption.md#cryptomator-cloud) with another cloud provider. Using Cryptomator in conjunction with **any** cloud provider (including these) may be a good idea to reduce the risk of encryption flaws in a provider's native clients.
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech).
+**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/id/cryptocurrency.md b/i18n/id/cryptocurrency.md
index 66fef2b0..f520cf6a 100644
--- a/i18n/id/cryptocurrency.md
+++ b/i18n/id/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: Pengawasan Massal](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Penyensoran](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
Melakukan pembayaran secara daring adalah salah satu tantangan terbesar bagi privasi. Mata uang kripto di bawah ini menyediakan privasi transaksi secara bawaan (sesuatu yang **tidak** dijamin oleh sebagian besar mata uang kripto), asalkan Anda memiliki pemahaman yang kuat tentang cara melakukan pembayaran pribadi secara efektif. Kami sangat menyarankan Anda untuk membaca artikel ikhtisar pembayaran kami terlebih dahulu sebelum melakukan pembelian:
[Melakukan Pembayaran Pribadi :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -20,9 +25,9 @@ Banyak atau bahkan sebagian besar proyek mata uang kripto adalah penipuan. Lakuk
-{ align=right }
+{ align=right }
-**Monero** menggunakan blockchain dengan teknologi yang meningkatkan privasi yang mengaburkan transaksi untuk mencapai anonimitas. Setiap transaksi Monero menyembunyikan jumlah transaksi, alamat pengirim dan penerima, dan sumber dana tanpa ada rintangan yang harus dilewati, menjadikannya pilihan ideal untuk pemula mata uang kripto.
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. Setiap transaksi Monero menyembunyikan jumlah transaksi, alamat pengirim dan penerima, dan sumber dana tanpa ada rintangan yang harus dilewati, menjadikannya pilihan ideal untuk pemula mata uang kripto.
[:octicons-home-16: Homepage](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentation}
diff --git a/i18n/id/desktop-browsers.md b/i18n/id/desktop-browsers.md
index 25e44eb4..9b6d30d0 100644
--- a/i18n/id/desktop-browsers.md
+++ b/i18n/id/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Kapitalisme Pengawasan](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **desktop web browsers** and configurations for standard/non-anonymous browsing. Kami merekomendasikan [Mullvad Browser](#mullvad-browser) jika Anda berfokus pada perlindungan privasi yang kuat dan anti-fingerprinting otomatis, [Firefox](#firefox) bagi para penjelajah internet biasa yang mencari alternatif baik untuk Google Chrome, dan [Brave](#brave) jika Anda membutuhkan kompabilitas browser Chromium.
Jika Anda perlu menjelajah internet secara anonim, Anda sebaiknya menggunakan [Tor](tor.md) saja. Kami memberikan beberapa rekomendasi konfigurasi di halaman ini, tetapi semua browser selain Tor Browser akan dapat dilacak oleh * seseorang* dengan suatu cara.
@@ -67,7 +71,7 @@ Jika Anda perlu menjelajah internet secara anonim, Anda sebaiknya menggunakan [T
{ align=right }
-**Mullvad Browser** adalah versi dari [Tor Browser](tor.md#tor-browser) dengan integrasi jaringan Tor yang telah dihilangkan. Mullvad Browser bertujuan untuk menyediakan teknologi peramban anti-fingerprinting yang ada di Peramban Tor kepada pengguna VPN. It is developed by the Tor Project and distributed by [Mullvad](vpn.md#mullvad), and does **not** require the use of Mullvad's VPN.
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. It is developed by the Tor Project and distributed by [Mullvad](vpn.md#mullvad), and does **not** require the use of Mullvad's VPN.
[:octicons-home-16: Homepage](https://mullvad.net/en/browser){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mullvad.net/en/help/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/id/device-integrity.md b/i18n/id/device-integrity.md
index fb19bab5..7de334df 100644
--- a/i18n/id/device-integrity.md
+++ b/i18n/id/device-integrity.md
@@ -45,6 +45,10 @@ These tools provide analysis based on the information they have the ability to a
## External Verification Tools
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -128,6 +132,11 @@ iMazing automates and interactively guides you through the process of using [MVT
## On-Device Verification
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
@@ -181,6 +190,10 @@ If your [threat model](basics/threat-modeling.md) requires privacy, you could co
## On-Device Scanners
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install on your device which scan your device for signs of compromise.
@@ -221,7 +234,7 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
{ align=right }
-**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Homepage](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/id/dns.md b/i18n/id/dns.md
index 1b01e386..8ea5aa71 100644
--- a/i18n/id/dns.md
+++ b/i18n/id/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Kapitalisme Pengawasan](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
DNS terenkripsi dengan server pihak ketiga sebaiknya hanya digunakan untuk mengatasi pemblokiran [DNS dasar](https://en.wikipedia.org/wiki/DNS_blocking) ketika Anda yakin tidak akan ada konsekuensi apa pun. DNS yang terenkripsi tidak akan membantu menyembunyikan aktivitas penjelajahan Anda.
[Pelajari lebih lanjut tentang DNS :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/id/document-collaboration.md b/i18n/id/document-collaboration.md
index ab75dab3..b4950e5a 100644
--- a/i18n/id/document-collaboration.md
+++ b/i18n/id/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/id/email-aliasing.md b/i18n/id/email-aliasing.md
index 27326a67..b7a4c534 100644
--- a/i18n/id/email-aliasing.md
+++ b/i18n/id/email-aliasing.md
@@ -5,6 +5,11 @@ description: An email aliasing service allows you to easily generate a new email
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md). True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
diff --git a/i18n/id/encryption.md b/i18n/id/encryption.md
index f3bca014..995bc82f 100644
--- a/i18n/id/encryption.md
+++ b/i18n/id/encryption.md
@@ -14,11 +14,15 @@ Opsi yang tercantum di sini adalah multi-platform dan sangat bagus untuk membuat
### Cryptomator (Awan)
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Serangan Pasif](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
-{ align=right }
+{ align=right }
-**Cryptomator** adalah solusi enkripsi yang dirancang untuk menyimpan berkas secara pribadi ke penyedia layanan awan mana pun. Ini memungkinkan Anda untuk membuat brankas yang disimpan di penyimpanan virtual, yang isinya dienkripsi dan disinkronkan dengan penyedia penyimpanan awan Anda.
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. Ini memungkinkan Anda untuk membuat brankas yang disimpan di penyimpanan virtual, yang isinya dienkripsi dan disinkronkan dengan penyedia penyimpanan awan Anda.
[:octicons-home-16: Homepage](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Privacy Policy" }
@@ -49,6 +53,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Picocrypt (File)
+
Protects against the following threat(s):
+
+- [:material-target-account: Serangan Bertarget](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -72,6 +80,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### VeraCrypt (Disk)
+
Protects against the following threat(s):
+
+- [:material-target-account: Serangan Bertarget](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -103,6 +115,10 @@ Truecrypt has been [audited a number of times](https://en.wikipedia.org/wiki/Tru
## OS Full Disk Encryption
+
Protects against the following threat(s):
+
+- [:material-target-account: Serangan Bertarget](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Untuk mengenkripsi kandar tempat sistem operasi Anda melakukan but, kami umumnya menyarankan untuk mengaktifkan perangkat lunak enkripsi yang disertakan dengan sistem operasi, alih-alih menggunakan alat pihak ketiga. Hal ini karena alat enkripsi asli sistem operasi Anda sering kali menggunakan OS dan fitur khusus perangkat keras seperti [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) di perangkat Anda untuk melindungi komputer Anda dari serangan fisik yang lebih canggih. Untuk kandar sekunder dan kandar eksternal yang *tidak* Anda gunakan untuk melakukan but, kami tetap menyarankan untuk menggunakan alat bantu sumber terbuka seperti [VeraCrypt](#veracrypt-disk) alih-alih alat bantu di bawah ini, karena alat bantu ini menawarkan fleksibilitas tambahan dan memungkinkan Anda menghindari penguncian dari vendor.
### BitLocker
@@ -227,6 +243,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## Baris perintah
+
Protects against the following threat(s):
+
+- [:material-target-account: Serangan Bertarget](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Tools with command-line interfaces are useful for integrating [shell scripts](https://en.wikipedia.org/wiki/Shell_script).
### Kryptor
@@ -273,6 +293,12 @@ Tools with command-line interfaces are useful for integrating [shell scripts](ht
## OpenPGP
+
Protects against the following threat(s):
+
+- [:material-target-account: Serangan Bertarget](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Serangan Pasif](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Penyedia Layanan](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP is sometimes needed for specific tasks such as digitally signing and encrypting email. PGP has many features and is [complex](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) as it has been around a long time. For tasks such as signing or encrypting files, we suggest the above options.
When encrypting with PGP, you have the option to configure different options in your `gpg.conf` file. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/id/file-sharing.md b/i18n/id/file-sharing.md
index bfc8ecea..bc1cb044 100644
--- a/i18n/id/file-sharing.md
+++ b/i18n/id/file-sharing.md
@@ -5,6 +5,10 @@ description: Temukan cara berbagi file secara pribadi di antara perangkat Anda,
cover: file-sharing.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Penyedia Layanan](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Temukan cara berbagi file secara pribadi di antara perangkat Anda, dengan teman dan keluarga, atau secara anonim secara online.
## Berbagi File
@@ -37,9 +41,9 @@ ffsend upload --host https://send.vis.ee/ FILE
-{ align=right }
+{ align=right }
-**OnionShare** adalah alat sumber terbuka yang memungkinkan Anda berbagi file dengan aman dan anonim dalam berbagai ukuran. Ia bekerja dengan memulai server web yang dapat diakses sebagai layanan Tor onion, dengan URL yang tidak dapat dibaca yang dapat Anda bagikan dengan penerima untuk mengunduh atau mengirim berkas.
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. Ia bekerja dengan memulai server web yang dapat diakses sebagai layanan Tor onion, dengan URL yang tidak dapat dibaca yang dapat Anda bagikan dengan penerima untuk mengunduh atau mengirim berkas.
[:octicons-home-16: Homepage](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Onion Service" }
@@ -57,6 +61,8 @@ ffsend upload --host https://send.vis.ee/ FILE
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### Kriteria
**Harap diperhatikan bahwa kami tidak berafiliasi dengan proyek-proyek yang kami rekomendasikan.** Selain [kriteria standar kami](about/criteria.md), kami telah mengembangkan serangkaian persyaratan yang jelas untuk memungkinkan kami memberikan rekomendasi yang objektif. Kami sarankan Anda membiasakan diri dengan daftar ini sebelum memilih untuk menggunakan sebuah proyek, dan melakukan penelitian sendiri untuk memastikan bahwa itu adalah pilihan yang tepat untuk Anda.
diff --git a/i18n/id/language-tools.md b/i18n/id/language-tools.md
index d7cff7c8..17f740f7 100644
--- a/i18n/id/language-tools.md
+++ b/i18n/id/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/id/mobile-browsers.md b/i18n/id/mobile-browsers.md
index 9a0641e3..3a99de45 100644
--- a/i18n/id/mobile-browsers.md
+++ b/i18n/id/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Kapitalisme Pengawasan](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. Jika Anda perlu menjelajah internet secara anonim, Anda sebaiknya menggunakan [Tor](tor.md) saja.
## Android
diff --git a/i18n/id/mobile-phones.md b/i18n/id/mobile-phones.md
index f8ef1fd2..2dca9d00 100644
--- a/i18n/id/mobile-phones.md
+++ b/i18n/id/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/id/multi-factor-authentication.md b/i18n/id/multi-factor-authentication.md
index f724922f..ed49b33a 100644
--- a/i18n/id/multi-factor-authentication.md
+++ b/i18n/id/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Serangan Bertarget](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Hardware Keys
diff --git a/i18n/id/notebooks.md b/i18n/id/notebooks.md
index e546e9c5..eb3e8aa8 100644
--- a/i18n/id/notebooks.md
+++ b/i18n/id/notebooks.md
@@ -5,6 +5,10 @@ description: These encrypted note-taking apps let you keep track of your notes w
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Penyedia Layanan](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Keep track of your notes and journalings without giving them to a third-party.
If you are currently using an application like Evernote, Google Keep, or Microsoft OneNote, we suggest you pick an alternative here that supports E2EE.
diff --git a/i18n/id/os/ios-overview.md b/i18n/id/os/ios-overview.md
index 4962fa0b..15d18b76 100644
--- a/i18n/id/os/ios-overview.md
+++ b/i18n/id/os/ios-overview.md
@@ -42,7 +42,7 @@ You can also protect your data by limiting what you sync to iCloud in the first
A paid **iCloud+** subscription (with any iCloud storage plan) comes with some privacy-protecting functionality. While these may provide adequate service for current iCloud customers, we wouldn't recommend purchasing an iCloud+ plan over a [VPN](../vpn.md) and [standalone email aliasing service](../email-aliasing.md) just for these features alone.
-**Private Relay** is a proxy service which relays your Safari traffic through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a full VPN, Private Relay does not protect traffic from your apps outside of Safari.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Hide My Email** is Apple's email aliasing service. You can create an email aliases for free when you *Sign In With Apple* on a website or app, or generate unlimited aliases on demand with a paid iCloud+ plan. Hide My Email has the advantage of using the `@icloud.com` domain for its aliases, which may be less likely to be blocked compared to other email aliasing services, but does not offer functionality offered by standalone services such as automatic PGP encryption or multiple mailbox support.
diff --git a/i18n/id/passwords.md b/i18n/id/passwords.md
index 2cd32dfc..b2bf42cd 100644
--- a/i18n/id/passwords.md
+++ b/i18n/id/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Serangan Bertarget](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Serangan Pasif](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Penyedia Layanan](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[Pengantar Kata Sandi :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/id/photo-management.md b/i18n/id/photo-management.md
index d0b89147..dbd73e7c 100644
--- a/i18n/id/photo-management.md
+++ b/i18n/id/photo-management.md
@@ -5,6 +5,11 @@ description: Photo management tools to keep your personal photos safe from the p
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. These options keep your personal photos private, while allowing you to share them only with family and trusted people.
## Ente Photos
diff --git a/i18n/id/real-time-communication.md b/i18n/id/real-time-communication.md
index da509ee4..069c7b35 100644
--- a/i18n/id/real-time-communication.md
+++ b/i18n/id/real-time-communication.md
@@ -6,6 +6,13 @@ description: Other instant messengers make all of your private conversations ava
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Serangan Pasif](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Penyedia Layanan](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: Pengawasan Massal](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: Kapitalisme Pengawasan](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[Types of Communication Networks :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -67,7 +74,7 @@ We have some additional tips on configuring and hardening your Signal installati
{ align=right }
-**SimpleX** Chat is an instant messenger that is decentralized and doesn't depend on any unique identifiers such as phone numbers or usernames. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
[:octicons-home-16: Homepage](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Privacy Policy" }
@@ -98,7 +105,7 @@ SimpleX Chat supports basic group chatting functionality, direct messaging, and
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/id/security-keys.md b/i18n/id/security-keys.md
index 58290f87..ddd2ec43 100644
--- a/i18n/id/security-keys.md
+++ b/i18n/id/security-keys.md
@@ -5,6 +5,11 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A physical **security key** adds a very strong layer of protection to your online accounts. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/id/tools.md b/i18n/id/tools.md
index 6aabf8f9..ce255617 100644
--- a/i18n/id/tools.md
+++ b/i18n/id/tools.md
@@ -31,6 +31,15 @@ Untuk detail lebih lanjut tentang setiap proyek, mengapa proyek tersebut dipilih
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/id/tor.md b/i18n/id/tor.md
index 76161f77..338fcf46 100644
--- a/i18n/id/tor.md
+++ b/i18n/id/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: Kapitalisme Pengawasan](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: Pengawasan Massal](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Penyensoran](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Tor** is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individu dan organisasi juga dapat berbagi informasi melalui jaringan Tor dengan "layanan tersembunyi .onion" tanpa mengorbankan privasi mereka. Karena lalu lintas Tor sulit diblokir dan dilacak, Tor merupakan alat pengelabuan sensor yang efektif.
[Ikhtisar Tor Terperinci :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-
-Ada berbagai cara untuk terhubung ke jaringan Tor dari perangkat Anda, yang paling umum digunakan adalah **Tor Browser**, sebuah fork dari Firefox yang dirancang untuk penjelajahan anonim untuk komputer desktop dan Android.
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
-If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Tor Browser
diff --git a/i18n/id/vpn.md b/i18n/id/vpn.md
index 3284d1d1..e21eb7db 100644
--- a/i18n/id/vpn.md
+++ b/i18n/id/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: Kapitalisme Pengawasan](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/it/alternative-networks.md b/i18n/it/alternative-networks.md
index 0834ec36..22bdc6ac 100644
--- a/i18n/it/alternative-networks.md
+++ b/i18n/it/alternative-networks.md
@@ -5,9 +5,15 @@ description: These tools allow you to access networks other than the World Wide
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## Anonymizing Networks
-When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your anonymity, unless you know what you're doing.
+When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### Tor
@@ -15,7 +21,7 @@ When it comes to anonymizing networks, we want to specially note that [Tor](adva
{ align=right }
-The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individui e organizzazioni possono inoltre condividere le informazioni tramite la rete Tor con i "servizi nascosti .onion", senza comprometterne la privacy. Poiché il traffico di Tor è difficile da bloccare e tracciare, è un efficace strumento di elusione della censura.
+The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individui e organizzazioni possono inoltre condividere le informazioni tramite la rete Tor con i "servizi nascosti .onion", senza comprometterne la privacy. Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title=Homepage }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
diff --git a/i18n/it/android/distributions.md b/i18n/it/android/distributions.md
index f544191b..7ebbd348 100644
--- a/i18n/it/android/distributions.md
+++ b/i18n/it/android/distributions.md
@@ -29,6 +29,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A **custom Android-based operating system** (often known as a **custom ROM**) is a popular way to achieve higher levels of privacy and security on your device. This is in contrast to the "stock" version of Android which comes with your phone from the factory, and is often deeply integrated with Google Play Services.
We recommend installing one of these custom Android operating systems on your device, listed in order of preference, depending on your device's compatibility with these operating systems.
diff --git a/i18n/it/android/general-apps.md b/i18n/it/android/general-apps.md
index 299d3a45..9f38cea0 100644
--- a/i18n/it/android/general-apps.md
+++ b/i18n/it/android/general-apps.md
@@ -91,6 +91,11 @@ The image orientation metadata is not deleted. If you enable location (in Secure
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/it/browser-extensions.md b/i18n/it/browser-extensions.md
index 99ef273b..a3489d7a 100644
--- a/i18n/it/browser-extensions.md
+++ b/i18n/it/browser-extensions.md
@@ -5,6 +5,10 @@ description: These browser extensions can enhance your browsing experience and p
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
In general, we recommend keeping your browser extensions to a minimum to decrease your attack surface. They have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
However, some provide functionality which can outweigh these downsides in certain situations, particularly when it comes to [content blocking](basics/common-threats.md#mass-surveillance-programs).
@@ -56,7 +60,7 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
{ align=right }
-**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function.
+**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/it/calendar.md b/i18n/it/calendar.md
index 440ea23e..1b12404f 100644
--- a/i18n/it/calendar.md
+++ b/i18n/it/calendar.md
@@ -5,6 +5,11 @@ description: I calendari contengono alcuni dei tuoi dati più sensibili; utilizz
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Attacchi Passivi](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Fornitori di Servizi](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Calendars** contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
## Tuta
diff --git a/i18n/it/cloud.md b/i18n/it/cloud.md
index 316db682..2419048a 100644
--- a/i18n/it/cloud.md
+++ b/i18n/it/cloud.md
@@ -6,6 +6,11 @@ description: Molti fornitori di spazio d'archiviazione su cloud richiedono ti ri
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Attacchi Passivi](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Fornitori di Servizi](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. Le alternative elencate di seguito eliminano la necessità di fiducia implementando l'E2EE.
Se queste alternative non soddisfano le tue esigenze, ti suggeriamo di utilizzare un software di crittografia come [Cryptomator](encryption.md#cryptomator-cloud), con un altro fornitore su cloud. L'utilizzo di Cryptomator insieme a **qualsiasi** fornitore su cloud (compresi questi), può essere una buona idea per ridurre il rischio di vulnerabilità di crittografia nei client nativi di un fornitore.
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech).
+**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/it/cryptocurrency.md b/i18n/it/cryptocurrency.md
index dcd857b0..ba14a05b 100644
--- a/i18n/it/cryptocurrency.md
+++ b/i18n/it/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: Sorveglianza di massa](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censura](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
Effettuare pagamenti online è una delle maggiori sfide per la privacy. Queste criptovalute offrono la privacy delle transazioni di default (cosa che **non** è garantita dalla maggior parte delle criptovalute), a condizione che si abbia una buona conoscenza di come effettuare pagamenti privati in modo efficace. Ti consigliamo vivamente di leggere prima il nostro articolo panoramico sui pagamenti prima di effettuare qualsiasi acquisto:
[Effettuare pagamenti privati :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -20,9 +25,9 @@ Molte, se non la gran parte delle criptovalute sono delle truffe. Effettua atten
-{ align=right }
+{ align=right }
-**Monero** utilizza una blockchain con tecnologie che migliorano la privacy e offuscano le transazioni per ottenere l'anonimato. Ogni transazione di Monero nasconde l'importo della transazione, gli indirizzi di invio e ricezione e la fonte dei fondi senza dover fare i salti mortali, il che la rende una scelta ideale per i neofiti delle criptovalute.
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. Ogni transazione di Monero nasconde l'importo della transazione, gli indirizzi di invio e ricezione e la fonte dei fondi senza dover fare i salti mortali, il che la rende una scelta ideale per i neofiti delle criptovalute.
[:octicons-home-16: Homepage](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentation}
diff --git a/i18n/it/desktop-browsers.md b/i18n/it/desktop-browsers.md
index 4c2ea276..0dc4b624 100644
--- a/i18n/it/desktop-browsers.md
+++ b/i18n/it/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Capitalismo di sorveglianza](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **desktop web browsers** and configurations for standard/non-anonymous browsing. Consigliamo [Mullvad Browser](#mullvad-browser) se sei interessato a una forte protezione della privacy e all'anti-fingerprinting pronti all'uso, [Firefox](#firefox) per i navigatori occasionali di Internet alla ricerca di una buona alternativa a Google Chrome e [Brave](#brave), se necessiti della compatibilità del browser con Chromium.
Invece, se necessiti di navigare anonimamente su Internet, dovresti utilizzare [Tor](tor.md). In questa pagina forniamo alcune raccomandazioni sulla configurazione, ma tutti i browser diversi da Tor Browser saranno rintracciabili da *qualcuno* in un modo o nell'altro.
@@ -67,7 +71,7 @@ Invece, se necessiti di navigare anonimamente su Internet, dovresti utilizzare [
{ align=right }
-**Mullvad Browser** è una versione di [Tor Browser](tor.md#tor-browser) con le integrazioni della rete Tor rimosse, con l'obiettivo di fornire le tecnologie anti-fingerprinting di Tor Browser agli utenti che usano una VPN. Sviluppato dal Tor Project e distribuito da [Mullvad](vpn.md#mullvad), **non** richiede l'utilizzo della VPN di Mullvad.
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. Sviluppato dal Tor Project e distribuito da [Mullvad](vpn.md#mullvad), **non** richiede l'utilizzo della VPN di Mullvad.
[:octicons-home-16: Pagina Iniziale](https://mullvad.net/en/browser){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mullvad.net/en/help/privacy-policy){ .card-link title="Politica sulla privacy" }
diff --git a/i18n/it/device-integrity.md b/i18n/it/device-integrity.md
index 41ca0fba..3f13bd44 100644
--- a/i18n/it/device-integrity.md
+++ b/i18n/it/device-integrity.md
@@ -45,6 +45,10 @@ Questi strumenti forniscono analisi basate sulle informazioni a cui possono acce
## Strumenti di verifica esterni
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -128,6 +132,11 @@ iMazing automatizza e ti guida interattivamente al procedimento di utilizzo di [
## Verifica su dispositivo
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Si tratta di app installabili che controllano il tuo dispositivo e il sistema operativo, in cerca di segni di manomissione, convalidandone l'identità.
@@ -181,6 +190,10 @@ Se il tuo [modello di minaccia](basics/threat-modeling.md) richiede la privacy,
## Scanner su dispositivo
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Si tratta di app che puoi installare sul tuo dispositivo, che lo scansionano in cerca di segni di compromissione.
@@ -221,7 +234,7 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
{ align=right }
-**iVerify Basic** è un'applicazione per iOS in grado di scansionare il tuo dispositivo per verificare le impostazioni di configurazione, il livello di patch e altre aree di sicurezza. Inoltre, controlla il dispositivo alla ricerca di indicatori di compromissione da parte di strumenti di jailbreak o spyware come Pegasus.
+**iVerify Basic** è un'applicazione per iOS in grado di scansionare il tuo dispositivo per verificare le impostazioni di configurazione, il livello di patch e altre aree di sicurezza. It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Homepage](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/it/dns.md b/i18n/it/dns.md
index 32c616ab..ce2ce1f4 100644
--- a/i18n/it/dns.md
+++ b/i18n/it/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Capitalismo di sorveglianza](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
I DNS crittografati con server di terze parti dovrebbero essere utilizzati soltanto per aggirare il [blocco DNS](https://en.wikipedia.org/wiki/DNS_blocking) di base, quando si può esser certi che non vi sarà alcuna conseguenza. Il DNS crittografato non ti aiuterà a nascondere alcuna tua attività di navigazione.
[Scopri di più sul DNS :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/it/document-collaboration.md b/i18n/it/document-collaboration.md
index 629eeafb..6fa57d5c 100644
--- a/i18n/it/document-collaboration.md
+++ b/i18n/it/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/it/email-aliasing.md b/i18n/it/email-aliasing.md
index 69374ff1..1d2eb0d8 100644
--- a/i18n/it/email-aliasing.md
+++ b/i18n/it/email-aliasing.md
@@ -5,6 +5,11 @@ description: An email aliasing service allows you to easily generate a new email
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md). True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
diff --git a/i18n/it/encryption.md b/i18n/it/encryption.md
index 3c7e01d4..5f57ecd0 100644
--- a/i18n/it/encryption.md
+++ b/i18n/it/encryption.md
@@ -14,11 +14,15 @@ Le opzioni qui elencate sono multipiattaforma e ottime per creare backup crittog
### Cryptomator (Cloud)
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Attacchi Passivi](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
{ align=right }
-**Cryptomator** è una soluzione per la crittografia progettata per salvare privatamente i file di qualsiasi provider cloud. Ti consente di creare cassaforti memorizzate su un'unità virtuale, i cui contenuti sono crittografati e sincronizzati con il tuo fornitore d'archiviazione su cloud.
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. Ti consente di creare cassaforti memorizzate su un'unità virtuale, i cui contenuti sono crittografati e sincronizzati con il tuo fornitore d'archiviazione su cloud.
[:octicons-home-16: Pagina Principale](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Politica sulla Privacy" }
@@ -49,6 +53,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Picocrypt (File)
+
Protects against the following threat(s):
+
+- [:material-target-account: Attacchi Mirati](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -72,6 +80,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### VeraCrypt (Disco)
+
Protects against the following threat(s):
+
+- [:material-target-account: Attacchi Mirati](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -103,6 +115,10 @@ Truecrypt è stato [controllato numerose volte](https://en.wikipedia.org/wiki/Tr
## Crittografia dell'intero disco del sistema operativo
+
Protects against the following threat(s):
+
+- [:material-target-account: Attacchi Mirati](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Per crittografare l'unità da cui si avvia il sistema operativo, in genere si consiglia di attivare il software di crittografia fornito con il sistema operativo piuttosto che utilizzare uno strumento di terze parti. Questo perché gli strumenti di crittografia nativi del sistema operativo spesso utilizzano caratteristiche specifiche del sistema operativo e dell'hardware, come il [cryptoprocessor](https://it.wikipedia.org/wiki/Cryptoprocessor) nel dispositivo, per proteggere il computer da attacchi fisici più avanzati. Per le unità secondarie e le unità esterne da cui *non* si effettua l'avvio, si consiglia comunque di utilizzare strumenti open-source come [VeraCrypt](#veracrypt-disk) rispetto a quelli indicati di seguito, perché offrono una maggiore flessibilità e consentono di evitare il vendor lock-in.
### BitLocker
@@ -227,6 +243,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## Riga di comando
+
Protects against the following threat(s):
+
+- [:material-target-account: Attacchi Mirati](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Gli strumenti con interfacce di riga di comando sono utili per integrare gli [script della shell](https://en.wikipedia.org/wiki/Shell_script).
### Kryptor
@@ -273,6 +293,12 @@ Gli strumenti con interfacce di riga di comando sono utili per integrare gli [sc
## OpenPGP
+
Protects against the following threat(s):
+
+- [:material-target-account: Attacchi Mirati](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Attacchi Passivi](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Fornitori di Servizi](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP è talvolta necessario per incarichi specifici, come firmare digitalmente e crittografare un'email. PGP include molte funzionalità ed è [complesso](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html), dato che è in circolazione da molto tempo. Per gli incarichi come firmare o crittografare i file, suggeriamo le opzioni precedenti.
Crittografando con PGP, puoi configurare diverse opzioni nel tuo file `gpg.config`. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/it/file-sharing.md b/i18n/it/file-sharing.md
index 482f1958..07d73108 100644
--- a/i18n/it/file-sharing.md
+++ b/i18n/it/file-sharing.md
@@ -5,6 +5,10 @@ description: Scopri come condividere privatamente i tuoi file tra i tuoi disposi
cover: file-sharing.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Fornitori di Servizi](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Scopri come condividere privatamente i tuoi file tra i tuoi dispositivi, con i tuoi amici e familiari, o anonimamente online.
## Condivisione di file
@@ -37,9 +41,9 @@ ffsend upload --host https://send.vis.ee/ FILE
-{ align=right }
+{ align=right }
-**OnionShare** è uno strumento open source che consente di condividere in modo sicuro e anonimo file di qualsiasi dimensione. Funziona avviando un server web accessibile come servizio Tor onion, con un URL inesplicabile che si può condividere con i destinatari per scaricare o inviare file.
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. Funziona avviando un server web accessibile come servizio Tor onion, con un URL inesplicabile che si può condividere con i destinatari per scaricare o inviare file.
[:octicons-home-16: Homepage](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Servizio Onion" }
@@ -57,6 +61,8 @@ ffsend upload --host https://send.vis.ee/ FILE
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### Criteri
**Ti preghiamo di notare che non siamo affiliati con alcun progetto consigliato.** Oltre ai [nostri criteri standard](about/criteria.md), abbiamo sviluppato una serie chiara di requisiti per consentirci di fornire consigli oggettivi. Ti suggeriamo di familiarizzare con questo elenco prima di scegliere di utilizzare un progetto e di condurre le tue ricerche per assicurarti che si tratti della scelta adatta a te.
diff --git a/i18n/it/language-tools.md b/i18n/it/language-tools.md
index 78f1b4e6..935e1135 100644
--- a/i18n/it/language-tools.md
+++ b/i18n/it/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/it/mobile-browsers.md b/i18n/it/mobile-browsers.md
index ec9fd618..bfc59cd5 100644
--- a/i18n/it/mobile-browsers.md
+++ b/i18n/it/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Capitalismo di sorveglianza](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. Se hai bisogno di navigare in Internet in modo anonimo, dovresti invece usare [Tor](tor.md).
## Android
diff --git a/i18n/it/mobile-phones.md b/i18n/it/mobile-phones.md
index 722a03ce..d6729d77 100644
--- a/i18n/it/mobile-phones.md
+++ b/i18n/it/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/it/multi-factor-authentication.md b/i18n/it/multi-factor-authentication.md
index 6ab1fe53..82186703 100644
--- a/i18n/it/multi-factor-authentication.md
+++ b/i18n/it/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: Questi strumenti ti assistono nella protezione dei tuoi account Int
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Attacchi Mirati](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Chiavi Hardware
diff --git a/i18n/it/notebooks.md b/i18n/it/notebooks.md
index 1ec62219..5d0a4a23 100644
--- a/i18n/it/notebooks.md
+++ b/i18n/it/notebooks.md
@@ -5,6 +5,10 @@ description: Queste app di appunti crittografate ti consentono di tenere traccia
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Fornitori di Servizi](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Monitora le tue note e i tuoi diari senza doverli dare a una terza parte.
Se stai utilizzando un'applicazione come Evernote, Google Keep o Microsoft OneNote, suggeriamo di selezionare qui un'alternativa, che supporti l'E2EE.
diff --git a/i18n/it/os/ios-overview.md b/i18n/it/os/ios-overview.md
index 03328d0b..bdee1db9 100644
--- a/i18n/it/os/ios-overview.md
+++ b/i18n/it/os/ios-overview.md
@@ -42,7 +42,7 @@ Inoltre, in primo luogo, puoi proteggere i tuoi dati limitando ciò che sincroni
Un abbonamento a pagamento a **iCloud+** (con qualsiasi piano di archiviazione su iCloud), fornisce alcune funzionalità di protezione della privacy. While these may provide adequate service for current iCloud customers, we wouldn't recommend purchasing an iCloud+ plan over a [VPN](../vpn.md) and [standalone email aliasing service](../email-aliasing.md) just for these features alone.
-**Private Relay** è un servizio di proxy che inoltra il tuo traffico di Safari attraverso due server: uno posseduto da Apple e uno da un fornitore di terze parti (tra cui Akamai, Cloudflare e Fastly). In teoria, ciò dovrebbe impedire a qualsiasi singolo fornitore nella catena, Apple inclusa, dall'avere una piena visibilità di quali siti web visiti mentre sei connesso. A differenza di una VPN completa, Private Relay non protegge il traffico dalle tue app, all'esterno di Safari.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In teoria, ciò dovrebbe impedire a qualsiasi singolo fornitore nella catena, Apple inclusa, dall'avere una piena visibilità di quali siti web visiti mentre sei connesso. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Hide My Email** è il servizio di alias email di Apple. Puoi creare un alias email gratuitamente quando *Accedi Con Apple* su un sito web o un'app, o generarne di illimitati su richiesta, con un piano iCloud+ a pagamento. Hide My Email ha il vantaggio di utilizzare il dominio `@icloud.com` per i propri alias, riducendo la probabilità di essere bloccato rispetto ad altri servizi di alias email, ma non offrendo le funzionalità offerte dai servizi indipendenti, come la crittografia PGP automatica o il supporto a più caselle.
diff --git a/i18n/it/passwords.md b/i18n/it/passwords.md
index 9a6ce53c..fd249ec6 100644
--- a/i18n/it/passwords.md
+++ b/i18n/it/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Attacchi Mirati](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Attacchi Passivi](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Fornitori di Servizi](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[Introduzione alle password :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/it/photo-management.md b/i18n/it/photo-management.md
index 878eb8d5..ec868bf2 100644
--- a/i18n/it/photo-management.md
+++ b/i18n/it/photo-management.md
@@ -5,6 +5,11 @@ description: Strumenti di gestione delle foto per tenere le foto personali al si
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. Queste opzioni mantengono le foto personali private, consentendo di condividerle solo con i familiari e le persone fidate.
## Ente Photos
diff --git a/i18n/it/real-time-communication.md b/i18n/it/real-time-communication.md
index eee052b7..6407a2d2 100644
--- a/i18n/it/real-time-communication.md
+++ b/i18n/it/real-time-communication.md
@@ -6,6 +6,13 @@ description: Le altre app di messaggistica istantanea rendono disponibili tutte
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Attacchi Passivi](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Fornitori di Servizi](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: Sorveglianza di massa](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: Capitalismo di sorveglianza](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[Tipi di reti di comunicazione :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -65,9 +72,9 @@ Abbiamo alcuni consigli aggiuntivi sulla configurazione e rafforzamento della tu
-{ align=right }
+{ align=right }
-**SimpleX** Chat è un'app di messaggistica istantanea decentralizzata che non dipende da alcun identificatore univoco, come numeri telefonici o nomi utente. Gli utenti di SimpleX Chat possono scansionare un codice QR o cliccare su un link di invito per partecipare alle conversazioni di gruppo.
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Gli utenti di SimpleX Chat possono scansionare un codice QR o cliccare su un link di invito per partecipare alle conversazioni di gruppo.
[:octicons-home-16: Homepage](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Informativa sulla Privacy" }
@@ -98,7 +105,7 @@ SimpleX Chat supporta le funzionalità di base per le chat di gruppo, messaggi d
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network. Briar può anche connettersi via Wi-Fi o Bluetooth quando si trova nelle vicinanze. La modalità mesh locale di Briar può essere utile quando la connessione a Internet è problematica.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar può anche connettersi via Wi-Fi o Bluetooth quando si trova nelle vicinanze. La modalità mesh locale di Briar può essere utile quando la connessione a Internet è problematica.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/it/security-keys.md b/i18n/it/security-keys.md
index b24b107b..35d663ca 100644
--- a/i18n/it/security-keys.md
+++ b/i18n/it/security-keys.md
@@ -5,6 +5,11 @@ description: Questi strumenti ti assistono nella protezione dei tuoi account Int
cover: multi-factor-authentication.webp
---
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Una **chiave di sicurezza** fisica aggiunge un livello di protezione molto forte ai tuoi account online. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/it/tools.md b/i18n/it/tools.md
index 106d2d77..7e6ddc4e 100644
--- a/i18n/it/tools.md
+++ b/i18n/it/tools.md
@@ -31,6 +31,15 @@ Per ulteriori dettagli su ogni progetto, perché è stato scelto e ulteriori con
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/it/tor.md b/i18n/it/tor.md
index 6c4aa98b..6eed38ca 100644
--- a/i18n/it/tor.md
+++ b/i18n/it/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: Capitalismo di sorveglianza](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: Sorveglianza di massa](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censura](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Tor** è un gruppo di server gestiti da volontari che consente di connettersi gratuitamente e di migliorare la propria privacy e sicurezza su Internet. Individui e organizzazioni possono inoltre condividere le informazioni tramite la rete Tor con i "servizi nascosti .onion", senza comprometterne la privacy. Poiché il traffico di Tor è difficile da bloccare e tracciare, è un efficace strumento di elusione della censura.
[Panoramica dettagliata di Tor :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Prima di connetterti a Tor, ti preghiamo di assicurarti di aver letto la nostra
-Esistono svariati modi per connettersi alla rete di Tor dal tuo dispositivo, il più comunemente utilizzato dei quali è **Tor Browser**, una biforcazione di Firefox progettata per la navigazione anonima per i computer desktop e per Android.
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Alcune di queste app sono migliori di altre e, anche in questo caso, la scelta dipende dal proprio modello di minaccia. Se sei un utente casuale di Tor e non sei preoccupato dal fatto che il tuo ISP raccolga prove contro di te, utilizzare app come [Orbot](#orbot) o le app browser per mobile per accedere alla rete di Tor va probabilmente bene. Incrementare il numero di persone che utilizzano Tor su una base giornaliera, aiuta a ridurre il cattivo stigma nei confronti di Tor, e riduce la qualità degli "elenchi di utenti di Tor", che gli ISP e i governi potrebbero compilare.
-Se l'anonimato più completo è fondamentale per la tua situazione, dovresti utilizzare **soltanto** il client del Browser Tor per desktop, idealmente in una configurazione [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os). I browser per mobile sono meno comuni su Tor (e, di conseguenza, più rilevabili), e altre configurazioni non sono altrrettanto testate contro la deanonimizzazione.
+Se l'anonimato più completo è fondamentale per la tua situazione, dovresti utilizzare **soltanto** il client del Browser Tor per desktop, idealmente in una configurazione [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os). Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Tor Browser
diff --git a/i18n/it/vpn.md b/i18n/it/vpn.md
index dc6483ca..0456f595 100644
--- a/i18n/it/vpn.md
+++ b/i18n/it/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: Capitalismo di sorveglianza](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/ja/alternative-networks.md b/i18n/ja/alternative-networks.md
index e7324ae1..2066f924 100644
--- a/i18n/ja/alternative-networks.md
+++ b/i18n/ja/alternative-networks.md
@@ -5,9 +5,15 @@ description: These tools allow you to access networks other than the World Wide
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## Anonymizing Networks
-When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your anonymity, unless you know what you're doing.
+When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### Tor
@@ -15,7 +21,7 @@ When it comes to anonymizing networks, we want to specially note that [Tor](adva
{ align=right }
-The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. 個人や組織は、プライバシーを損なうことなく、Torネットワーク上で「.onion 秘匿サービス」による情報共有が可能です。 Torトラフィックはブロックや追跡が困難であるため、Torは効果的な検閲回避ツールです。
+The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. 個人や組織は、プライバシーを損なうことなく、Torネットワーク上で「.onion 秘匿サービス」による情報共有が可能です。 Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title=Homepage }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
diff --git a/i18n/ja/android/distributions.md b/i18n/ja/android/distributions.md
index a911ca54..8745a03d 100644
--- a/i18n/ja/android/distributions.md
+++ b/i18n/ja/android/distributions.md
@@ -29,6 +29,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A **custom Android-based operating system** (often known as a **custom ROM**) is a popular way to achieve higher levels of privacy and security on your device. This is in contrast to the "stock" version of Android which comes with your phone from the factory, and is often deeply integrated with Google Play Services.
We recommend installing one of these custom Android operating systems on your device, listed in order of preference, depending on your device's compatibility with these operating systems.
diff --git a/i18n/ja/android/general-apps.md b/i18n/ja/android/general-apps.md
index f2836e65..1c4e5c99 100644
--- a/i18n/ja/android/general-apps.md
+++ b/i18n/ja/android/general-apps.md
@@ -91,6 +91,11 @@ The image orientation metadata is not deleted. If you enable location (in Secure
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/ja/browser-extensions.md b/i18n/ja/browser-extensions.md
index 9c77380b..15325492 100644
--- a/i18n/ja/browser-extensions.md
+++ b/i18n/ja/browser-extensions.md
@@ -5,6 +5,10 @@ description: These browser extensions can enhance your browsing experience and p
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
In general, we recommend keeping your browser extensions to a minimum to decrease your attack surface. They have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
However, some provide functionality which can outweigh these downsides in certain situations, particularly when it comes to [content blocking](basics/common-threats.md#mass-surveillance-programs).
@@ -56,7 +60,7 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
{ align=right }
-**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function.
+**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/ja/calendar.md b/i18n/ja/calendar.md
index f6fa0396..d0c1f7ed 100644
--- a/i18n/ja/calendar.md
+++ b/i18n/ja/calendar.md
@@ -5,6 +5,11 @@ description: Calendars contain some of your most sensitive data; use products th
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: パッシブ攻撃](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Calendars** contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
## Tuta
diff --git a/i18n/ja/cloud.md b/i18n/ja/cloud.md
index 4609e657..5643e621 100644
--- a/i18n/ja/cloud.md
+++ b/i18n/ja/cloud.md
@@ -6,6 +6,11 @@ description: Many cloud storage providers require your trust that they will not
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: パッシブ攻撃](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. 以下に示す選択肢では、安全なE2EEが実装されているため、サービス提供元を信頼する必要はありません。
If these alternatives do not fit your needs, we suggest you look into using encryption software like [Cryptomator](encryption.md#cryptomator-cloud) with another cloud provider. Using Cryptomator in conjunction with **any** cloud provider (including these) may be a good idea to reduce the risk of encryption flaws in a provider's native clients.
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech).
+**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/ja/cryptocurrency.md b/i18n/ja/cryptocurrency.md
index 949b07da..a893756f 100644
--- a/i18n/ja/cryptocurrency.md
+++ b/i18n/ja/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: 検閲](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
Making payments online is one of the biggest challenges to privacy. These cryptocurrencies provide transaction privacy by default (something which is **not** guaranteed by the majority of cryptocurrencies), provided you have a strong understanding of how to make private payments effectively. We strongly encourage you first read our payments overview article before making any purchases:
[プライベートな支払い :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -22,7 +27,7 @@ Making payments online is one of the biggest challenges to privacy. These crypto
{ align=right }
-**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve anonymity. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
[:octicons-home-16: Homepage](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentation}
diff --git a/i18n/ja/desktop-browsers.md b/i18n/ja/desktop-browsers.md
index 82965844..6d9f860c 100644
--- a/i18n/ja/desktop-browsers.md
+++ b/i18n/ja/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **desktop web browsers** and configurations for standard/non-anonymous browsing. 強力なプライバシー保護とフィンガープリント対策を重視する場合は[Mullvad Browser](#mullvad-browser)を、カジュアルなブラウジングやGoogle Chromeの良い代替品を探している場合は[Firefox](#firefox)を、Chromiumブラウザとの互換性が必要な場合は[Brave](#brave)をおすすめします。
匿名でインターネットを閲覧するには、[Tor](tor.md)を使用してください。 このページではいくつかの設定をおすすめしていますが、Tor Browser以外のブラウザは、何らかの方法で、*誰かしら*が、あなたを追跡できます。
@@ -65,9 +69,9 @@ These are our currently recommended **desktop web browsers** and configurations
-{ align=right }
+{ align=right }
-**Mullvad Browser**はVPNユーザーにTor Browserのフィンガープリント対策のブラウザ技術を提供することを目的とした、Torネットワークへの接続機能のない[Tor Browser](tor.md#tor-browser)です。 Tor Projectが開発し、[Mullvad](vpn.md#mullvad)が配布しています。MullvadのVPNを使用する必要は**ありません**。
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. Tor Projectが開発し、[Mullvad](vpn.md#mullvad)が配布しています。MullvadのVPNを使用する必要は**ありません**。
[:octicons-home-16: ホームページ](https://mullvad.net/ja/browser){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mullvad.net/ja/help/privacy-policy){ .card-link title="プライバシーポリシー" }
diff --git a/i18n/ja/device-integrity.md b/i18n/ja/device-integrity.md
index 285d3a0e..fc50c878 100644
--- a/i18n/ja/device-integrity.md
+++ b/i18n/ja/device-integrity.md
@@ -45,6 +45,10 @@ These tools provide analysis based on the information they have the ability to a
## External Verification Tools
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -128,6 +132,11 @@ iMazing automates and interactively guides you through the process of using [MVT
## On-Device Verification
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
@@ -181,6 +190,10 @@ If your [threat model](basics/threat-modeling.md) requires privacy, you could co
## オンデバイス・スキャナー
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install on your device which scan your device for signs of compromise.
@@ -221,7 +234,7 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
{ align=right }
-**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Homepage](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/ja/dns.md b/i18n/ja/dns.md
index 5f0b7139..b9b1b4a5 100644
--- a/i18n/ja/dns.md
+++ b/i18n/ja/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
Encrypted DNS with third-party servers should only be used to get around basic [DNS blocking](https://en.wikipedia.org/wiki/DNS_blocking) when you can be sure there won't be any consequences. Encrypted DNS will not help you hide any of your browsing activity.
[DNSの詳細 :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/ja/document-collaboration.md b/i18n/ja/document-collaboration.md
index 0b8c544e..273524d0 100644
--- a/i18n/ja/document-collaboration.md
+++ b/i18n/ja/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/ja/email-aliasing.md b/i18n/ja/email-aliasing.md
index 3e5fc60f..88515318 100644
--- a/i18n/ja/email-aliasing.md
+++ b/i18n/ja/email-aliasing.md
@@ -5,6 +5,11 @@ description: An email aliasing service allows you to easily generate a new email
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md). True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
diff --git a/i18n/ja/encryption.md b/i18n/ja/encryption.md
index d1c26268..aa9c2fd4 100644
--- a/i18n/ja/encryption.md
+++ b/i18n/ja/encryption.md
@@ -14,11 +14,15 @@ cover: encryption.webp
### Cryptomator(クラウド)
+
Protects against the following threat(s):
+
+- [:material-bug-outline: パッシブ攻撃](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
{ align=right }
-**Cryptomator** is an encryption solution designed for privately saving files to any cloud provider. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
[:octicons-home-16: Homepage](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Privacy Policy" }
@@ -49,6 +53,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Picocrypt(ファイル)
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -72,6 +80,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### VeraCrypt(ディスク)
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -103,6 +115,10 @@ Truecrypt has been [audited a number of times](https://en.wikipedia.org/wiki/Tru
## OSのフルディスク暗号化
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
### BitLocker
@@ -227,6 +243,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## コマンドライン
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Tools with command-line interfaces are useful for integrating [shell scripts](https://en.wikipedia.org/wiki/Shell_script).
### Kryptor
@@ -273,6 +293,12 @@ Tools with command-line interfaces are useful for integrating [shell scripts](ht
## OpenPGP
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: パッシブ攻撃](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP is sometimes needed for specific tasks such as digitally signing and encrypting email. PGP has many features and is [complex](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) as it has been around a long time. For tasks such as signing or encrypting files, we suggest the above options.
When encrypting with PGP, you have the option to configure different options in your `gpg.conf` file. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/ja/file-sharing.md b/i18n/ja/file-sharing.md
index eeb4112a..0dd55d9f 100644
--- a/i18n/ja/file-sharing.md
+++ b/i18n/ja/file-sharing.md
@@ -5,6 +5,10 @@ description: デバイス間、友人や家族、または匿名でオンライ
cover: file-sharing.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
デバイス間、友人や家族、または匿名でオンライン上でファイルをプライベートに共有する方法をご紹介します。
## ファイル共有
@@ -37,9 +41,9 @@ ffsend upload --host https://send.vis.ee/ FILE
-{ align=right }
+{ align=right }
-**OnionShare**は、あらゆるサイズのファイルを安全かつ匿名で共有できるオープンソースのツールです。 Torオニオン・サービスとしてアクセスできるウェブサーバーを起動し、ファイルのダウンロードまたは送信に用いられる、推測不可能なURLをファイルの受信者と共有するという形で機能します。
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. Torオニオン・サービスとしてアクセスできるウェブサーバーを起動し、ファイルのダウンロードまたは送信に用いられる、推測不可能なURLをファイルの受信者と共有するという形で機能します。
[:octicons-home-16: ホームページ](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Onion Service" }
@@ -57,6 +61,8 @@ ffsend upload --host https://send.vis.ee/ FILE
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### 規準
**私たちは、推薦するどのプロジェクトとも提携していません。**客観的に推薦できるよう、[標準となる規準](about/criteria.md)に加えて、一連の明確な要件を定めています。 プロジェクトを利用する前に、このリストをよく理解し、ご自身で調査を行って、そのプロジェクトがあなたにとって適切な選択かどうかをご確認ください。
diff --git a/i18n/ja/language-tools.md b/i18n/ja/language-tools.md
index ac2648b6..267fdb13 100644
--- a/i18n/ja/language-tools.md
+++ b/i18n/ja/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/ja/mobile-browsers.md b/i18n/ja/mobile-browsers.md
index 5dfd67d0..da042115 100644
--- a/i18n/ja/mobile-browsers.md
+++ b/i18n/ja/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. 匿名でインターネットを閲覧するには、[Tor](tor.md)を使用してください。
## Android
diff --git a/i18n/ja/mobile-phones.md b/i18n/ja/mobile-phones.md
index 0db21ff5..8c7a74b3 100644
--- a/i18n/ja/mobile-phones.md
+++ b/i18n/ja/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/ja/multi-factor-authentication.md b/i18n/ja/multi-factor-authentication.md
index b7373ecd..ae36cb59 100644
--- a/i18n/ja/multi-factor-authentication.md
+++ b/i18n/ja/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Hardware Keys
diff --git a/i18n/ja/notebooks.md b/i18n/ja/notebooks.md
index 3040c72f..2fdadb17 100644
--- a/i18n/ja/notebooks.md
+++ b/i18n/ja/notebooks.md
@@ -5,6 +5,10 @@ description: These encrypted note-taking apps let you keep track of your notes w
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
第三者による閲覧を防止しながら、メモや日記を保存できます。
現在、Evernote、Google Keep、Microsoft OneNoteなどを使用している場合は、ここに掲載されたエンドツーエンド暗号化対応のアプリケーションに移行することをおすすめします。
diff --git a/i18n/ja/os/ios-overview.md b/i18n/ja/os/ios-overview.md
index 860771d3..7d37a9a5 100644
--- a/i18n/ja/os/ios-overview.md
+++ b/i18n/ja/os/ios-overview.md
@@ -42,7 +42,7 @@ You can also protect your data by limiting what you sync to iCloud in the first
A paid **iCloud+** subscription (with any iCloud storage plan) comes with some privacy-protecting functionality. While these may provide adequate service for current iCloud customers, we wouldn't recommend purchasing an iCloud+ plan over a [VPN](../vpn.md) and [standalone email aliasing service](../email-aliasing.md) just for these features alone.
-**Private Relay** is a proxy service which relays your Safari traffic through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a full VPN, Private Relay does not protect traffic from your apps outside of Safari.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Hide My Email** is Apple's email aliasing service. You can create an email aliases for free when you *Sign In With Apple* on a website or app, or generate unlimited aliases on demand with a paid iCloud+ plan. Hide My Email has the advantage of using the `@icloud.com` domain for its aliases, which may be less likely to be blocked compared to other email aliasing services, but does not offer functionality offered by standalone services such as automatic PGP encryption or multiple mailbox support.
diff --git a/i18n/ja/passwords.md b/i18n/ja/passwords.md
index ebc71cfc..1626ccf0 100644
--- a/i18n/ja/passwords.md
+++ b/i18n/ja/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: パッシブ攻撃](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[Introduction to Passwords :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/ja/photo-management.md b/i18n/ja/photo-management.md
index 1591632d..844ca34c 100644
--- a/i18n/ja/photo-management.md
+++ b/i18n/ja/photo-management.md
@@ -5,6 +5,11 @@ description: Photo management tools to keep your personal photos safe from the p
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. These options keep your personal photos private, while allowing you to share them only with family and trusted people.
## Ente Photos
diff --git a/i18n/ja/real-time-communication.md b/i18n/ja/real-time-communication.md
index 9e98140f..dcb2404a 100644
--- a/i18n/ja/real-time-communication.md
+++ b/i18n/ja/real-time-communication.md
@@ -6,6 +6,13 @@ description: Other instant messengers make all of your private conversations ava
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: パッシブ攻撃](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[Types of Communication Networks :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -67,7 +74,7 @@ We have some additional tips on configuring and hardening your Signal installati
{ align=right }
-**SimpleX** Chat is an instant messenger that is decentralized and doesn't depend on any unique identifiers such as phone numbers or usernames. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
[:octicons-home-16: Homepage](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Privacy Policy" }
@@ -98,7 +105,7 @@ SimpleX Chat supports basic group chatting functionality, direct messaging, and
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/ja/security-keys.md b/i18n/ja/security-keys.md
index 19a84dac..dd855a0a 100644
--- a/i18n/ja/security-keys.md
+++ b/i18n/ja/security-keys.md
@@ -5,6 +5,11 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A physical **security key** adds a very strong layer of protection to your online accounts. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/ja/tools.md b/i18n/ja/tools.md
index 255ba9e6..658dd4de 100644
--- a/i18n/ja/tools.md
+++ b/i18n/ja/tools.md
@@ -31,6 +31,15 @@ For more details about each project, why they were chosen, and additional tips o
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/ja/tor.md b/i18n/ja/tor.md
index c440b441..f9c14e75 100644
--- a/i18n/ja/tor.md
+++ b/i18n/ja/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: 検閲](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Tor** is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. 個人や組織は、プライバシーを損なうことなく、Torネットワーク上で「.onion 秘匿サービス」による情報共有が可能です。 Torトラフィックはブロックや追跡が困難であるため、Torは効果的な検閲回避ツールです。
[Detailed Tor Overview :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-
-デバイスからTorネットワークに接続する様々な方法がありますが、 デスクトップコンピューターやAndroid用の匿名ブラウジング用に設計された、Firefoxのフォークの**Tor Browser**が最も一般的に使用されています。
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
-If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Tor Browser
diff --git a/i18n/ja/vpn.md b/i18n/ja/vpn.md
index 955cdb83..1e9bce41 100644
--- a/i18n/ja/vpn.md
+++ b/i18n/ja/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/ko/alternative-networks.md b/i18n/ko/alternative-networks.md
index 97118604..d9e5d60a 100644
--- a/i18n/ko/alternative-networks.md
+++ b/i18n/ko/alternative-networks.md
@@ -5,9 +5,15 @@ description: These tools allow you to access networks other than the World Wide
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## Anonymizing Networks
-When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your anonymity, unless you know what you're doing.
+When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### Tor
@@ -15,7 +21,7 @@ When it comes to anonymizing networks, we want to specially note that [Tor](adva
{ align=right }
-The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. 개인 및 단체는 'Onion hidden 서비스'를 통해, 프라이버시를 침해받는 일 없이 Tor 네트워크에서 정보를 공유할 수 있습니다. Tor 트래픽은 차단 및 추적이 어렵기 때문에 검열 우회에 효과적입니다.
+The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. 개인 및 단체는 'Onion hidden 서비스'를 통해, 프라이버시를 침해받는 일 없이 Tor 네트워크에서 정보를 공유할 수 있습니다. Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title=Homepage }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
diff --git a/i18n/ko/android/distributions.md b/i18n/ko/android/distributions.md
index e77738c9..f1602949 100644
--- a/i18n/ko/android/distributions.md
+++ b/i18n/ko/android/distributions.md
@@ -29,6 +29,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A **custom Android-based operating system** (often known as a **custom ROM**) is a popular way to achieve higher levels of privacy and security on your device. This is in contrast to the "stock" version of Android which comes with your phone from the factory, and is often deeply integrated with Google Play Services.
We recommend installing one of these custom Android operating systems on your device, listed in order of preference, depending on your device's compatibility with these operating systems.
diff --git a/i18n/ko/android/general-apps.md b/i18n/ko/android/general-apps.md
index fd147ad2..d1e3a321 100644
--- a/i18n/ko/android/general-apps.md
+++ b/i18n/ko/android/general-apps.md
@@ -91,6 +91,11 @@ The image orientation metadata is not deleted. If you enable location (in Secure
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/ko/browser-extensions.md b/i18n/ko/browser-extensions.md
index 8dbdc9b3..6eaa3059 100644
--- a/i18n/ko/browser-extensions.md
+++ b/i18n/ko/browser-extensions.md
@@ -5,6 +5,10 @@ description: These browser extensions can enhance your browsing experience and p
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
In general, we recommend keeping your browser extensions to a minimum to decrease your attack surface. They have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
However, some provide functionality which can outweigh these downsides in certain situations, particularly when it comes to [content blocking](basics/common-threats.md#mass-surveillance-programs).
@@ -56,7 +60,7 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
{ align=right }
-**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function.
+**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/ko/calendar.md b/i18n/ko/calendar.md
index 29ac1ecd..38269b6c 100644
--- a/i18n/ko/calendar.md
+++ b/i18n/ko/calendar.md
@@ -5,6 +5,11 @@ description: Calendars contain some of your most sensitive data; use products th
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: 수동적 공격(Passive Attacks)](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: 서비스 제공자/제공 업체(Service Providers)](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Calendars** contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
## Tuta
diff --git a/i18n/ko/cloud.md b/i18n/ko/cloud.md
index 1dd1d65c..d6785270 100644
--- a/i18n/ko/cloud.md
+++ b/i18n/ko/cloud.md
@@ -6,6 +6,11 @@ description: 대부분의 클라우드 스토리지 제공 업체는, 업체가
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: 수동적 공격(Passive Attacks)](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: 서비스 제공자/제공 업체(Service Providers)](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. 아래에 제시된 대안은 E2EE 보안을 구현하여 '신뢰'의 필요성을 처음부터 제거합니다.
이러한 대안들이 여러분의 요구에 맞지 않는 경우, 다른 클라우드 제공 업체를 [Cryptomator](encryption.md#cryptomator-cloud) 등의 암호화 소프트웨어와 함께 사용할 것을 권장합니다. **어떤** 클라우드 제공 업체든(본 목록 포함), Cryptomator를 함께 사용함으로써 제공 업체의 기본 클라이언트에서 발생할 수 있는 암호화 결함 위험성을 낮출 수 있습니다.
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech).
+**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/ko/cryptocurrency.md b/i18n/ko/cryptocurrency.md
index a9020aea..a5205e1b 100644
--- a/i18n/ko/cryptocurrency.md
+++ b/i18n/ko/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: 대중 감시(Mass Surveillance)](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: 검열(Censorship)](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
온라인 결제는 프라이버시에 있어서 매우 큰 문제입니다. 다음과 같은 암호화폐는 여러분이 프라이버시를 보호하면서 결제를 하는 방법에 대해 충분한 이해를 갖춘 경우, 거래 프라이버시를 기본적으로 제공합니다.(대부분의 암호화폐는 거래 프라이버시를 보장하지 **않습니다**.) 무엇인가를 구매하기에 앞서, Privacy Guides에서 결제 개요 문서를 읽어보실 것을 강력히 권장드립니다:
[Making Private Payments :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -20,9 +25,9 @@ cover: cryptocurrency.webp
-{ align=right }
+{ align=right }
-**Monero**는 거래를 난독화하여 익명성을 확보하는 프라이버시 강화 기술이 적용된 블록체인을 사용합니다. 모든 Monero 거래는 거래 금액, 송수신 주소, 자금 출처가 숨겨지므로 암호화폐 초심자에게 이상적인 선택입니다.
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. 모든 Monero 거래는 거래 금액, 송수신 주소, 자금 출처가 숨겨지므로 암호화폐 초심자에게 이상적인 선택입니다.
[:octicons-home-16: Homepage](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentation}
diff --git a/i18n/ko/desktop-browsers.md b/i18n/ko/desktop-browsers.md
index cd31c416..54a444a0 100644
--- a/i18n/ko/desktop-browsers.md
+++ b/i18n/ko/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: 감시 자본주의(Surveillance Capitalism)](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **desktop web browsers** and configurations for standard/non-anonymous browsing. 강력한 프라이버시 보호 및 핑거프린팅 방지가 기본 제공되는 브라우저를 원하신다면 [Mullvad Browser](#mullvad-browser)를, 평범한 인터넷 브라우저 중 Google Chrome의 적절한 대체제를 원하신다면 [Firefox](#firefox)를, Chromium 브라우저 호환성이 필요하시다면 [Brave](#brave)를 추천드립니다.
익명으로 인터넷을 탐색해야 하는 경우라면, [Tor](tor.md)를 사용해야 합니다. 본 내용에서 몇 가지 권장 설정을 알려드리고 있지만, Tor 브라우저를 제외한 모든 브라우저는 *누군가* 어떻게든 추적할 수 있습니다.
@@ -65,9 +69,9 @@ These are our currently recommended **desktop web browsers** and configurations
-{ align=right }
+{ align=right }
-**Mullvad Browser**는 [Tor 브라우저](tor.md#tor-browser)에서 Tor 네트워크 통합을 제거한 버전입니다. Tor 브라우저의 핑거프린팅 방지 브라우저 기술을 VPN 사용자에게 제공하는 것을 주된 목적으로 합니다. Tor 프로젝트에서 개발하고 [Mullvad](vpn.md#mullvad)에서 배포합니다. Mullvad VPN 사용이 필수적이지 **않습니다**.
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. Tor 프로젝트에서 개발하고 [Mullvad](vpn.md#mullvad)에서 배포합니다. Mullvad VPN 사용이 필수적이지 **않습니다**.
[:octicons-home-16: Homepage](https://mullvad.net/en/browser){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mullvad.net/en/help/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/ko/device-integrity.md b/i18n/ko/device-integrity.md
index fb19bab5..7de334df 100644
--- a/i18n/ko/device-integrity.md
+++ b/i18n/ko/device-integrity.md
@@ -45,6 +45,10 @@ These tools provide analysis based on the information they have the ability to a
## External Verification Tools
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -128,6 +132,11 @@ iMazing automates and interactively guides you through the process of using [MVT
## On-Device Verification
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
@@ -181,6 +190,10 @@ If your [threat model](basics/threat-modeling.md) requires privacy, you could co
## On-Device Scanners
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install on your device which scan your device for signs of compromise.
@@ -221,7 +234,7 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
{ align=right }
-**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Homepage](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/ko/dns.md b/i18n/ko/dns.md
index fda02916..5c524f9a 100644
--- a/i18n/ko/dns.md
+++ b/i18n/ko/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: 감시 자본주의(Surveillance Capitalism)](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
제3자 서버를 사용하는 암호화 DNS는 기본적인 [DNS 차단](https://en.wikipedia.org/wiki/DNS_blocking)을 우회하는 용도로만, 그리고 아무런 문제가 발생하지 않을 것이라고 확신할 수 있는 경우에만 사용해야 합니다. 암호화 DNS는 여러분의 브라우저 탐색 활동을 숨기는 데에 전혀 도움이 되지 않습니다.
[DNS 자세히 알아보기 :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/ko/document-collaboration.md b/i18n/ko/document-collaboration.md
index 2310f6dc..c0188a55 100644
--- a/i18n/ko/document-collaboration.md
+++ b/i18n/ko/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/ko/email-aliasing.md b/i18n/ko/email-aliasing.md
index 4014c611..b0eb6633 100644
--- a/i18n/ko/email-aliasing.md
+++ b/i18n/ko/email-aliasing.md
@@ -5,6 +5,11 @@ description: An email aliasing service allows you to easily generate a new email
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md). True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
diff --git a/i18n/ko/encryption.md b/i18n/ko/encryption.md
index 5a649c7f..0647fed4 100644
--- a/i18n/ko/encryption.md
+++ b/i18n/ko/encryption.md
@@ -14,10 +14,15 @@ cover: encryption.webp
### Cryptomator (클라우드)
+
Protects against the following threat(s):
+
+- [:material-bug-outline: 수동적 공격(Passive Attacks)](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
-{ align=right }
-**Cryptomator**는 다양한 클라우드와 호환되도록 설계된 파일 암호화 솔루션입니다. 가상 드라이브에 Vault라고 불리는 파일 저장소를 생성할 수 있고, 여기에 저장된 파일들은 암호화되며 자동으로 클라우드와 동기화됩니다.
+{ align=right }
+
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. 가상 드라이브에 Vault라고 불리는 파일 저장소를 생성할 수 있고, 여기에 저장된 파일들은 암호화되며 자동으로 클라우드와 동기화됩니다.
[:octicons-home-16: Homepage](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Privacy Policy" }
@@ -48,6 +53,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Picocrypt (파일)
+
Protects against the following threat(s):
+
+- [:material-target-account: 표적 공격(Targeted Attacks)](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -71,6 +80,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### VeraCrypt (디스크)
+
Protects against the following threat(s):
+
+- [:material-target-account: 표적 공격(Targeted Attacks)](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -102,6 +115,10 @@ Truecrypt는 [여러 차례 감사 받은 이력이 있으며](https://en.wikipe
## OS 전체 디스크 암호화
+
Protects against the following threat(s):
+
+- [:material-target-account: 표적 공격(Targeted Attacks)](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
### BitLocker
@@ -226,6 +243,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## 커맨드라인
+
Protects against the following threat(s):
+
+- [:material-target-account: 표적 공격(Targeted Attacks)](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
커맨드라인 인터페이스가 존재하는 툴은 [Shell 스크립트](https://ko.wikipedia.org/wiki/%EC%85%B8_%EC%8A%A4%ED%81%AC%EB%A6%BD%ED%8A%B8)에 통합하는 용도로 유용합니다.
### Kryptor
@@ -272,6 +293,12 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## OpenPGP
+
Protects against the following threat(s):
+
+- [:material-target-account: 표적 공격(Targeted Attacks)](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: 수동적 공격(Passive Attacks)](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: 서비스 제공자/제공 업체(Service Providers)](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP is sometimes needed for specific tasks such as digitally signing and encrypting email. PGP has many features and is [complex](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) as it has been around a long time. For tasks such as signing or encrypting files, we suggest the above options.
When encrypting with PGP, you have the option to configure different options in your `gpg.conf` file. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/ko/file-sharing.md b/i18n/ko/file-sharing.md
index 6d2c1475..3c913e66 100644
--- a/i18n/ko/file-sharing.md
+++ b/i18n/ko/file-sharing.md
@@ -5,6 +5,10 @@ description: 기기 간에, 친구 및 가족과, 혹은 익명으로 온라인
cover: file-sharing.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: 서비스 제공자/제공 업체(Service Providers)](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
기기 간에, 친구 및 가족과, 혹은 익명으로 온라인 상에서 파일을 개인적으로 공유하는 방법을 알아보세요.
## 파일 공유
@@ -37,9 +41,9 @@ ffsend upload --host https://send.vis.ee/ FILE
-{ align=right }
+{ align=right }
-**OnionShare**는 파일 크기에 관계 없이 안전하게 익명으로 공유할 수 있는 오픈 소스 툴입니다. Tor Onion 서비스로 접근 가능한 웹 서버를 실행하고, 추론 불가능한 URL을 수신자와 공유하여 파일을 다운로드하거나 전송하는 방식으로 작동합니다.
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. Tor Onion 서비스로 접근 가능한 웹 서버를 실행하고, 추론 불가능한 URL을 수신자와 공유하여 파일을 다운로드하거나 전송하는 방식으로 작동합니다.
[:octicons-home-16: Homepage](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Onion Service" }
@@ -57,6 +61,8 @@ ffsend upload --host https://send.vis.ee/ FILE
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### 평가 기준
**Privacy Guides는 권장 목록의 어떠한 프로젝트와도 제휴를 맺지 않았습니다.** 객관적인 권장 목록을 제공하기 위해, [일반적인 평가 기준](about/criteria.md)에 더해 명확한 요구 사항을 정립하였습니다. 어떠한 프로젝트를 선택해 사용하기 전에, 이러한 요구 사항들을 숙지하고 여러분 스스로 조사하는 과정을 거쳐 적절한 선택을 하시기 바랍니다.
diff --git a/i18n/ko/language-tools.md b/i18n/ko/language-tools.md
index 4f8058eb..38a30954 100644
--- a/i18n/ko/language-tools.md
+++ b/i18n/ko/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/ko/mobile-browsers.md b/i18n/ko/mobile-browsers.md
index 686be2bc..fa85f578 100644
--- a/i18n/ko/mobile-browsers.md
+++ b/i18n/ko/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: 감시 자본주의(Surveillance Capitalism)](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. 익명으로 인터넷을 탐색해야 하는 경우라면, [Tor](tor.md)를 사용해야 합니다.
## Android
diff --git a/i18n/ko/mobile-phones.md b/i18n/ko/mobile-phones.md
index 455774ca..2acc8bc1 100644
--- a/i18n/ko/mobile-phones.md
+++ b/i18n/ko/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/ko/multi-factor-authentication.md b/i18n/ko/multi-factor-authentication.md
index b4e729e8..7f1e0e1c 100644
--- a/i18n/ko/multi-factor-authentication.md
+++ b/i18n/ko/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: 표적 공격(Targeted Attacks)](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Hardware Keys
diff --git a/i18n/ko/notebooks.md b/i18n/ko/notebooks.md
index 2201f8a9..e3970dee 100644
--- a/i18n/ko/notebooks.md
+++ b/i18n/ko/notebooks.md
@@ -5,6 +5,10 @@ description: These encrypted note-taking apps let you keep track of your notes w
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: 서비스 제공자/제공 업체(Service Providers)](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
여러분의 노트 내용이나 일기를 제3자가 볼 수 없도록 관리하세요.
현재 Evernote, Google Keep, Microsoft OneNote와 같은 애플리케이션을 사용하고 계시다면, 여기에서 E2EE를 지원하는 대체제를 선택해 보실 것을 권장드립니다.
diff --git a/i18n/ko/os/ios-overview.md b/i18n/ko/os/ios-overview.md
index ddc3cf75..e6073f64 100644
--- a/i18n/ko/os/ios-overview.md
+++ b/i18n/ko/os/ios-overview.md
@@ -42,7 +42,7 @@ You can also protect your data by limiting what you sync to iCloud in the first
A paid **iCloud+** subscription (with any iCloud storage plan) comes with some privacy-protecting functionality. While these may provide adequate service for current iCloud customers, we wouldn't recommend purchasing an iCloud+ plan over a [VPN](../vpn.md) and [standalone email aliasing service](../email-aliasing.md) just for these features alone.
-**Private Relay** is a proxy service which relays your Safari traffic through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a full VPN, Private Relay does not protect traffic from your apps outside of Safari.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Hide My Email** is Apple's email aliasing service. You can create an email aliases for free when you *Sign In With Apple* on a website or app, or generate unlimited aliases on demand with a paid iCloud+ plan. Hide My Email has the advantage of using the `@icloud.com` domain for its aliases, which may be less likely to be blocked compared to other email aliasing services, but does not offer functionality offered by standalone services such as automatic PGP encryption or multiple mailbox support.
diff --git a/i18n/ko/passwords.md b/i18n/ko/passwords.md
index 3e278346..5347fecc 100644
--- a/i18n/ko/passwords.md
+++ b/i18n/ko/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: 표적 공격(Targeted Attacks)](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: 수동적 공격(Passive Attacks)](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: 서비스 제공자/제공 업체(Service Providers)](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[비밀번호 입문 :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/ko/photo-management.md b/i18n/ko/photo-management.md
index 8530b510..5deb6d18 100644
--- a/i18n/ko/photo-management.md
+++ b/i18n/ko/photo-management.md
@@ -5,6 +5,11 @@ description: Photo management tools to keep your personal photos safe from the p
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. These options keep your personal photos private, while allowing you to share them only with family and trusted people.
## Ente Photos
diff --git a/i18n/ko/real-time-communication.md b/i18n/ko/real-time-communication.md
index ea0bf4f6..94dd8787 100644
--- a/i18n/ko/real-time-communication.md
+++ b/i18n/ko/real-time-communication.md
@@ -6,6 +6,13 @@ description: Other instant messengers make all of your private conversations ava
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: 수동적 공격(Passive Attacks)](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: 서비스 제공자/제공 업체(Service Providers)](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: 대중 감시(Mass Surveillance)](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: 감시 자본주의(Surveillance Capitalism)](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[통신 네트워크 유형 :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -65,9 +72,9 @@ Signal 설치 구성 및 보안 강화 관련 도움말이 필요하신 분은
-{ align=right }
+{ align=right }
-**SimpleX** Chat은 탈중앙화 메신저입니다. 전화번호나 사용자 아이디 등의 고유 식별자에 의존하지 않는 것이 특징입니다. SimpleX Chat에서는 QR 코드를 스캔하거나 초대 링크를 클릭하여 그룹 대화에 참여합니다.
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. SimpleX Chat에서는 QR 코드를 스캔하거나 초대 링크를 클릭하여 그룹 대화에 참여합니다.
[:octicons-home-16: Homepage](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Privacy Policy" }
@@ -98,7 +105,7 @@ SimpleX Chat supports basic group chatting functionality, direct messaging, and
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network. 근거리에 있는 경우 Wi-Fi 혹은 Bluetooth를 통해 연결하는 것도 가능합니다. Briar 로컬 메시 모드는 인터넷을 제대로 사용할 수 없는 상황에도 유용합니다.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. 근거리에 있는 경우 Wi-Fi 혹은 Bluetooth를 통해 연결하는 것도 가능합니다. Briar 로컬 메시 모드는 인터넷을 제대로 사용할 수 없는 상황에도 유용합니다.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/ko/security-keys.md b/i18n/ko/security-keys.md
index f330c760..52609952 100644
--- a/i18n/ko/security-keys.md
+++ b/i18n/ko/security-keys.md
@@ -5,6 +5,11 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A physical **security key** adds a very strong layer of protection to your online accounts. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/ko/tools.md b/i18n/ko/tools.md
index c77c7345..3e9d2565 100644
--- a/i18n/ko/tools.md
+++ b/i18n/ko/tools.md
@@ -31,6 +31,15 @@ For more details about each project, why they were chosen, and additional tips o
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/ko/tor.md b/i18n/ko/tor.md
index 159bdd50..a0d3d217 100644
--- a/i18n/ko/tor.md
+++ b/i18n/ko/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: 감시 자본주의(Surveillance Capitalism)](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: 대중 감시(Mass Surveillance)](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: 검열(Censorship)](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Tor** is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. 개인 및 단체는 'Onion hidden 서비스'를 통해, 프라이버시를 침해받는 일 없이 Tor 네트워크에서 정보를 공유할 수 있습니다. Tor 트래픽은 차단 및 추적이 어렵기 때문에 검열 우회에 효과적입니다.
[자세한 Tor 개요 :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Tor에 연결하기 전에 [개요](advanced/tor-overview.md)에서 Tor가 무
-기기에서 Tor 네트워크에 연결하는 방법은 다양합니다. 가장 일반적으로 사용하는 방법은 데스크톱 PC와 Android 용으로 만들어진 **Tor 브라우저**(익명 브라우징을 위해 설계된 Firefox 포크)입니다.
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Tor를 일상에서 사용하는 사용자가 증가한다면 Tor에 대한 부정적인 이미지를 해소할 수 있고, 정부 또는 ISP가 Tor 사용자 명단을 수집하는 행위의 가치를 줄일 수 있습니다.
-If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Tor 브라우저
diff --git a/i18n/ko/vpn.md b/i18n/ko/vpn.md
index 01d49c0c..58a13b52 100644
--- a/i18n/ko/vpn.md
+++ b/i18n/ko/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: 감시 자본주의(Surveillance Capitalism)](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/ku-IQ/alternative-networks.md b/i18n/ku-IQ/alternative-networks.md
index 79017cee..4c8a6e25 100644
--- a/i18n/ku-IQ/alternative-networks.md
+++ b/i18n/ku-IQ/alternative-networks.md
@@ -5,9 +5,15 @@ description: These tools allow you to access networks other than the World Wide
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## Anonymizing Networks
-When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your anonymity, unless you know what you're doing.
+When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### Tor
@@ -15,7 +21,7 @@ When it comes to anonymizing networks, we want to specially note that [Tor](adva
{ align=right }
-The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective censorship circumvention tool.
+The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title=Homepage }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
diff --git a/i18n/ku-IQ/android/distributions.md b/i18n/ku-IQ/android/distributions.md
index 339587be..c3c27e85 100644
--- a/i18n/ku-IQ/android/distributions.md
+++ b/i18n/ku-IQ/android/distributions.md
@@ -29,6 +29,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A **custom Android-based operating system** (often known as a **custom ROM**) is a popular way to achieve higher levels of privacy and security on your device. This is in contrast to the "stock" version of Android which comes with your phone from the factory, and is often deeply integrated with Google Play Services.
We recommend installing one of these custom Android operating systems on your device, listed in order of preference, depending on your device's compatibility with these operating systems.
diff --git a/i18n/ku-IQ/android/general-apps.md b/i18n/ku-IQ/android/general-apps.md
index d13deac9..e3221737 100644
--- a/i18n/ku-IQ/android/general-apps.md
+++ b/i18n/ku-IQ/android/general-apps.md
@@ -91,6 +91,11 @@ The image orientation metadata is not deleted. If you enable location (in Secure
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/ku-IQ/browser-extensions.md b/i18n/ku-IQ/browser-extensions.md
index d5644115..f0a2bf5b 100644
--- a/i18n/ku-IQ/browser-extensions.md
+++ b/i18n/ku-IQ/browser-extensions.md
@@ -5,6 +5,10 @@ description: These browser extensions can enhance your browsing experience and p
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
In general, we recommend keeping your browser extensions to a minimum to decrease your attack surface. They have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
However, some provide functionality which can outweigh these downsides in certain situations, particularly when it comes to [content blocking](basics/common-threats.md#mass-surveillance-programs).
@@ -56,7 +60,7 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
{ align=right }
-**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function.
+**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/ku-IQ/calendar.md b/i18n/ku-IQ/calendar.md
index edcd57b4..e44bf1ee 100644
--- a/i18n/ku-IQ/calendar.md
+++ b/i18n/ku-IQ/calendar.md
@@ -5,6 +5,11 @@ description: Calendars contain some of your most sensitive data; use products th
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Calendars** contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
## Tuta
diff --git a/i18n/ku-IQ/cloud.md b/i18n/ku-IQ/cloud.md
index 1b691f08..42467f65 100644
--- a/i18n/ku-IQ/cloud.md
+++ b/i18n/ku-IQ/cloud.md
@@ -6,6 +6,11 @@ description: Many cloud storage providers require your trust that they will not
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. The alternatives listed below eliminate the need for trust by implementing secure E2EE.
If these alternatives do not fit your needs, we suggest you look into using encryption software like [Cryptomator](encryption.md#cryptomator-cloud) with another cloud provider. Using Cryptomator in conjunction with **any** cloud provider (including these) may be a good idea to reduce the risk of encryption flaws in a provider's native clients.
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech).
+**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/ku-IQ/cryptocurrency.md b/i18n/ku-IQ/cryptocurrency.md
index 2fd5ccf5..348e2546 100644
--- a/i18n/ku-IQ/cryptocurrency.md
+++ b/i18n/ku-IQ/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
Making payments online is one of the biggest challenges to privacy. These cryptocurrencies provide transaction privacy by default (something which is **not** guaranteed by the majority of cryptocurrencies), provided you have a strong understanding of how to make private payments effectively. We strongly encourage you first read our payments overview article before making any purchases:
[Making Private Payments :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -22,7 +27,7 @@ Many if not most cryptocurrency projects are scams. Make transactions carefully
{ align=right }
-**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve anonymity. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
[:octicons-home-16: Homepage](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentation}
diff --git a/i18n/ku-IQ/desktop-browsers.md b/i18n/ku-IQ/desktop-browsers.md
index ec7094f4..b74767bc 100644
--- a/i18n/ku-IQ/desktop-browsers.md
+++ b/i18n/ku-IQ/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **desktop web browsers** and configurations for standard/non-anonymous browsing. We recommend [Mullvad Browser](#mullvad-browser) if you are focused on strong privacy protections and anti-fingerprinting out of the box, [Firefox](#firefox) for casual internet browsers looking for a good alternative to Google Chrome, and [Brave](#brave) if you need Chromium browser compatibility.
If you need to browse the internet anonymously, you should use [Tor](tor.md) instead. We make some configuration recommendations on this page, but all browsers other than Tor Browser will be traceable by *somebody* in some manner or another.
@@ -67,7 +71,7 @@ If you need to browse the internet anonymously, you should use [Tor](tor.md) ins
{ align=right }
-**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed, aimed at providing Tor Browser's anti-fingerprinting browser technologies to VPN users. It is developed by the Tor Project and distributed by [Mullvad](vpn.md#mullvad), and does **not** require the use of Mullvad's VPN.
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. It is developed by the Tor Project and distributed by [Mullvad](vpn.md#mullvad), and does **not** require the use of Mullvad's VPN.
[:octicons-home-16: Homepage](https://mullvad.net/en/browser){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mullvad.net/en/help/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/ku-IQ/device-integrity.md b/i18n/ku-IQ/device-integrity.md
index fb19bab5..7de334df 100644
--- a/i18n/ku-IQ/device-integrity.md
+++ b/i18n/ku-IQ/device-integrity.md
@@ -45,6 +45,10 @@ These tools provide analysis based on the information they have the ability to a
## External Verification Tools
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -128,6 +132,11 @@ iMazing automates and interactively guides you through the process of using [MVT
## On-Device Verification
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
@@ -181,6 +190,10 @@ If your [threat model](basics/threat-modeling.md) requires privacy, you could co
## On-Device Scanners
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install on your device which scan your device for signs of compromise.
@@ -221,7 +234,7 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
{ align=right }
-**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Homepage](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/ku-IQ/dns.md b/i18n/ku-IQ/dns.md
index 2ce045de..bd366fc5 100644
--- a/i18n/ku-IQ/dns.md
+++ b/i18n/ku-IQ/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
DNSـی شفرکراو تەنها دەبێت بەکار بهێنرێت لەگەڵ ڕاژەکاری لایەنی سێیەم بۆ تێپەڕاندنی [قەدەغەکردنێکی DNSـی](https://en.wikipedia.org/wiki/DNS_blocking) سادە. کاتێک دڵنیا دەبیت کە هیچ دەرئەنجامێک نابێت. DNSـی شفرکراو یارمەتیت نادات لە شاردنەوەی هیچ یەکێک لە چالاکیەکانی گەڕانت.
[دەربارەی DNS زیاتر فێربە:material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/ku-IQ/document-collaboration.md b/i18n/ku-IQ/document-collaboration.md
index 4f7ed135..9bf30ec2 100644
--- a/i18n/ku-IQ/document-collaboration.md
+++ b/i18n/ku-IQ/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/ku-IQ/email-aliasing.md b/i18n/ku-IQ/email-aliasing.md
index 2b447982..c2f4c549 100644
--- a/i18n/ku-IQ/email-aliasing.md
+++ b/i18n/ku-IQ/email-aliasing.md
@@ -5,6 +5,11 @@ description: An email aliasing service allows you to easily generate a new email
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md). True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
diff --git a/i18n/ku-IQ/encryption.md b/i18n/ku-IQ/encryption.md
index da9ff73b..4e15e295 100644
--- a/i18n/ku-IQ/encryption.md
+++ b/i18n/ku-IQ/encryption.md
@@ -14,11 +14,15 @@ The options listed here are multi-platform and great for creating encrypted back
### Cryptomator (Cloud)
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
{ align=right }
-**Cryptomator** is an encryption solution designed for privately saving files to any cloud provider. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
[:octicons-home-16: Homepage](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Privacy Policy" }
@@ -49,6 +53,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Picocrypt (File)
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -72,6 +80,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### VeraCrypt (Disk)
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -103,6 +115,10 @@ Truecrypt has been [audited a number of times](https://en.wikipedia.org/wiki/Tru
## OS Full Disk Encryption
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
### BitLocker
@@ -227,6 +243,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## Command-line
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Tools with command-line interfaces are useful for integrating [shell scripts](https://en.wikipedia.org/wiki/Shell_script).
### Kryptor
@@ -273,6 +293,12 @@ Tools with command-line interfaces are useful for integrating [shell scripts](ht
## OpenPGP
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP is sometimes needed for specific tasks such as digitally signing and encrypting email. PGP has many features and is [complex](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) as it has been around a long time. For tasks such as signing or encrypting files, we suggest the above options.
When encrypting with PGP, you have the option to configure different options in your `gpg.conf` file. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/ku-IQ/file-sharing.md b/i18n/ku-IQ/file-sharing.md
index cfe78654..65d61df7 100644
--- a/i18n/ku-IQ/file-sharing.md
+++ b/i18n/ku-IQ/file-sharing.md
@@ -5,6 +5,10 @@ description: Discover how to privately share your files between your devices, wi
cover: file-sharing.webp
---
+Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Discover how to privately share your files between your devices, with your friends and family, or anonymously online.
## File Sharing
@@ -39,7 +43,7 @@ ffsend upload --host https://send.vis.ee/ FILE
{ align=right }
-**OnionShare** is an open-source tool that lets you securely and anonymously share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.
[:octicons-home-16: Homepage](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Onion Service" }
@@ -57,6 +61,8 @@ ffsend upload --host https://send.vis.ee/ FILE
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### Criteria
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
diff --git a/i18n/ku-IQ/language-tools.md b/i18n/ku-IQ/language-tools.md
index 1f6f756c..b69f9ff1 100644
--- a/i18n/ku-IQ/language-tools.md
+++ b/i18n/ku-IQ/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/ku-IQ/mobile-browsers.md b/i18n/ku-IQ/mobile-browsers.md
index 1fdcb7a1..82ebedc0 100644
--- a/i18n/ku-IQ/mobile-browsers.md
+++ b/i18n/ku-IQ/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. If you need to browse the internet anonymously, you should use [Tor](tor.md) instead.
## Android
diff --git a/i18n/ku-IQ/mobile-phones.md b/i18n/ku-IQ/mobile-phones.md
index 05d9bc84..c65b0814 100644
--- a/i18n/ku-IQ/mobile-phones.md
+++ b/i18n/ku-IQ/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/ku-IQ/multi-factor-authentication.md b/i18n/ku-IQ/multi-factor-authentication.md
index 6155ae93..87185132 100644
--- a/i18n/ku-IQ/multi-factor-authentication.md
+++ b/i18n/ku-IQ/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Hardware Keys
diff --git a/i18n/ku-IQ/notebooks.md b/i18n/ku-IQ/notebooks.md
index d450ba8b..27e9eada 100644
--- a/i18n/ku-IQ/notebooks.md
+++ b/i18n/ku-IQ/notebooks.md
@@ -5,6 +5,10 @@ description: These encrypted note-taking apps let you keep track of your notes w
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Keep track of your notes and journalings without giving them to a third-party.
If you are currently using an application like Evernote, Google Keep, or Microsoft OneNote, we suggest you pick an alternative here that supports E2EE.
diff --git a/i18n/ku-IQ/os/ios-overview.md b/i18n/ku-IQ/os/ios-overview.md
index b0935919..0100a6f3 100644
--- a/i18n/ku-IQ/os/ios-overview.md
+++ b/i18n/ku-IQ/os/ios-overview.md
@@ -42,7 +42,7 @@ You can also protect your data by limiting what you sync to iCloud in the first
A paid **iCloud+** subscription (with any iCloud storage plan) comes with some privacy-protecting functionality. While these may provide adequate service for current iCloud customers, we wouldn't recommend purchasing an iCloud+ plan over a [VPN](../vpn.md) and [standalone email aliasing service](../email-aliasing.md) just for these features alone.
-**Private Relay** is a proxy service which relays your Safari traffic through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a full VPN, Private Relay does not protect traffic from your apps outside of Safari.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Hide My Email** is Apple's email aliasing service. You can create an email aliases for free when you *Sign In With Apple* on a website or app, or generate unlimited aliases on demand with a paid iCloud+ plan. Hide My Email has the advantage of using the `@icloud.com` domain for its aliases, which may be less likely to be blocked compared to other email aliasing services, but does not offer functionality offered by standalone services such as automatic PGP encryption or multiple mailbox support.
diff --git a/i18n/ku-IQ/passwords.md b/i18n/ku-IQ/passwords.md
index d86cbfb0..c4cb82c1 100644
--- a/i18n/ku-IQ/passwords.md
+++ b/i18n/ku-IQ/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[Introduction to Passwords :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/ku-IQ/photo-management.md b/i18n/ku-IQ/photo-management.md
index 89f3a7d0..c526c59a 100644
--- a/i18n/ku-IQ/photo-management.md
+++ b/i18n/ku-IQ/photo-management.md
@@ -5,6 +5,11 @@ description: Photo management tools to keep your personal photos safe from the p
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. These options keep your personal photos private, while allowing you to share them only with family and trusted people.
## Ente Photos
diff --git a/i18n/ku-IQ/real-time-communication.md b/i18n/ku-IQ/real-time-communication.md
index 4bd1f966..4194f9c2 100644
--- a/i18n/ku-IQ/real-time-communication.md
+++ b/i18n/ku-IQ/real-time-communication.md
@@ -6,6 +6,13 @@ description: Other instant messengers make all of your private conversations ava
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[Types of Communication Networks :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -67,7 +74,7 @@ We have some additional tips on configuring and hardening your Signal installati
{ align=right }
-**SimpleX** Chat is an instant messenger that is decentralized and doesn't depend on any unique identifiers such as phone numbers or usernames. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
[:octicons-home-16: Homepage](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Privacy Policy" }
@@ -98,7 +105,7 @@ SimpleX Chat supports basic group chatting functionality, direct messaging, and
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/ku-IQ/security-keys.md b/i18n/ku-IQ/security-keys.md
index 4c60d2c0..5fb71cc3 100644
--- a/i18n/ku-IQ/security-keys.md
+++ b/i18n/ku-IQ/security-keys.md
@@ -5,6 +5,11 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A physical **security key** adds a very strong layer of protection to your online accounts. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/ku-IQ/tools.md b/i18n/ku-IQ/tools.md
index 4cd366ab..efe7e514 100644
--- a/i18n/ku-IQ/tools.md
+++ b/i18n/ku-IQ/tools.md
@@ -31,6 +31,15 @@ For more details about each project, why they were chosen, and additional tips o
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/ku-IQ/tor.md b/i18n/ku-IQ/tor.md
index 0f82d89f..5b2163c2 100644
--- a/i18n/ku-IQ/tor.md
+++ b/i18n/ku-IQ/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Tor** is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective censorship circumvention tool.
[Detailed Tor Overview :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-
-There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android.
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
-If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Tor Browser
diff --git a/i18n/ku-IQ/vpn.md b/i18n/ku-IQ/vpn.md
index d683c7e2..3ecba48a 100644
--- a/i18n/ku-IQ/vpn.md
+++ b/i18n/ku-IQ/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/nl/alternative-networks.md b/i18n/nl/alternative-networks.md
index b7e6aa59..546eeaab 100644
--- a/i18n/nl/alternative-networks.md
+++ b/i18n/nl/alternative-networks.md
@@ -5,9 +5,15 @@ description: These tools allow you to access networks other than the World Wide
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## Anonymizing Networks
-When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your anonymity, unless you know what you're doing.
+When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### Tor
@@ -15,7 +21,7 @@ When it comes to anonymizing networks, we want to specially note that [Tor](adva
{ align=right }
-The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuen en organisaties kunnen ook informatie delen via het Tor-netwerk met ".onion hidden services" zonder hun privacy in gevaar te brengen. Omdat Tor-verkeer moeilijk te blokkeren en te traceren is, is Tor een effectief middel om censuur te omzeilen.
+The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuen en organisaties kunnen ook informatie delen via het Tor-netwerk met ".onion hidden services" zonder hun privacy in gevaar te brengen. Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title=Homepage }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
diff --git a/i18n/nl/android/distributions.md b/i18n/nl/android/distributions.md
index 79a52bb1..e69caa07 100644
--- a/i18n/nl/android/distributions.md
+++ b/i18n/nl/android/distributions.md
@@ -29,6 +29,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A **custom Android-based operating system** (often known as a **custom ROM**) is a popular way to achieve higher levels of privacy and security on your device. This is in contrast to the "stock" version of Android which comes with your phone from the factory, and is often deeply integrated with Google Play Services.
We recommend installing one of these custom Android operating systems on your device, listed in order of preference, depending on your device's compatibility with these operating systems.
diff --git a/i18n/nl/android/general-apps.md b/i18n/nl/android/general-apps.md
index 111138c4..6b77b17f 100644
--- a/i18n/nl/android/general-apps.md
+++ b/i18n/nl/android/general-apps.md
@@ -91,6 +91,11 @@ The image orientation metadata is not deleted. If you enable location (in Secure
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/nl/browser-extensions.md b/i18n/nl/browser-extensions.md
index c78bdbf7..5eb52819 100644
--- a/i18n/nl/browser-extensions.md
+++ b/i18n/nl/browser-extensions.md
@@ -5,6 +5,10 @@ description: These browser extensions can enhance your browsing experience and p
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
In general, we recommend keeping your browser extensions to a minimum to decrease your attack surface. They have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
However, some provide functionality which can outweigh these downsides in certain situations, particularly when it comes to [content blocking](basics/common-threats.md#mass-surveillance-programs).
@@ -56,7 +60,7 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
{ align=right }
-**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function.
+**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/nl/calendar.md b/i18n/nl/calendar.md
index fdb20d88..7833670f 100644
--- a/i18n/nl/calendar.md
+++ b/i18n/nl/calendar.md
@@ -5,6 +5,11 @@ description: Agenda's bevatten een aantal van je meest gevoelige gegevens; gebru
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passieve aanvallen](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Dienstverleners](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Agenda's** bevatten een aantal van je meest gevoelige gegevens; gebruik producten die E2EE implementeren om te voorkomen dat een provider ze kan lezen.
## Tuta
diff --git a/i18n/nl/cloud.md b/i18n/nl/cloud.md
index a7945623..357679d0 100644
--- a/i18n/nl/cloud.md
+++ b/i18n/nl/cloud.md
@@ -6,6 +6,11 @@ description: Veel aanbieders van cloud-opslag eisen jouw volledige vertrouwen da
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passieve aanvallen](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Dienstverleners](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. De onderstaande alternatieven elimineren de noodzaak van vertrouwen door veilige E2EE te implementeren.
Als deze alternatieven niet aan jouw behoeften voldoen, raden wij je aan te kijken naar het gebruik van encryptiesoftware zoals [Cryptomator](encryption.md#cryptomator-cloud) met een andere cloud provider. Het gebruik van Cryptomator in combinatie met **elke** cloud provider (inclusief deze) kan een goed idee zijn om het risico van versleutelingsfouten in de native clients van een provider te verminderen.
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech).
+**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/nl/cryptocurrency.md b/i18n/nl/cryptocurrency.md
index 66a06673..29b1e417 100644
--- a/i18n/nl/cryptocurrency.md
+++ b/i18n/nl/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: Massabewaking](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censuur](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
Online betalen is een van de grootste uitdagingen voor privacy. Deze cryptocurrencies bieden standaard transactieprivacy (iets wat door de meeste cryptocurrencies **niet** wordt gegarandeerd), mits je goed begrijpt hoe je private betalingen effectief kunt uitvoeren. Wij raden je sterk aan eerst ons overzichtsartikel over betalingen te lezen voordat je aankopen doet:
[Privébetalingen maken :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -22,7 +27,7 @@ Veel zo niet de meeste cryptocurrency projecten zijn zwendel. Voer transacties z
{ align=right }
-**Monero** gebruikt een blockchain met privacyverbeterende technologieën die transacties versluieren om anonimiteit te bereiken. Elke Monero-transactie verbergt het transactiebedrag, het verzenden en ontvangen van adressen en de bron van fondsen zonder hoepels om doorheen te springen, waardoor het een ideale keuze is voor beginners met cryptocurrency.
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. Elke Monero-transactie verbergt het transactiebedrag, het verzenden en ontvangen van adressen en de bron van fondsen zonder hoepels om doorheen te springen, waardoor het een ideale keuze is voor beginners met cryptocurrency.
[:octicons-home-16: Homepage](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentation}
diff --git a/i18n/nl/desktop-browsers.md b/i18n/nl/desktop-browsers.md
index 478e6975..4b0a59b1 100644
--- a/i18n/nl/desktop-browsers.md
+++ b/i18n/nl/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance kapitalisme](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **desktop web browsers** and configurations for standard/non-anonymous browsing. Wij bevelen [Mullvad Browser](#mullvad-browser) aan als je je richt op sterke privacybescherming en anti-vingerafdrukken uit de doos, [Firefox](#firefox) voor casual internetbrowsers op zoek naar een goed alternatief voor Google Chrome, en [Brave](#brave) als je Chromium-browsercompatibiliteit nodig hebt.
In het algemeen raden we aan om extensies tot een minimum te beperken: ze hebben geprivilegieerde toegang binnen jouw browser, vereisen dat je de ontwikkelaar vertrouwt, kunnen je [doen opvallen](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), en [verzwakken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-Uchnm34/m/lDaXwQhzBAAJ) site-isolatie. We doen op deze pagina enkele aanbevelingen voor de configuratie, maar alle andere browsers dan Tor Browser zullen op een of andere manier traceerbaar zijn via *iemand*.
@@ -65,9 +69,9 @@ In het algemeen raden we aan om extensies tot een minimum te beperken: ze hebben
-Mullvad Browser logo](assets/img/browsers/mullvad_browser.svg){ align=right }
+{ align=right }
-**Mullvad Browser** is een versie van [Tor Browser](tor.md#tor-browser) met zonder Tor netwerk integraties, gericht op het aanbieden van Tor Browser's anti-vingerafdruk browser technologieën aan VPN gebruikers. Het is ontwikkeld door het Tor Project en gedistribueerd door [Mullvad](vpn.md#mullvad), en vereist **niet** het gebruik van Mullvad's VPN.
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. Het is ontwikkeld door het Tor Project en gedistribueerd door [Mullvad](vpn.md#mullvad), en vereist **niet** het gebruik van Mullvad's VPN.
[:octicons-home-16: Homepage](https://mullvad.net/en/browser){ .md-button .md-button--primary } [:octicons-eye-16:](https://mullvad.net/en/help/privacy-policy){ .card-link title="Privacy Policy" } [:octicons-info-16:](https://mullvad.net/en/help/tag/mullvad-browser){ .card-link title=Documentation} [:octicons-code-16:](https://gitlab.torproject.org/tpo/applications/mullvad-browser){ .card-link title="Source Code" }
diff --git a/i18n/nl/device-integrity.md b/i18n/nl/device-integrity.md
index fb19bab5..7de334df 100644
--- a/i18n/nl/device-integrity.md
+++ b/i18n/nl/device-integrity.md
@@ -45,6 +45,10 @@ These tools provide analysis based on the information they have the ability to a
## External Verification Tools
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -128,6 +132,11 @@ iMazing automates and interactively guides you through the process of using [MVT
## On-Device Verification
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
@@ -181,6 +190,10 @@ If your [threat model](basics/threat-modeling.md) requires privacy, you could co
## On-Device Scanners
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install on your device which scan your device for signs of compromise.
@@ -221,7 +234,7 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
{ align=right }
-**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Homepage](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/nl/dns.md b/i18n/nl/dns.md
index f61ac78a..f9fe6c60 100644
--- a/i18n/nl/dns.md
+++ b/i18n/nl/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance kapitalisme](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
Versleutelde DNS met servers van derden zou alleen moeten worden gebruikt om simpele [DNS-blokkering](https://en.wikipedia.org/wiki/DNS_blocking) te omzeilen en als je er zeker van bent dat er geen gevolgen zullen zijn. Versleutelde DNS zal je niet helpen jouw surfactiviteiten te verbergen.
[Meer informatie over DNS :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/nl/document-collaboration.md b/i18n/nl/document-collaboration.md
index b5ab91df..2f61482a 100644
--- a/i18n/nl/document-collaboration.md
+++ b/i18n/nl/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/nl/email-aliasing.md b/i18n/nl/email-aliasing.md
index 2b447982..c2f4c549 100644
--- a/i18n/nl/email-aliasing.md
+++ b/i18n/nl/email-aliasing.md
@@ -5,6 +5,11 @@ description: An email aliasing service allows you to easily generate a new email
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md). True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
diff --git a/i18n/nl/encryption.md b/i18n/nl/encryption.md
index a855b4e3..2fbc524a 100644
--- a/i18n/nl/encryption.md
+++ b/i18n/nl/encryption.md
@@ -14,11 +14,15 @@ De hier genoemde opties zijn multiplatform en zeer geschikt voor het maken van v
### Cryptomator (Cloud)
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passieve aanvallen](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
{ align=right }
-**Cryptomator** is een encryptie-oplossing die is ontworpen voor het privé opslaan van bestanden bij elke cloudprovider. Hiermee kunt u kluizen maken die worden opgeslagen op een virtuele schijf, waarvan de inhoud wordt gecodeerd en gesynchroniseerd met uw cloudopslagprovider.
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. Hiermee kunt u kluizen maken die worden opgeslagen op een virtuele schijf, waarvan de inhoud wordt gecodeerd en gesynchroniseerd met uw cloudopslagprovider.
[:octicons-home-16: Homepage](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Privacy Policy" }
@@ -49,6 +53,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Picocrypt (Bestand)
+
Protects against the following threat(s):
+
+- [:material-target-account: Gerichte aanvallen](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -72,6 +80,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### VeraCrypt (Schijf)
+
Protects against the following threat(s):
+
+- [:material-target-account: Gerichte aanvallen](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -103,6 +115,10 @@ Truecrypt is [een aantal keer gecontroleerd](https://en.wikipedia.org/wiki/TrueC
## OS Volledige Schijfversleuteling
+Protects against the following threat(s):
+
+- [:material-target-account: Gerichte aanvallen](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
### BitLocker
@@ -227,6 +243,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## Command-line
+Protects against the following threat(s):
+
+- [:material-target-account: Gerichte aanvallen](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Tools met command-line interfaces zijn handig voor het integreren van [shell scripts](https://en.wikipedia.org/wiki/Shell_script).
### Kryptor
@@ -273,6 +293,12 @@ Tools met command-line interfaces zijn handig voor het integreren van [shell scr
## OpenPGP
+Protects against the following threat(s):
+
+- [:material-target-account: Gerichte aanvallen](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Passieve aanvallen](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Dienstverleners](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP is soms nodig voor specifieke taken zoals het digitaal ondertekenen en versleutelen van e-mail. PGP heeft veel mogelijkheden en is [complex](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) omdat het al heel lang bestaat. Voor taken zoals het ondertekenen of versleutelen van bestanden, raden wij de bovenstaande opties aan.
Bij het versleutelen met PGP, heb je de optie om verschillende opties te configureren in het `gpg.conf` bestand. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/nl/file-sharing.md b/i18n/nl/file-sharing.md
index f4a135b1..57c95713 100644
--- a/i18n/nl/file-sharing.md
+++ b/i18n/nl/file-sharing.md
@@ -5,6 +5,10 @@ description: Ontdek hoe je jouw bestanden privé kunt delen tussen jouw apparate
cover: file-sharing.webp
---
+Protects against the following threat(s):
+
+- [:material-server-network: Dienstverleners](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Ontdek hoe je jouw bestanden privé kunt delen tussen jouw apparaten, met jouw vrienden en familie, of anoniem online.
## Bestanden Delen
@@ -39,7 +43,7 @@ ffsend upload --host https://send.vis.ee/ FILE
{ align=right }
-**OnionShare** is een open-source tool waarmee je veilig en anoniem een bestand van elke grootte kunt delen. Het werkt door een webserver te starten die toegankelijk is als een Tor onion service, met een onleesbare URL die je met de ontvangers kunt delen om bestanden te downloaden of te verzenden.
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. Het werkt door een webserver te starten die toegankelijk is als een Tor onion service, met een onleesbare URL die je met de ontvangers kunt delen om bestanden te downloaden of te verzenden.
[:octicons-home-16: Homepage](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Onion Service" }
@@ -57,6 +61,8 @@ ffsend upload --host https://send.vis.ee/ FILE
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### Criteria
**Wij zijn niet verbonden aan de projecten die wij aanbevelen.** Naast [onze standaardcriteria](about/criteria.md)hebben wij een duidelijke reeks eisen ontwikkeld om objectieve aanbevelingen te kunnen doen. Wij stellen voor dat je jezelf vertrouwd maakt met deze lijst voordat je een project kiest, en jouw eigen onderzoek uitvoert om er zeker van te zijn dat je de juiste keuze maakt.
diff --git a/i18n/nl/language-tools.md b/i18n/nl/language-tools.md
index 1124a579..4b1f2c90 100644
--- a/i18n/nl/language-tools.md
+++ b/i18n/nl/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/nl/mobile-browsers.md b/i18n/nl/mobile-browsers.md
index 4b4237f2..a04ae445 100644
--- a/i18n/nl/mobile-browsers.md
+++ b/i18n/nl/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance kapitalisme](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. In het algemeen raden we aan om extensies tot een minimum te beperken: ze hebben geprivilegieerde toegang binnen jouw browser, vereisen dat je de ontwikkelaar vertrouwt, kunnen je [doen opvallen](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), en [verzwakken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-Uchnm34/m/lDaXwQhzBAAJ) site-isolatie.
## Android
diff --git a/i18n/nl/mobile-phones.md b/i18n/nl/mobile-phones.md
index 4ba50eef..f0365f56 100644
--- a/i18n/nl/mobile-phones.md
+++ b/i18n/nl/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/nl/multi-factor-authentication.md b/i18n/nl/multi-factor-authentication.md
index 4167052f..5db87dcc 100644
--- a/i18n/nl/multi-factor-authentication.md
+++ b/i18n/nl/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Gerichte aanvallen](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Hardware Keys
diff --git a/i18n/nl/notebooks.md b/i18n/nl/notebooks.md
index d1268d2f..f821843c 100644
--- a/i18n/nl/notebooks.md
+++ b/i18n/nl/notebooks.md
@@ -5,6 +5,10 @@ description: These encrypted note-taking apps let you keep track of your notes w
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Dienstverleners](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Houd jouw notities en aantekeningen bij zonder ze aan derden te geven.
Als je momenteel een toepassing zoals Evernote, Google Keep of Microsoft OneNote gebruikt, raden wij je aan hier een alternatief te kiezen dat E2EE ondersteunt.
diff --git a/i18n/nl/os/ios-overview.md b/i18n/nl/os/ios-overview.md
index e11326d3..0c342358 100644
--- a/i18n/nl/os/ios-overview.md
+++ b/i18n/nl/os/ios-overview.md
@@ -42,7 +42,7 @@ Je kunt je gegevens ook beschermen door te beperken wat je synchroniseert met iC
Een betaald **iCloud+** abonnement (met elk iCloud opslagplan) wordt geleverd met een aantal privacybeschermende functies. Hoewel dit voldoende functionaliteit kan bieden voor huidige iCloud-klanten, zouden we het niet aanraden om puur en alleen voor deze functies een iCloud+-abonnement te kopen in plaats van een [VPN](../vpn.md) en [een aparte e-mailaliasing-service](../email-aliasing.md).
-**Privédoorgifte** is een proxyservice die je Safari-verkeer via twee servers doorstuurt: een van Apple en een van een externe provider (waaronder Akamai, Cloudflare en Fastly). In theorie zou dit er voor moeten zorgen dat geen enkele provider in de keten, inclusief Apple, volledig inzicht heeft in welke websites je bezoekt terwijl je verbonden bent. In tegenstelling tot een volledige VPN beschermt Privédoorgifte het verkeer van je apps buiten Safari niet.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theorie zou dit er voor moeten zorgen dat geen enkele provider in de keten, inclusief Apple, volledig inzicht heeft in welke websites je bezoekt terwijl je verbonden bent. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Verberg mijn e-mailadres** is de e-mailaliasingdienst van Apple. Je kunt gratis een e-mailalias aanmaken wanneer je *je aanmeldt met je Apple ID* op een website of app, of onbeperkt aliassen op aanvraag genereren met een betaald iCloud+-abonnement. Verberg mijn e-mailadres heeft het voordeel van het gebruik van het `@icloud.com` domein voor zijn aliassen, wat minder snel geblokkeerd wordt in vergelijking met andere e-mail aliasing diensten, maar biedt geen functionaliteit die geboden wordt door standalone diensten zoals automatische PGP encryptie of meerdere mailboxen ondersteuning.
diff --git a/i18n/nl/passwords.md b/i18n/nl/passwords.md
index 5fd393e2..aa27735b 100644
--- a/i18n/nl/passwords.md
+++ b/i18n/nl/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Gerichte aanvallen](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Passieve aanvallen](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Dienstverleners](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[Uitleg over wachtwoorden :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/nl/photo-management.md b/i18n/nl/photo-management.md
index 66924a40..235f9687 100644
--- a/i18n/nl/photo-management.md
+++ b/i18n/nl/photo-management.md
@@ -5,6 +5,11 @@ description: Photo management tools to keep your personal photos safe from the p
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. These options keep your personal photos private, while allowing you to share them only with family and trusted people.
## Ente Photos
diff --git a/i18n/nl/real-time-communication.md b/i18n/nl/real-time-communication.md
index e879ec91..4680a93b 100644
--- a/i18n/nl/real-time-communication.md
+++ b/i18n/nl/real-time-communication.md
@@ -6,6 +6,13 @@ description: Other instant messengers make all of your private conversations ava
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passieve aanvallen](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Dienstverleners](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: Massabewaking](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: Surveillance kapitalisme](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[Soorten communicatienetwerken :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -67,7 +74,7 @@ We hebben nog enkele extra tips over het configureren en verharden van jouw sign
{ align=right }
-**SimpleX** Chat is een instant messenger die gedecentraliseerd is en niet afhankelijk is van unieke identifiers zoals telefoonnummers of gebruikersnamen. Berichten en bestanden die in privéruimten worden gedeeld (waarvoor een uitnodiging nodig is) zijn standaard E2EE, net als één-op-één spraak- en videogesprekken.
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Berichten en bestanden die in privéruimten worden gedeeld (waarvoor een uitnodiging nodig is) zijn standaard E2EE, net als één-op-één spraak- en videogesprekken.
[:octicons-home-16: Homepage](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Privacy Policy" }
@@ -98,7 +105,7 @@ SimpleX Chat supports basic group chatting functionality, direct messaging, and
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network. Briar kan ook verbinding maken via Wi-Fi of Bluetooth wanneer hij in de buurt is. Briar's lokale mesh-modus kan nuttig zijn wanneer de beschikbaarheid van internet een probleem is.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar kan ook verbinding maken via Wi-Fi of Bluetooth wanneer hij in de buurt is. Briar's lokale mesh-modus kan nuttig zijn wanneer de beschikbaarheid van internet een probleem is.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/nl/security-keys.md b/i18n/nl/security-keys.md
index 52708f2c..a6d248e3 100644
--- a/i18n/nl/security-keys.md
+++ b/i18n/nl/security-keys.md
@@ -5,6 +5,11 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A physical **security key** adds a very strong layer of protection to your online accounts. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/nl/tools.md b/i18n/nl/tools.md
index efe81775..5eabd6f2 100644
--- a/i18n/nl/tools.md
+++ b/i18n/nl/tools.md
@@ -31,6 +31,15 @@ Voor meer details over elk project, waarom ze werden gekozen, en extra tips of t
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/nl/tor.md b/i18n/nl/tor.md
index b949f8b4..7c24084e 100644
--- a/i18n/nl/tor.md
+++ b/i18n/nl/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance kapitalisme](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: Massabewaking](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censuur](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Tor** is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuen en organisaties kunnen ook informatie delen via het Tor-netwerk met ".onion hidden services" zonder hun privacy in gevaar te brengen. Omdat Tor-verkeer moeilijk te blokkeren en te traceren is, is Tor een effectief middel om censuur te omzeilen.
[Gedetailleerd Tor-overzicht :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-
-Er zijn verschillende manieren om verbinding te maken met het Tor-netwerk vanaf je apparaat. De meest gebruikte is de **Tor Browser**, een fork van Firefox ontworpen voor anoniem browsen voor desktop computers en Android.
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
-If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Tor Browser
diff --git a/i18n/nl/vpn.md b/i18n/nl/vpn.md
index de481b4d..87be0c99 100644
--- a/i18n/nl/vpn.md
+++ b/i18n/nl/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance kapitalisme](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/pl/alternative-networks.md b/i18n/pl/alternative-networks.md
index 79017cee..4c8a6e25 100644
--- a/i18n/pl/alternative-networks.md
+++ b/i18n/pl/alternative-networks.md
@@ -5,9 +5,15 @@ description: These tools allow you to access networks other than the World Wide
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## Anonymizing Networks
-When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your anonymity, unless you know what you're doing.
+When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### Tor
@@ -15,7 +21,7 @@ When it comes to anonymizing networks, we want to specially note that [Tor](adva
{ align=right }
-The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective censorship circumvention tool.
+The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title=Homepage }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
diff --git a/i18n/pl/android/distributions.md b/i18n/pl/android/distributions.md
index 339587be..c3c27e85 100644
--- a/i18n/pl/android/distributions.md
+++ b/i18n/pl/android/distributions.md
@@ -29,6 +29,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A **custom Android-based operating system** (often known as a **custom ROM**) is a popular way to achieve higher levels of privacy and security on your device. This is in contrast to the "stock" version of Android which comes with your phone from the factory, and is often deeply integrated with Google Play Services.
We recommend installing one of these custom Android operating systems on your device, listed in order of preference, depending on your device's compatibility with these operating systems.
diff --git a/i18n/pl/android/general-apps.md b/i18n/pl/android/general-apps.md
index d13deac9..e3221737 100644
--- a/i18n/pl/android/general-apps.md
+++ b/i18n/pl/android/general-apps.md
@@ -91,6 +91,11 @@ The image orientation metadata is not deleted. If you enable location (in Secure
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/pl/browser-extensions.md b/i18n/pl/browser-extensions.md
index d5644115..f0a2bf5b 100644
--- a/i18n/pl/browser-extensions.md
+++ b/i18n/pl/browser-extensions.md
@@ -5,6 +5,10 @@ description: These browser extensions can enhance your browsing experience and p
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
In general, we recommend keeping your browser extensions to a minimum to decrease your attack surface. They have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
However, some provide functionality which can outweigh these downsides in certain situations, particularly when it comes to [content blocking](basics/common-threats.md#mass-surveillance-programs).
@@ -56,7 +60,7 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
{ align=right }
-**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function.
+**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/pl/calendar.md b/i18n/pl/calendar.md
index 58e2d0eb..497e0274 100644
--- a/i18n/pl/calendar.md
+++ b/i18n/pl/calendar.md
@@ -5,6 +5,11 @@ description: Calendars contain some of your most sensitive data; use products th
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Calendars** contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
## Tuta
diff --git a/i18n/pl/cloud.md b/i18n/pl/cloud.md
index 1b691f08..42467f65 100644
--- a/i18n/pl/cloud.md
+++ b/i18n/pl/cloud.md
@@ -6,6 +6,11 @@ description: Many cloud storage providers require your trust that they will not
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. The alternatives listed below eliminate the need for trust by implementing secure E2EE.
If these alternatives do not fit your needs, we suggest you look into using encryption software like [Cryptomator](encryption.md#cryptomator-cloud) with another cloud provider. Using Cryptomator in conjunction with **any** cloud provider (including these) may be a good idea to reduce the risk of encryption flaws in a provider's native clients.
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech).
+**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/pl/cryptocurrency.md b/i18n/pl/cryptocurrency.md
index 2fd5ccf5..348e2546 100644
--- a/i18n/pl/cryptocurrency.md
+++ b/i18n/pl/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
Making payments online is one of the biggest challenges to privacy. These cryptocurrencies provide transaction privacy by default (something which is **not** guaranteed by the majority of cryptocurrencies), provided you have a strong understanding of how to make private payments effectively. We strongly encourage you first read our payments overview article before making any purchases:
[Making Private Payments :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -22,7 +27,7 @@ Many if not most cryptocurrency projects are scams. Make transactions carefully
{ align=right }
-**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve anonymity. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
[:octicons-home-16: Homepage](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentation}
diff --git a/i18n/pl/desktop-browsers.md b/i18n/pl/desktop-browsers.md
index ff768baa..072eaed0 100644
--- a/i18n/pl/desktop-browsers.md
+++ b/i18n/pl/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
To są obecnie zalecane przez nas **przeglądarki internetowe** i konfiguracje dla przeglądania standardowego/nieanonimowego. Polecamy [Mullvad Browser](#mullvad-browser), jeśli koncentrujesz się na silnej ochronie prywatności i ochronie przed odciskami palców po instalacji, [Firefox](#firefox) dla standardowego przeglądania internetu jako dobra alternatywa dla Google Chrome, oraz [Brave](#brave), jeśli potrzebujesz kompatybilności z przeglądarką Chromium.
Jeśli chcesz przeglądać Internet anonimowo, powinieneś użyć [Tor](tor.md). Na tej stronie przedstawiamy pewne zalecenia dotyczące konfiguracji, ale wszystkie przeglądarki inne niż Tor Browser będą w taki czy inny sposób śledzone przez *kogoś*.
@@ -65,9 +69,9 @@ Jeśli chcesz przeglądać Internet anonimowo, powinieneś użyć [Tor](tor.md).
-{ align=right }
+{ align=right }
-**Mullvad Browser** to wersja [przeglądarki Tor](tor.md#tor-browser) z usuniętymi integracjami sieci Tor, mająca na celu dostarczenie technologii przeglądarki Tor Browser zapobiegającej odciskom palców użytkownikom VPN. Jest on rozwijany przez Tor Project i dystrybuowany przez [Mullvad](vpn.md#mullvad) i **nie** wymaga korzystania z VPN Mullvad.
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. Jest on rozwijany przez Tor Project i dystrybuowany przez [Mullvad](vpn.md#mullvad) i **nie** wymaga korzystania z VPN Mullvad.
[:octicons-home-16: Strona główna](https://mullvad.net/pl/download/browser){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mullvad.net/pl/help/privacy-policy/){ .card-link title="Polityka prywatności" }
diff --git a/i18n/pl/device-integrity.md b/i18n/pl/device-integrity.md
index fb19bab5..7de334df 100644
--- a/i18n/pl/device-integrity.md
+++ b/i18n/pl/device-integrity.md
@@ -45,6 +45,10 @@ These tools provide analysis based on the information they have the ability to a
## External Verification Tools
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -128,6 +132,11 @@ iMazing automates and interactively guides you through the process of using [MVT
## On-Device Verification
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
@@ -181,6 +190,10 @@ If your [threat model](basics/threat-modeling.md) requires privacy, you could co
## On-Device Scanners
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install on your device which scan your device for signs of compromise.
@@ -221,7 +234,7 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
{ align=right }
-**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Homepage](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/pl/dns.md b/i18n/pl/dns.md
index 7f8576c5..1db7522d 100644
--- a/i18n/pl/dns.md
+++ b/i18n/pl/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
Encrypted DNS with third-party servers should only be used to get around basic [DNS blocking](https://en.wikipedia.org/wiki/DNS_blocking) when you can be sure there won't be any consequences. Szyfrowany DNS nie pomoże Ci w ukryciu jakiejkolwiek aktywności w Internecie.
[Learn more about DNS :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/pl/document-collaboration.md b/i18n/pl/document-collaboration.md
index 127d4c45..ad1a0602 100644
--- a/i18n/pl/document-collaboration.md
+++ b/i18n/pl/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/pl/email-aliasing.md b/i18n/pl/email-aliasing.md
index 2b447982..c2f4c549 100644
--- a/i18n/pl/email-aliasing.md
+++ b/i18n/pl/email-aliasing.md
@@ -5,6 +5,11 @@ description: An email aliasing service allows you to easily generate a new email
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md). True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
diff --git a/i18n/pl/encryption.md b/i18n/pl/encryption.md
index c0ae91de..06bd3603 100644
--- a/i18n/pl/encryption.md
+++ b/i18n/pl/encryption.md
@@ -14,11 +14,15 @@ Wymienione tutaj opcje są międzyplatformowe i świetnie nadają się do tworze
### Cryptomator (Chmura)
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
{ align=right }
-**Cryptomator** to rozwiązanie szyfrujące zaprojektowane do prywatnego zapisywania plików do dowolnego dostawcy usług chmury. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
[:octicons-home-16: Homepage](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Privacy Policy" }
@@ -49,6 +53,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Picocrypt (File)
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -72,6 +80,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### VeraCrypt (Disk)
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -103,6 +115,10 @@ Truecrypt has been [audited a number of times](https://en.wikipedia.org/wiki/Tru
## OS Full Disk Encryption
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
### BitLocker
@@ -227,6 +243,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## Command-line
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Tools with command-line interfaces are useful for integrating [shell scripts](https://en.wikipedia.org/wiki/Shell_script).
### Kryptor
@@ -273,6 +293,12 @@ Tools with command-line interfaces are useful for integrating [shell scripts](ht
## OpenPGP
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP is sometimes needed for specific tasks such as digitally signing and encrypting email. PGP has many features and is [complex](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) as it has been around a long time. For tasks such as signing or encrypting files, we suggest the above options.
When encrypting with PGP, you have the option to configure different options in your `gpg.conf` file. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/pl/file-sharing.md b/i18n/pl/file-sharing.md
index 5977a66b..7336d561 100644
--- a/i18n/pl/file-sharing.md
+++ b/i18n/pl/file-sharing.md
@@ -5,6 +5,10 @@ description: Dowiedz się, jak prywatnie udostępniać piki pomiędzy swoimi urz
cover: file-sharing.webp
---
+Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Dowiedz się, jak prywatnie udostępniać piki pomiędzy swoimi urządzeniami, ze znajomymi lub rodziną lub anonimowo w sieci.
## Udostępnianie plików
@@ -43,7 +47,7 @@ ffsend upload --host https://send.vis.ee/ FILE
{ align=right }
-**OnionShare** is an open-source tool that lets you securely and anonymously share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.
[:octicons-home-16: Homepage](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Onion Service" }
@@ -61,6 +65,8 @@ ffsend upload --host https://send.vis.ee/ FILE
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### Criteria
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
diff --git a/i18n/pl/language-tools.md b/i18n/pl/language-tools.md
index 08230ab1..8deab7e6 100644
--- a/i18n/pl/language-tools.md
+++ b/i18n/pl/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/pl/mobile-browsers.md b/i18n/pl/mobile-browsers.md
index 25cf0337..d6d1f750 100644
--- a/i18n/pl/mobile-browsers.md
+++ b/i18n/pl/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. If you need to browse the internet anonymously, you should use [Tor](tor.md) instead.
## Android
diff --git a/i18n/pl/mobile-phones.md b/i18n/pl/mobile-phones.md
index 05d9bc84..c65b0814 100644
--- a/i18n/pl/mobile-phones.md
+++ b/i18n/pl/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/pl/multi-factor-authentication.md b/i18n/pl/multi-factor-authentication.md
index 2c5d1e14..db09a068 100644
--- a/i18n/pl/multi-factor-authentication.md
+++ b/i18n/pl/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Hardware Keys
diff --git a/i18n/pl/notebooks.md b/i18n/pl/notebooks.md
index 141e36a9..2ec42af8 100644
--- a/i18n/pl/notebooks.md
+++ b/i18n/pl/notebooks.md
@@ -5,6 +5,10 @@ description: These encrypted note-taking apps let you keep track of your notes w
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Prowadź swoje notatniki i dzienniki bez udostępniania ich stronom trzecim.
Jeśli obecnie używasz aplikacji, takiej jak Evernote, Google Keep lub Microsoft OneNote, sugerujemy, aby wybrać jedną z tych alternatyw, która obsługuje E2EE.
diff --git a/i18n/pl/os/ios-overview.md b/i18n/pl/os/ios-overview.md
index 830c3c67..15e445a5 100644
--- a/i18n/pl/os/ios-overview.md
+++ b/i18n/pl/os/ios-overview.md
@@ -42,7 +42,7 @@ You can also protect your data by limiting what you sync to iCloud in the first
A paid **iCloud+** subscription (with any iCloud storage plan) comes with some privacy-protecting functionality. While these may provide adequate service for current iCloud customers, we wouldn't recommend purchasing an iCloud+ plan over a [VPN](../vpn.md) and [standalone email aliasing service](../email-aliasing.md) just for these features alone.
-**Private Relay** is a proxy service which relays your Safari traffic through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a full VPN, Private Relay does not protect traffic from your apps outside of Safari.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Hide My Email** is Apple's email aliasing service. You can create an email aliases for free when you *Sign In With Apple* on a website or app, or generate unlimited aliases on demand with a paid iCloud+ plan. Hide My Email has the advantage of using the `@icloud.com` domain for its aliases, which may be less likely to be blocked compared to other email aliasing services, but does not offer functionality offered by standalone services such as automatic PGP encryption or multiple mailbox support.
diff --git a/i18n/pl/passwords.md b/i18n/pl/passwords.md
index dc104d7b..6bb23d32 100644
--- a/i18n/pl/passwords.md
+++ b/i18n/pl/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[Introduction to Passwords :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/pl/photo-management.md b/i18n/pl/photo-management.md
index 6fb951f9..e429d06f 100644
--- a/i18n/pl/photo-management.md
+++ b/i18n/pl/photo-management.md
@@ -5,6 +5,11 @@ description: Photo management tools to keep your personal photos safe from the p
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. These options keep your personal photos private, while allowing you to share them only with family and trusted people.
## Ente Photos
diff --git a/i18n/pl/real-time-communication.md b/i18n/pl/real-time-communication.md
index 4bd1f966..4194f9c2 100644
--- a/i18n/pl/real-time-communication.md
+++ b/i18n/pl/real-time-communication.md
@@ -6,6 +6,13 @@ description: Other instant messengers make all of your private conversations ava
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[Types of Communication Networks :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -67,7 +74,7 @@ We have some additional tips on configuring and hardening your Signal installati
{ align=right }
-**SimpleX** Chat is an instant messenger that is decentralized and doesn't depend on any unique identifiers such as phone numbers or usernames. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
[:octicons-home-16: Homepage](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Privacy Policy" }
@@ -98,7 +105,7 @@ SimpleX Chat supports basic group chatting functionality, direct messaging, and
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/pl/security-keys.md b/i18n/pl/security-keys.md
index 4c60d2c0..5fb71cc3 100644
--- a/i18n/pl/security-keys.md
+++ b/i18n/pl/security-keys.md
@@ -5,6 +5,11 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A physical **security key** adds a very strong layer of protection to your online accounts. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/pl/tools.md b/i18n/pl/tools.md
index 070b87d2..ee4b7cf9 100644
--- a/i18n/pl/tools.md
+++ b/i18n/pl/tools.md
@@ -31,6 +31,15 @@ For more details about each project, why they were chosen, and additional tips o
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/pl/tor.md b/i18n/pl/tor.md
index 0f82d89f..5b2163c2 100644
--- a/i18n/pl/tor.md
+++ b/i18n/pl/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Tor** is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective censorship circumvention tool.
[Detailed Tor Overview :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-
-There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android.
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
-If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Tor Browser
diff --git a/i18n/pl/vpn.md b/i18n/pl/vpn.md
index 5b716bce..2b15053d 100644
--- a/i18n/pl/vpn.md
+++ b/i18n/pl/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/pt-BR/alternative-networks.md b/i18n/pt-BR/alternative-networks.md
index 2d0a70b1..9c8429c8 100644
--- a/i18n/pt-BR/alternative-networks.md
+++ b/i18n/pt-BR/alternative-networks.md
@@ -5,9 +5,15 @@ description: These tools allow you to access networks other than the World Wide
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## Anonymizing Networks
-When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your anonymity, unless you know what you're doing.
+When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### Tor
@@ -15,7 +21,7 @@ When it comes to anonymizing networks, we want to specially note that [Tor](adva
{ align=right }
-The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Os indivíduos e organizações também podem compartilhar informações através da rede Tor com "serviços ocultos .onion", sem comprometer sua privacidade. Como o tráfego do Tor é difícil de bloquear e rastrear, o Tor é uma ferramenta eficaz para contornar a censura.
+The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Os indivíduos e organizações também podem compartilhar informações através da rede Tor com "serviços ocultos .onion", sem comprometer sua privacidade. Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title=Homepage }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
diff --git a/i18n/pt-BR/android/distributions.md b/i18n/pt-BR/android/distributions.md
index 339587be..c3c27e85 100644
--- a/i18n/pt-BR/android/distributions.md
+++ b/i18n/pt-BR/android/distributions.md
@@ -29,6 +29,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A **custom Android-based operating system** (often known as a **custom ROM**) is a popular way to achieve higher levels of privacy and security on your device. This is in contrast to the "stock" version of Android which comes with your phone from the factory, and is often deeply integrated with Google Play Services.
We recommend installing one of these custom Android operating systems on your device, listed in order of preference, depending on your device's compatibility with these operating systems.
diff --git a/i18n/pt-BR/android/general-apps.md b/i18n/pt-BR/android/general-apps.md
index d13deac9..e3221737 100644
--- a/i18n/pt-BR/android/general-apps.md
+++ b/i18n/pt-BR/android/general-apps.md
@@ -91,6 +91,11 @@ The image orientation metadata is not deleted. If you enable location (in Secure
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/pt-BR/browser-extensions.md b/i18n/pt-BR/browser-extensions.md
index 897993fb..8fdef6fa 100644
--- a/i18n/pt-BR/browser-extensions.md
+++ b/i18n/pt-BR/browser-extensions.md
@@ -5,6 +5,10 @@ description: These browser extensions can enhance your browsing experience and p
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
In general, we recommend keeping your browser extensions to a minimum to decrease your attack surface. They have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
However, some provide functionality which can outweigh these downsides in certain situations, particularly when it comes to [content blocking](basics/common-threats.md#mass-surveillance-programs).
@@ -56,7 +60,7 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
{ align=right }
-**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function.
+**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/pt-BR/calendar.md b/i18n/pt-BR/calendar.md
index 7f9708b8..88717c42 100644
--- a/i18n/pt-BR/calendar.md
+++ b/i18n/pt-BR/calendar.md
@@ -5,6 +5,11 @@ description: Calendars contain some of your most sensitive data; use products th
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Ataques Passivos](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Calendars** contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
## Tuta
diff --git a/i18n/pt-BR/cloud.md b/i18n/pt-BR/cloud.md
index c3b8877d..10dcdeaa 100644
--- a/i18n/pt-BR/cloud.md
+++ b/i18n/pt-BR/cloud.md
@@ -6,6 +6,11 @@ description: Many cloud storage providers require your trust that they will not
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Ataques Passivos](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. The alternatives listed below eliminate the need for trust by implementing secure E2EE.
If these alternatives do not fit your needs, we suggest you look into using encryption software like [Cryptomator](encryption.md#cryptomator-cloud) with another cloud provider. Using Cryptomator in conjunction with **any** cloud provider (including these) may be a good idea to reduce the risk of encryption flaws in a provider's native clients.
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech).
+**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/pt-BR/cryptocurrency.md b/i18n/pt-BR/cryptocurrency.md
index f63031ff..068a12be 100644
--- a/i18n/pt-BR/cryptocurrency.md
+++ b/i18n/pt-BR/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
Fazer pagamentos “on-line” é um dos maiores desafios à privacidade. Essas criptomoedas oferecem privacidade nas transações por padrão (algo que **não** é garantido pela maioria das criptomoedas), desde que você tenha um bom conhecimento de como fazer pagamentos privados de forma eficaz. Recomendamos fortemente que você leia primeiro nosso artigo de visão geral sobre pagamentos antes de fazer qualquer compra:
[Fazendo Pagamentos Privados :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -22,7 +27,7 @@ Many if not most cryptocurrency projects are scams. Make transactions carefully
{ align=right }
-**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve anonymity. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
[:octicons-home-16: Homepage](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentation}
diff --git a/i18n/pt-BR/desktop-browsers.md b/i18n/pt-BR/desktop-browsers.md
index d782a362..2b104560 100644
--- a/i18n/pt-BR/desktop-browsers.md
+++ b/i18n/pt-BR/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **desktop web browsers** and configurations for standard/non-anonymous browsing. Recomendamos [Mullvad Browser](#mullvad-browser) se estiver interessado em fortes proteções de privacidade e anti-fingerprinting por padrão, o [Firefox](#firefox) para navegadores de internet comuns que buscam uma boa alternativa ao Google Chrome e o [Brave](#brave) se você precisar de compatibilidade com a engine Chromium.
Se você precisa navegar na internet de maneira anônima, você deveria usar o [Tor](tor.md) em vez disso. Temos algumas recomendações de configuração nessa página, mas todos os navegadores que não sejam o Tor Browser são rastreáveis por *alguém* de alguma maneira ou de outra.
@@ -67,7 +71,7 @@ Se você precisa navegar na internet de maneira anônima, você deveria usar o [
{ align=right }
-**Mullvad Browser** é uma versão do [Tor Browser](tor.md#tor-browser) com a integração na rede Tor removida, buscando providenciar as tecnologias anti-fingerprinting do Tor Browser para usuários de VPN. É desenvolvido pelo Projeto Tor e distribuído pela [Mullvad](vpn.md#mullvad), e **não** requer o uso da VPN da Mullvad.
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. É desenvolvido pelo Projeto Tor e distribuído pela [Mullvad](vpn.md#mullvad), e **não** requer o uso da VPN da Mullvad.
[:octicons-home-16: Homepage](https://mullvad.net/en/browser){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mullvad.net/en/help/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/pt-BR/device-integrity.md b/i18n/pt-BR/device-integrity.md
index fb19bab5..7de334df 100644
--- a/i18n/pt-BR/device-integrity.md
+++ b/i18n/pt-BR/device-integrity.md
@@ -45,6 +45,10 @@ These tools provide analysis based on the information they have the ability to a
## External Verification Tools
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -128,6 +132,11 @@ iMazing automates and interactively guides you through the process of using [MVT
## On-Device Verification
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
@@ -181,6 +190,10 @@ If your [threat model](basics/threat-modeling.md) requires privacy, you could co
## On-Device Scanners
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install on your device which scan your device for signs of compromise.
@@ -221,7 +234,7 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
{ align=right }
-**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Homepage](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/pt-BR/dns.md b/i18n/pt-BR/dns.md
index 89ceb2fc..2aa1b274 100644
--- a/i18n/pt-BR/dns.md
+++ b/i18n/pt-BR/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
DNS criptografado com servidores de terceiros só deve ser usado para contornar o [bloqueio básico de DNS](https://en.wikipedia.org/wiki/DNS_blocking) quando você pode ter certeza de que não haverá nenhuma consequência. DNS criptografado não ajudará você a esconder nenhuma de suas atividades de navegação.
[Saiba mais sobre DNS :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/pt-BR/document-collaboration.md b/i18n/pt-BR/document-collaboration.md
index cbd4f73e..eea3db7f 100644
--- a/i18n/pt-BR/document-collaboration.md
+++ b/i18n/pt-BR/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/pt-BR/email-aliasing.md b/i18n/pt-BR/email-aliasing.md
index 2b447982..c2f4c549 100644
--- a/i18n/pt-BR/email-aliasing.md
+++ b/i18n/pt-BR/email-aliasing.md
@@ -5,6 +5,11 @@ description: An email aliasing service allows you to easily generate a new email
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md). True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
diff --git a/i18n/pt-BR/encryption.md b/i18n/pt-BR/encryption.md
index f251eef4..59df2ade 100644
--- a/i18n/pt-BR/encryption.md
+++ b/i18n/pt-BR/encryption.md
@@ -14,11 +14,15 @@ As opções listadas aqui suportam múltiplas plataformas e são ótimas para cr
### Cryptomator (Nuvem)
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Ataques Passivos](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
{ align=right }
-**Cryptomator** é uma solução de criptografia projetada para salvar arquivos de forma privada em qualquer provedor de nuvem. Ele permite que você crie cofres armazenados em uma unidade virtual (virtual disk), cujo conteúdo é criptografado e sincronizado com seu provedor de armazenamento em nuvem.
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. Ele permite que você crie cofres armazenados em uma unidade virtual (virtual disk), cujo conteúdo é criptografado e sincronizado com seu provedor de armazenamento em nuvem.
[:octicons-home-16: Homepage](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Privacy Policy" }
@@ -49,6 +53,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Picocrypt (Arquivo)
+
Protects against the following threat(s):
+
+- [:material-target-account: Ataques Direcionados](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -72,6 +80,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### VeraCrypt (Disk)
+
Protects against the following threat(s):
+
+- [:material-target-account: Ataques Direcionados](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -103,6 +115,10 @@ Truecrypt has been [audited a number of times](https://en.wikipedia.org/wiki/Tru
## OS Full Disk Encryption
+Protects against the following threat(s):
+
+- [:material-target-account: Ataques Direcionados](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
### BitLocker
@@ -227,6 +243,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## Command-line
+Protects against the following threat(s):
+
+- [:material-target-account: Ataques Direcionados](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Tools with command-line interfaces are useful for integrating [shell scripts](https://en.wikipedia.org/wiki/Shell_script).
### Kryptor
@@ -273,6 +293,12 @@ Tools with command-line interfaces are useful for integrating [shell scripts](ht
## OpenPGP
+Protects against the following threat(s):
+
+- [:material-target-account: Ataques Direcionados](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Ataques Passivos](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP is sometimes needed for specific tasks such as digitally signing and encrypting email. PGP has many features and is [complex](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) as it has been around a long time. For tasks such as signing or encrypting files, we suggest the above options.
When encrypting with PGP, you have the option to configure different options in your `gpg.conf` file. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/pt-BR/file-sharing.md b/i18n/pt-BR/file-sharing.md
index 63d4e9d2..1dbb8f74 100644
--- a/i18n/pt-BR/file-sharing.md
+++ b/i18n/pt-BR/file-sharing.md
@@ -5,6 +5,10 @@ description: Descubra como compartilhar seus arquivos de forma privada entre seu
cover: file-sharing.webp
---
+Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Descubra como compartilhar seus arquivos de forma privada entre seus dispositivos, com seus amigos e familiares ou de forma anônima on-line.
## Compartilhamento de Arquivos
@@ -39,7 +43,7 @@ ffsend upload --host https://send.vis.ee/ FILE
{ align=right }
-**OnionShare** is an open-source tool that lets you securely and anonymously share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.
[:octicons-home-16: Homepage](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Onion Service" }
@@ -57,6 +61,8 @@ ffsend upload --host https://send.vis.ee/ FILE
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### Criteria
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
diff --git a/i18n/pt-BR/language-tools.md b/i18n/pt-BR/language-tools.md
index 514c169d..77cc5c78 100644
--- a/i18n/pt-BR/language-tools.md
+++ b/i18n/pt-BR/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/pt-BR/mobile-browsers.md b/i18n/pt-BR/mobile-browsers.md
index 66a631c5..48437f53 100644
--- a/i18n/pt-BR/mobile-browsers.md
+++ b/i18n/pt-BR/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. Se você precisa navegar pela internet anonimamente, você deve usar o [Tor](tor.md).
## Android
diff --git a/i18n/pt-BR/mobile-phones.md b/i18n/pt-BR/mobile-phones.md
index 05d9bc84..c65b0814 100644
--- a/i18n/pt-BR/mobile-phones.md
+++ b/i18n/pt-BR/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/pt-BR/multi-factor-authentication.md b/i18n/pt-BR/multi-factor-authentication.md
index 2bdb915e..7f65838e 100644
--- a/i18n/pt-BR/multi-factor-authentication.md
+++ b/i18n/pt-BR/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Ataques Direcionados](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Hardware Keys
diff --git a/i18n/pt-BR/notebooks.md b/i18n/pt-BR/notebooks.md
index d73a8222..b286ec16 100644
--- a/i18n/pt-BR/notebooks.md
+++ b/i18n/pt-BR/notebooks.md
@@ -5,6 +5,10 @@ description: These encrypted note-taking apps let you keep track of your notes w
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Mantenha o controle de suas anotações e registros de atividades sem entregá-los a terceiros.
Se você estiver usando atualmente um aplicativo como Evernote, Google Keep, ou Microsoft OneNote, sugerimos que escolha uma alternativa que suporte E2EE.
diff --git a/i18n/pt-BR/os/ios-overview.md b/i18n/pt-BR/os/ios-overview.md
index e18f9315..3548b59c 100644
--- a/i18n/pt-BR/os/ios-overview.md
+++ b/i18n/pt-BR/os/ios-overview.md
@@ -42,7 +42,7 @@ You can also protect your data by limiting what you sync to iCloud in the first
A paid **iCloud+** subscription (with any iCloud storage plan) comes with some privacy-protecting functionality. While these may provide adequate service for current iCloud customers, we wouldn't recommend purchasing an iCloud+ plan over a [VPN](../vpn.md) and [standalone email aliasing service](../email-aliasing.md) just for these features alone.
-**Private Relay** is a proxy service which relays your Safari traffic through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a full VPN, Private Relay does not protect traffic from your apps outside of Safari.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Hide My Email** is Apple's email aliasing service. You can create an email aliases for free when you *Sign In With Apple* on a website or app, or generate unlimited aliases on demand with a paid iCloud+ plan. Hide My Email has the advantage of using the `@icloud.com` domain for its aliases, which may be less likely to be blocked compared to other email aliasing services, but does not offer functionality offered by standalone services such as automatic PGP encryption or multiple mailbox support.
diff --git a/i18n/pt-BR/passwords.md b/i18n/pt-BR/passwords.md
index e7ef7c9c..7ce48a7b 100644
--- a/i18n/pt-BR/passwords.md
+++ b/i18n/pt-BR/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Ataques Direcionados](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Ataques Passivos](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[Introdução às Senhas :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/pt-BR/photo-management.md b/i18n/pt-BR/photo-management.md
index f2d420ac..1470005d 100644
--- a/i18n/pt-BR/photo-management.md
+++ b/i18n/pt-BR/photo-management.md
@@ -5,6 +5,11 @@ description: Photo management tools to keep your personal photos safe from the p
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. These options keep your personal photos private, while allowing you to share them only with family and trusted people.
## Ente Photos
diff --git a/i18n/pt-BR/real-time-communication.md b/i18n/pt-BR/real-time-communication.md
index c3f1f1ff..5d60d62c 100644
--- a/i18n/pt-BR/real-time-communication.md
+++ b/i18n/pt-BR/real-time-communication.md
@@ -6,6 +6,13 @@ description: Other instant messengers make all of your private conversations ava
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Ataques Passivos](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[Types of Communication Networks :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -67,7 +74,7 @@ We have some additional tips on configuring and hardening your Signal installati
{ align=right }
-**SimpleX** Chat is an instant messenger that is decentralized and doesn't depend on any unique identifiers such as phone numbers or usernames. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
[:octicons-home-16: Homepage](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Privacy Policy" }
@@ -98,7 +105,7 @@ SimpleX Chat supports basic group chatting functionality, direct messaging, and
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/pt-BR/security-keys.md b/i18n/pt-BR/security-keys.md
index 380cb679..fc3dc9f8 100644
--- a/i18n/pt-BR/security-keys.md
+++ b/i18n/pt-BR/security-keys.md
@@ -5,6 +5,11 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A physical **security key** adds a very strong layer of protection to your online accounts. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/pt-BR/tools.md b/i18n/pt-BR/tools.md
index aeb3b1ab..8ddf1075 100644
--- a/i18n/pt-BR/tools.md
+++ b/i18n/pt-BR/tools.md
@@ -31,6 +31,15 @@ Para mais detalhes sobre cada projeto, porque foram escolhidos, e dicas ou truqu
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/pt-BR/tor.md b/i18n/pt-BR/tor.md
index 9566f0bf..0833a7ea 100644
--- a/i18n/pt-BR/tor.md
+++ b/i18n/pt-BR/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Tor** is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Os indivíduos e organizações também podem compartilhar informações através da rede Tor com "serviços ocultos .onion", sem comprometer sua privacidade. Como o tráfego do Tor é difícil de bloquear e rastrear, o Tor é uma ferramenta eficaz para contornar a censura.
[Detalhes do Tor :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-
-Existem várias maneiras de se conectar à rede Tor a partir do seu dispositivo, a mais usada é o **Navegador Tor**, um garfo do Firefox projetado para navegação anônima em computadores e em celulares Android.
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
-If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Navegador Tor
diff --git a/i18n/pt-BR/vpn.md b/i18n/pt-BR/vpn.md
index 58b5b41f..a4a148d4 100644
--- a/i18n/pt-BR/vpn.md
+++ b/i18n/pt-BR/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/pt/alternative-networks.md b/i18n/pt/alternative-networks.md
index 0f02260e..31b1aad7 100644
--- a/i18n/pt/alternative-networks.md
+++ b/i18n/pt/alternative-networks.md
@@ -5,9 +5,15 @@ description: These tools allow you to access networks other than the World Wide
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## Anonymizing Networks
-When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your anonymity, unless you know what you're doing.
+When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### Tor
@@ -15,7 +21,7 @@ When it comes to anonymizing networks, we want to specially note that [Tor](adva
{ align=right }
-The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Os indivíduos e as organizações também podem partilhar informações através da rede Tor com os serviços ocultos ".onion", sem comprometer a sua privacidade. O facto do tráfego do Tor ser difícil de bloquear e rastrear, faz dele uma ferramenta eficaz para contornar a censura.
+The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Os indivíduos e as organizações também podem partilhar informações através da rede Tor com os serviços ocultos ".onion", sem comprometer a sua privacidade. Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title=Homepage }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
diff --git a/i18n/pt/android/distributions.md b/i18n/pt/android/distributions.md
index 34f1e3ee..e8cbc383 100644
--- a/i18n/pt/android/distributions.md
+++ b/i18n/pt/android/distributions.md
@@ -29,6 +29,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A **custom Android-based operating system** (often known as a **custom ROM**) is a popular way to achieve higher levels of privacy and security on your device. This is in contrast to the "stock" version of Android which comes with your phone from the factory, and is often deeply integrated with Google Play Services.
We recommend installing one of these custom Android operating systems on your device, listed in order of preference, depending on your device's compatibility with these operating systems.
diff --git a/i18n/pt/android/general-apps.md b/i18n/pt/android/general-apps.md
index cdfdc9d4..74849c12 100644
--- a/i18n/pt/android/general-apps.md
+++ b/i18n/pt/android/general-apps.md
@@ -91,6 +91,11 @@ The image orientation metadata is not deleted. If you enable location (in Secure
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/pt/browser-extensions.md b/i18n/pt/browser-extensions.md
index ce1969d8..0220be03 100644
--- a/i18n/pt/browser-extensions.md
+++ b/i18n/pt/browser-extensions.md
@@ -5,6 +5,10 @@ description: These browser extensions can enhance your browsing experience and p
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
In general, we recommend keeping your browser extensions to a minimum to decrease your attack surface. They have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
However, some provide functionality which can outweigh these downsides in certain situations, particularly when it comes to [content blocking](basics/common-threats.md#mass-surveillance-programs).
@@ -56,7 +60,7 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
{ align=right }
-**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function.
+**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/pt/calendar.md b/i18n/pt/calendar.md
index cfc11ab2..a3066c4c 100644
--- a/i18n/pt/calendar.md
+++ b/i18n/pt/calendar.md
@@ -5,6 +5,11 @@ description: Calendars contain some of your most sensitive data; use products th
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Ataques passivos](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Fornecedores de serviços](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Calendars** contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
## Tuta
diff --git a/i18n/pt/cloud.md b/i18n/pt/cloud.md
index 0bfd4d20..af899d60 100644
--- a/i18n/pt/cloud.md
+++ b/i18n/pt/cloud.md
@@ -6,6 +6,11 @@ description: Many cloud storage providers require your trust that they will not
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Ataques passivos](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Fornecedores de serviços](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. The alternatives listed below eliminate the need for trust by implementing secure E2EE.
If these alternatives do not fit your needs, we suggest you look into using encryption software like [Cryptomator](encryption.md#cryptomator-cloud) with another cloud provider. Using Cryptomator in conjunction with **any** cloud provider (including these) may be a good idea to reduce the risk of encryption flaws in a provider's native clients.
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech).
+**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/pt/cryptocurrency.md b/i18n/pt/cryptocurrency.md
index 4e9d39ec..66dca4b2 100644
--- a/i18n/pt/cryptocurrency.md
+++ b/i18n/pt/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: Vigilância em massa](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censura](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
Making payments online is one of the biggest challenges to privacy. These cryptocurrencies provide transaction privacy by default (something which is **not** guaranteed by the majority of cryptocurrencies), provided you have a strong understanding of how to make private payments effectively. We strongly encourage you first read our payments overview article before making any purchases:
[Making Private Payments :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -22,7 +27,7 @@ Many if not most cryptocurrency projects are scams. Faça transações com cuida
{ align=right }
-**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve anonymity. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
[:octicons-home-16: Homepage](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentation}
diff --git a/i18n/pt/desktop-browsers.md b/i18n/pt/desktop-browsers.md
index f1316c56..13ca97df 100644
--- a/i18n/pt/desktop-browsers.md
+++ b/i18n/pt/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Capitalismo de vigilância](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **desktop web browsers** and configurations for standard/non-anonymous browsing. Recomendamos o [Mullvad Browser](#mullvad-browser) para quem pretenda fortes proteções de privacidade e ferramentas de bloqueio de impressão digital por defeito, o [Firefox](#firefox) para utilizadores casuais da internet que procurem uma boa alternativa ao Google Chrome e o [Brave](#brave) para quem necessite de compatibilidade com o Chromium.
Se precisar de navegar anonimamente na internet, deverá usar antes o [Tor](tor.md). Fazemos algumas recomendações de configuração nesta página, mas todos os browsers, com a exceção do Tor, são rastreáveis por *qualquer pessoa*, de uma maneira ou de outra.
@@ -65,9 +69,9 @@ Se precisar de navegar anonimamente na internet, deverá usar antes o [Tor](tor.
-{ align=right }
+{ align=right }
-O **Mullvad Browser ** é baseado no [Tor](tor.md#tor-browser), mas com as integrações da rede Tor removidas. O objetivo é beneficiar das suas tecnologias de bloqueio de impressão digital para quem utilize uma VPN. É desenvolvido pelo Projeto Tor e distribuído por [Mullvad](vpn.md#mullvad), e **não** requer a utilização da VPN do Mullvad.
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. É desenvolvido pelo Projeto Tor e distribuído por [Mullvad](vpn.md#mullvad), e **não** requer a utilização da VPN do Mullvad.
[:octicons-home-16: Homepage](https://mullvad.net/en/browser){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mullvad.net/en/help/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/pt/device-integrity.md b/i18n/pt/device-integrity.md
index fb19bab5..7de334df 100644
--- a/i18n/pt/device-integrity.md
+++ b/i18n/pt/device-integrity.md
@@ -45,6 +45,10 @@ These tools provide analysis based on the information they have the ability to a
## External Verification Tools
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -128,6 +132,11 @@ iMazing automates and interactively guides you through the process of using [MVT
## On-Device Verification
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
@@ -181,6 +190,10 @@ If your [threat model](basics/threat-modeling.md) requires privacy, you could co
## On-Device Scanners
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install on your device which scan your device for signs of compromise.
@@ -221,7 +234,7 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
{ align=right }
-**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Homepage](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/pt/dns.md b/i18n/pt/dns.md
index c585bebd..c2e6e3d2 100644
--- a/i18n/pt/dns.md
+++ b/i18n/pt/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Capitalismo de vigilância](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
Encrypted DNS with third-party servers should only be used to get around basic [DNS blocking](https://en.wikipedia.org/wiki/DNS_blocking) when you can be sure there won't be any consequences. DNS criptografado não o ajudará a ocultar qualquer atividade de navegação.
[Learn more about DNS :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/pt/document-collaboration.md b/i18n/pt/document-collaboration.md
index d1c8792b..e7696a96 100644
--- a/i18n/pt/document-collaboration.md
+++ b/i18n/pt/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/pt/email-aliasing.md b/i18n/pt/email-aliasing.md
index 550ff176..895da806 100644
--- a/i18n/pt/email-aliasing.md
+++ b/i18n/pt/email-aliasing.md
@@ -5,6 +5,11 @@ description: An email aliasing service allows you to easily generate a new email
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md). True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
diff --git a/i18n/pt/encryption.md b/i18n/pt/encryption.md
index cc352fa6..a96ca081 100644
--- a/i18n/pt/encryption.md
+++ b/i18n/pt/encryption.md
@@ -14,12 +14,15 @@ As opções listadas aqui são multi-plataforma e excelentes para criar backups
### VeraCrypt
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Ataques passivos](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
-{ align=right }
-{ align=right }
+{ align=right }
-**VeraCrypt** é um utilitário freeware disponível na fonte, utilizado para encriptação on-the-fly. Ele pode criar um disco virtual encriptado dentro de um ficheiro, encriptar uma partição ou encriptar todo o dispositivo de armazenamento com autenticação pré-boot.
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. Ele pode criar um disco virtual encriptado dentro de um ficheiro, encriptar uma partição ou encriptar todo o dispositivo de armazenamento com autenticação pré-boot.
[:octicons-home-16: Homepage](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Privacy Policy" }
@@ -50,6 +53,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Criptomador
+
Protects against the following threat(s):
+
+- [:material-target-account: Ataques direcionados](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -83,6 +90,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Picocrypt
+
Protects against the following threat(s):
+
+- [:material-target-account: Ataques direcionados](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -113,6 +124,10 @@ Truecrypt has been [audited a number of times](https://en.wikipedia.org/wiki/Tru
## Sistema operacional incluído Criptografia de disco completo (FDE)
+
Protects against the following threat(s):
+
+- [:material-target-account: Ataques direcionados](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
### BitLocker
@@ -237,6 +252,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## Linha de comando
+
Protects against the following threat(s):
+
+- [:material-target-account: Ataques direcionados](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Tools with command-line interfaces are useful for integrating [shell scripts](https://en.wikipedia.org/wiki/Shell_script).
### Kryptor
@@ -283,6 +302,12 @@ Tools with command-line interfaces are useful for integrating [shell scripts](ht
## OpenPGP
+
Protects against the following threat(s):
+
+- [:material-target-account: Ataques direcionados](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Ataques passivos](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Fornecedores de serviços](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP is sometimes needed for specific tasks such as digitally signing and encrypting email. Dica "Use padrões futuros ao gerar uma chave". For tasks such as signing or encrypting files, we suggest the above options.
When encrypting with PGP, you have the option to configure different options in your `gpg.conf` file. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/pt/file-sharing.md b/i18n/pt/file-sharing.md
index 96bb5819..9173a91c 100644
--- a/i18n/pt/file-sharing.md
+++ b/i18n/pt/file-sharing.md
@@ -5,6 +5,10 @@ description: Descubra como partilhar os seus ficheiros em privado entre os seus
cover: file-sharing.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Fornecedores de serviços](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Descubra como partilhar os seus ficheiros em privado entre os seus dispositivos, com os seus amigos e família, ou anonimamente online.
## Gestores de senhas
@@ -37,9 +41,9 @@ ffsend upload --host https://send.vis.ee/ FILE
-{ align=right }
+{ align=right }
-**OnionShare** é uma ferramenta de código aberto que lhe permite partilhar segura e anonimamente um ficheiro de qualquer tamanho. Funciona iniciando um servidor web acessível como um serviço Tor onion, com um URL indetetável que pode ser partilhado com os destinatários para descarregar ou enviar ficheiros.
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. Funciona iniciando um servidor web acessível como um serviço Tor onion, com um URL indetetável que pode ser partilhado com os destinatários para descarregar ou enviar ficheiros.
[:octicons-home-16: Homepage](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Onion Service" }
@@ -57,6 +61,8 @@ ffsend upload --host https://send.vis.ee/ FILE
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### Critérios
**Por favor note que não somos afiliados a nenhum dos projetos que recomendamos.** Para além dos [nossos critérios padrões](about/criteria.md), nós desenvolvemos um conjunto claro de requisitos que nos permitem fornecer recomendações objetivas. Sugerimos que se familiarize com esta lista antes de optar por utilizar um projeto e que faça a sua própria investigação para garantir que é a escolha certa para si.
diff --git a/i18n/pt/language-tools.md b/i18n/pt/language-tools.md
index 7183ee21..af69b9b3 100644
--- a/i18n/pt/language-tools.md
+++ b/i18n/pt/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/pt/mobile-browsers.md b/i18n/pt/mobile-browsers.md
index 9b2ad615..bc7fddb1 100644
--- a/i18n/pt/mobile-browsers.md
+++ b/i18n/pt/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Capitalismo de vigilância](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. Se precisar de navegar anonimamente na Internet, deve utilizar o [Tor](tor.md).
## Android
diff --git a/i18n/pt/mobile-phones.md b/i18n/pt/mobile-phones.md
index 11067912..cf1e3b59 100644
--- a/i18n/pt/mobile-phones.md
+++ b/i18n/pt/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/pt/multi-factor-authentication.md b/i18n/pt/multi-factor-authentication.md
index c06ae00b..f293780b 100644
--- a/i18n/pt/multi-factor-authentication.md
+++ b/i18n/pt/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Ataques direcionados](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Hardware Keys
diff --git a/i18n/pt/notebooks.md b/i18n/pt/notebooks.md
index 12f30934..4954ade4 100644
--- a/i18n/pt/notebooks.md
+++ b/i18n/pt/notebooks.md
@@ -5,6 +5,10 @@ description: These encrypted note-taking apps let you keep track of your notes w
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Fornecedores de serviços](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Mantenha um registo das suas notas e diários sem os entregar a terceiros.
Se estiver a utilizar atualmente uma aplicação como o Evernote, o Google Keep ou o Microsoft OneNote, sugerimos que escolha uma alternativa que suporte E2EE.
diff --git a/i18n/pt/os/ios-overview.md b/i18n/pt/os/ios-overview.md
index 19256782..eeda590d 100644
--- a/i18n/pt/os/ios-overview.md
+++ b/i18n/pt/os/ios-overview.md
@@ -42,7 +42,7 @@ You can also protect your data by limiting what you sync to iCloud in the first
A paid **iCloud+** subscription (with any iCloud storage plan) comes with some privacy-protecting functionality. While these may provide adequate service for current iCloud customers, we wouldn't recommend purchasing an iCloud+ plan over a [VPN](../vpn.md) and [standalone email aliasing service](../email-aliasing.md) just for these features alone.
-**Private Relay** is a proxy service which relays your Safari traffic through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a full VPN, Private Relay does not protect traffic from your apps outside of Safari.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Hide My Email** is Apple's email aliasing service. You can create an email aliases for free when you *Sign In With Apple* on a website or app, or generate unlimited aliases on demand with a paid iCloud+ plan. Hide My Email has the advantage of using the `@icloud.com` domain for its aliases, which may be less likely to be blocked compared to other email aliasing services, but does not offer functionality offered by standalone services such as automatic PGP encryption or multiple mailbox support.
diff --git a/i18n/pt/passwords.md b/i18n/pt/passwords.md
index 3fd011a4..7a1c850a 100644
--- a/i18n/pt/passwords.md
+++ b/i18n/pt/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Ataques direcionados](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Ataques passivos](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Fornecedores de serviços](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[Introdução às palavras-passe :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/pt/photo-management.md b/i18n/pt/photo-management.md
index 9162365a..f7f7c051 100644
--- a/i18n/pt/photo-management.md
+++ b/i18n/pt/photo-management.md
@@ -5,6 +5,11 @@ description: Photo management tools to keep your personal photos safe from the p
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. These options keep your personal photos private, while allowing you to share them only with family and trusted people.
## Ente Photos
diff --git a/i18n/pt/real-time-communication.md b/i18n/pt/real-time-communication.md
index 5c49e436..7c4751f9 100644
--- a/i18n/pt/real-time-communication.md
+++ b/i18n/pt/real-time-communication.md
@@ -6,6 +6,13 @@ description: Other instant messengers make all of your private conversations ava
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Ataques passivos](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Fornecedores de serviços](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: Vigilância em massa](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: Capitalismo de vigilância](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[Tipos de redes de comunicação :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -65,9 +72,9 @@ Temos algumas dicas adicionais sobre como configurar e fortalecer a sua instala
-{ align=right }
+{ align=right }
-O **SimpleX** Chat é uma aplicação descentralizada de mensagens instantâneas e não depende de quaisquer identificadores únicos, tais como números de telefone ou nomes de utilizador. Os utilizadores do SimpleX Chat podem fazer scan a um código QR ou clicar numa ligação de convite para participar em conversas de grupo.
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Os utilizadores do SimpleX Chat podem fazer scan a um código QR ou clicar numa ligação de convite para participar em conversas de grupo.
[:octicons-home-16: Homepage](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Privacy Policy" }
@@ -98,7 +105,7 @@ SimpleX Chat supports basic group chatting functionality, direct messaging, and
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network. O Briar pode ligar-se através de Wi-Fi ou Bluetooth. O modo de rede local do Briar pode ser útil, quando não estiver garantida a disponibilidade da Internet.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. O Briar pode ligar-se através de Wi-Fi ou Bluetooth. O modo de rede local do Briar pode ser útil, quando não estiver garantida a disponibilidade da Internet.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/pt/security-keys.md b/i18n/pt/security-keys.md
index 8f4f8644..9ca25c18 100644
--- a/i18n/pt/security-keys.md
+++ b/i18n/pt/security-keys.md
@@ -5,6 +5,11 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A physical **security key** adds a very strong layer of protection to your online accounts. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/pt/tools.md b/i18n/pt/tools.md
index bd5226be..3e9a5057 100644
--- a/i18n/pt/tools.md
+++ b/i18n/pt/tools.md
@@ -31,6 +31,15 @@ Para obter mais detalhes sobre cada projeto, o motivo pelo qual foi escolhido e
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/pt/tor.md b/i18n/pt/tor.md
index bdb95431..d35a73ba 100644
--- a/i18n/pt/tor.md
+++ b/i18n/pt/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: Capitalismo de vigilância](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: Vigilância em massa](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censura](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Tor** is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Os indivíduos e as organizações também podem partilhar informações através da rede Tor com os serviços ocultos ".onion", sem comprometer a sua privacidade. O facto do tráfego do Tor ser difícil de bloquear e rastrear, faz dele uma ferramenta eficaz para contornar a censura.
[Visão detalhada do Tor :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-
-Existem várias formas de se ligar à rede Tor a partir do seu dispositivo, sendo a mais utilizada o **Navegador Tor**, um fork do Firefox concebido para navegação anónima em computadores desktop e em dispositivos Android.
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
-If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Navegador Tor
diff --git a/i18n/pt/vpn.md b/i18n/pt/vpn.md
index ae5571e4..eb051038 100644
--- a/i18n/pt/vpn.md
+++ b/i18n/pt/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: Capitalismo de vigilância](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/ru/alternative-networks.md b/i18n/ru/alternative-networks.md
index f3b37575..31472787 100644
--- a/i18n/ru/alternative-networks.md
+++ b/i18n/ru/alternative-networks.md
@@ -5,9 +5,15 @@ description: These tools allow you to access networks other than the World Wide
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## Anonymizing Networks
-When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your anonymity, unless you know what you're doing.
+When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### Tor
@@ -15,7 +21,7 @@ When it comes to anonymizing networks, we want to specially note that [Tor](adva
{ align=right }
-The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Частные лица и организации также могут делиться информацией через сеть Tor с помощью "скрытых сервисов .onion" без ущерба для своей конфиденциальности. Поскольку трафик Tor сложно заблокировать и отследить, Tor является эффективным инструментом обхода цензуры.
+The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Частные лица и организации также могут делиться информацией через сеть Tor с помощью "скрытых сервисов .onion" без ущерба для своей конфиденциальности. Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title=Homepage }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
diff --git a/i18n/ru/android/distributions.md b/i18n/ru/android/distributions.md
index 6a5dbb8b..8c47fea4 100644
--- a/i18n/ru/android/distributions.md
+++ b/i18n/ru/android/distributions.md
@@ -29,6 +29,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A **custom Android-based operating system** (often known as a **custom ROM**) is a popular way to achieve higher levels of privacy and security on your device. This is in contrast to the "stock" version of Android which comes with your phone from the factory, and is often deeply integrated with Google Play Services.
We recommend installing one of these custom Android operating systems on your device, listed in order of preference, depending on your device's compatibility with these operating systems.
diff --git a/i18n/ru/android/general-apps.md b/i18n/ru/android/general-apps.md
index c374cad7..7a460978 100644
--- a/i18n/ru/android/general-apps.md
+++ b/i18n/ru/android/general-apps.md
@@ -91,6 +91,11 @@ The image orientation metadata is not deleted. If you enable location (in Secure
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/ru/browser-extensions.md b/i18n/ru/browser-extensions.md
index e4697531..be5c97ed 100644
--- a/i18n/ru/browser-extensions.md
+++ b/i18n/ru/browser-extensions.md
@@ -5,6 +5,10 @@ description: These browser extensions can enhance your browsing experience and p
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
In general, we recommend keeping your browser extensions to a minimum to decrease your attack surface. They have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
However, some provide functionality which can outweigh these downsides in certain situations, particularly when it comes to [content blocking](basics/common-threats.md#mass-surveillance-programs).
@@ -56,7 +60,7 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
{ align=right }
-**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function.
+**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/ru/calendar.md b/i18n/ru/calendar.md
index 8485aa2c..2b0126e2 100644
--- a/i18n/ru/calendar.md
+++ b/i18n/ru/calendar.md
@@ -5,6 +5,11 @@ description: Calendars contain some of your most sensitive data; use products th
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Пассивные атаки](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Поставщики услуг](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Calendars** contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
## Tuta
diff --git a/i18n/ru/cloud.md b/i18n/ru/cloud.md
index 81a4357d..f156f684 100644
--- a/i18n/ru/cloud.md
+++ b/i18n/ru/cloud.md
@@ -6,6 +6,11 @@ description: Многие облачные хранилища требуют о
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Пассивные атаки](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Поставщики услуг](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. Альтернативы, перечисленные ниже, устраняют необходимость в доверии путем внедрения безопасного E2EE.
Если эти альтернативы не соответствуют вашим потребностям, мы предлагаем вам рассмотреть возможность использования программного обеспечения для шифрования, например, [Cryptomator](encryption.md#cryptomator-cloud) с другими облачными хранилищами. Использование Cryptomator в сочетании с **любым** облачным хранилищем (включая эти) может быть хорошей идеей для снижения риска ошибок шифрования в собственных клиентах провайдера.
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech).
+**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/ru/cryptocurrency.md b/i18n/ru/cryptocurrency.md
index 74ec7ad8..4854bf4e 100644
--- a/i18n/ru/cryptocurrency.md
+++ b/i18n/ru/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: Массовое наблюдение](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Цензура](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
Платежи в интернете - одна из самых серьезных проблем, связанных с конфиденциальностью. Эти криптовалюты по умолчанию обеспечивают конфиденциальность транзакций (что **не** гарантируется большинством криптовалют), при условии, что вы хорошо понимаете, как эффективно осуществлять приватные платежи. Мы настоятельно рекомендуем вам сначала прочитать нашу обзорную статью о платежах, прежде чем совершать какие-либо покупки:
[Совершение приватных платежей :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -20,9 +25,9 @@ cover: cryptocurrency.webp
-{ align=right }
+{ align=right }
-**Monero** использует блокчейн с технологиями повышения конфиденциальности, которые затрудняют отслеживание транзакций для достижения анонимности. Каждая транзакция в Monero скрывает сумму транзакции, адреса отправителя и получателя и источник средств, не требуя при этом дополнительных действий, что делает её идеальным выбором для новичков в области криптовалют.
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. Каждая транзакция в Monero скрывает сумму транзакции, адреса отправителя и получателя и источник средств, не требуя при этом дополнительных действий, что делает её идеальным выбором для новичков в области криптовалют.
[:octicons-home-16: Homepage](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentation}
diff --git a/i18n/ru/desktop-browsers.md b/i18n/ru/desktop-browsers.md
index a6c3c2ee..ec0a353f 100644
--- a/i18n/ru/desktop-browsers.md
+++ b/i18n/ru/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Капитализм слежки](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **desktop web browsers** and configurations for standard/non-anonymous browsing. Мы рекомендуем [Mullvad Browser](#mullvad-browser), если тебе важна надежная защита конфиденциальности и защита от цифровых отпечатков из коробки, [Firefox](#firefox) для людей, ищущих альтернативу Google Chrome, и [Brave](#brave), если тебе нужна совместимость с браузером Chromium.
Если тебе нужна анонимность в сети, то используй [Tor](tor.md). На этой странице мы даем некоторые рекомендации по настройке браузеров, но все браузеры, кроме Tor Browser, могут быть отслежены *кем-то* тем или иным способом.
@@ -65,9 +69,9 @@ These are our currently recommended **desktop web browsers** and configurations
-{ align=right }
+{ align=right }
-**Mullvad Browser** - это версия [Tor Browser](tor.md#tor-browser) с удаленными интеграциями сети Tor, предназначенная для предоставления пользователям VPN браузерных технологий Tor Browser по борьбе с цифровыми отпечатками. Он разработан проектом Tor и распространяется [Mullvad](vpn.md#mullvad), и **не** требует использования VPN Mullvad.
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. Он разработан проектом Tor и распространяется [Mullvad](vpn.md#mullvad), и **не** требует использования VPN Mullvad.
[:octicons-home-16: Домашняя страница](https://mullvad.net/ru/browser){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mullvad.net/ru/help/privacy-policy){ .card-link title="Политика конфиденциальности" }
diff --git a/i18n/ru/device-integrity.md b/i18n/ru/device-integrity.md
index 9cbbd9ba..a69f648b 100644
--- a/i18n/ru/device-integrity.md
+++ b/i18n/ru/device-integrity.md
@@ -45,6 +45,10 @@ These tools provide analysis based on the information they have the ability to a
## External Verification Tools
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -128,6 +132,11 @@ iMazing automates and interactively guides you through the process of using [MVT
## On-Device Verification
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
@@ -181,6 +190,10 @@ If your [threat model](basics/threat-modeling.md) requires privacy, you could co
## On-Device Scanners
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install on your device which scan your device for signs of compromise.
@@ -221,7 +234,7 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
{ align=right }
-**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Homepage](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/ru/dns.md b/i18n/ru/dns.md
index c80d74c0..bbc64bb0 100644
--- a/i18n/ru/dns.md
+++ b/i18n/ru/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Капитализм слежки](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
Зашифрованный DNS со сторонними серверами следует использовать только для обхода базовой [блокировки DNS](https://en.wikipedia.org/wiki/DNS_blocking), если вы уверены, что это не повлечет за собой никаких последствий. Зашифрованный DNS не поможет вам скрыть какую-либо активность в интернете.
[Узнайте больше о DNS :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/ru/document-collaboration.md b/i18n/ru/document-collaboration.md
index f21ac38e..31ed66a2 100644
--- a/i18n/ru/document-collaboration.md
+++ b/i18n/ru/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/ru/email-aliasing.md b/i18n/ru/email-aliasing.md
index 7e0ab702..a669b89f 100644
--- a/i18n/ru/email-aliasing.md
+++ b/i18n/ru/email-aliasing.md
@@ -5,6 +5,11 @@ description: An email aliasing service allows you to easily generate a new email
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md). True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
diff --git a/i18n/ru/encryption.md b/i18n/ru/encryption.md
index 3c513bf8..6e5af534 100644
--- a/i18n/ru/encryption.md
+++ b/i18n/ru/encryption.md
@@ -14,11 +14,15 @@ cover: encryption.webp
### Cryptomator (Облако)
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Пассивные атаки](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
-{ align=right }
+{ align=right }
-**Cryptomator** - это программа для шифрования, разработанная для приватного хранения файлов в любом облачном хранилище. Программа может создавать хранилища в виртуальном диске, содержимое которых зашифровано и синхронизировано с твоим облачным хранилищем.
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. Программа может создавать хранилища в виртуальном диске, содержимое которых зашифровано и синхронизировано с твоим облачным хранилищем.
[:octicons-home-16: Homepage](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Privacy Policy" }
@@ -49,6 +53,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Picocrypt (Файлы)
+
Protects against the following threat(s):
+
+- [:material-target-account: Целевые атаки](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -72,6 +80,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### VeraCrypt (Диск)
+
Protects against the following threat(s):
+
+- [:material-target-account: Целевые атаки](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -103,6 +115,10 @@ VeraCrypt - это форк, прекратившего свое существ
## Шифрование всего диска
+
Protects against the following threat(s):
+
+- [:material-target-account: Целевые атаки](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
### BitLocker
@@ -227,6 +243,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## Для командной строки
+
Protects against the following threat(s):
+
+- [:material-target-account: Целевые атаки](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Инструменты с интерфейсом командной строки полезны для интеграции [shell scripts](https://en.wikipedia.org/wiki/Shell_script).
### Kryptor
@@ -273,6 +293,12 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## OpenPGP
+
Protects against the following threat(s):
+
+- [:material-target-account: Целевые атаки](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Пассивные атаки](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Поставщики услуг](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP иногда необходим для решения специфических задач, таких как цифровая подпись и шифрование электронной почты. PGP имеет множество функций и является [комплексным](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html), поскольку существует уже долгое время. Для таких задач, как подписание или шифрование файлов, мы предлагаем использовать вышеуказанные варианты.
При шифровании с помощью PGP у вас есть возможность настроить различные параметры в файле `gpg.conf`. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/ru/file-sharing.md b/i18n/ru/file-sharing.md
index 5cafec2d..05fd79e3 100644
--- a/i18n/ru/file-sharing.md
+++ b/i18n/ru/file-sharing.md
@@ -5,6 +5,10 @@ description: Узнайте, как конфиденциально обмени
cover: file-sharing.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Поставщики услуг](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Узнайте, как конфиденциально обмениваться файлами между устройствами, с друзьями и родственниками или анонимно в Интернете.
## Обмен файлами
@@ -37,9 +41,9 @@ ffsend upload --host https://send.vis.ee/ FILE
-{ align=right }
+{ align=right }
-**OnionShare** - это инструмент с открытым исходным кодом, позволяющий безопасно и анонимно передавать файлы любого размера. Он работает путем запуска веб-сервера, доступного как onion сервис в сети Tor, с неугадываемым URL, который вы можете передать получателям для загрузки или отправки файлов.
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. Он работает путем запуска веб-сервера, доступного как onion сервис в сети Tor, с неугадываемым URL, который вы можете передать получателям для загрузки или отправки файлов.
[:octicons-home-16: Homepage](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Onion Service" }
@@ -57,6 +61,8 @@ ffsend upload --host https://send.vis.ee/ FILE
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### Критерии
**Обратите внимание, что у нас нет связей ни с одним из проектов, которые мы рекомендуем.** В дополнение к [нашим стандартным критериям](about/criteria.md)мы разработали четкий набор требований, позволяющий нам давать объективные рекомендации. Мы рекомендуем вам ознакомиться с этим списком, прежде чем выбрать программу, и провести самостоятельное исследование, чтобы убедиться, что это правильный выбор для вас.
diff --git a/i18n/ru/language-tools.md b/i18n/ru/language-tools.md
index 3b5021ff..0806623e 100644
--- a/i18n/ru/language-tools.md
+++ b/i18n/ru/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/ru/mobile-browsers.md b/i18n/ru/mobile-browsers.md
index cd515912..0ea9e75f 100644
--- a/i18n/ru/mobile-browsers.md
+++ b/i18n/ru/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Капитализм слежки](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. Если вам нужна анонимность в сети, используйте [Tor](tor.md).
## Android
diff --git a/i18n/ru/mobile-phones.md b/i18n/ru/mobile-phones.md
index 1b604dbd..1555c0b5 100644
--- a/i18n/ru/mobile-phones.md
+++ b/i18n/ru/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/ru/multi-factor-authentication.md b/i18n/ru/multi-factor-authentication.md
index 01c529e3..e29ff3b8 100644
--- a/i18n/ru/multi-factor-authentication.md
+++ b/i18n/ru/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Целевые атаки](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Hardware Keys
diff --git a/i18n/ru/notebooks.md b/i18n/ru/notebooks.md
index d7eaf1f9..5241ec67 100644
--- a/i18n/ru/notebooks.md
+++ b/i18n/ru/notebooks.md
@@ -5,6 +5,10 @@ description: These encrypted note-taking apps let you keep track of your notes w
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Поставщики услуг](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Сохраняйте свои заметки и дневники, не передавая их третьим лицам.
Если вы в настоящее время используете такие приложения, как Evernote, Google Keep или Microsoft OneNote, то мы предлагаем вам выбрать альтернативу с поддержкой E2EE.
diff --git a/i18n/ru/os/ios-overview.md b/i18n/ru/os/ios-overview.md
index 96f86a11..f11b4539 100644
--- a/i18n/ru/os/ios-overview.md
+++ b/i18n/ru/os/ios-overview.md
@@ -42,7 +42,7 @@ You can also protect your data by limiting what you sync to iCloud in the first
A paid **iCloud+** subscription (with any iCloud storage plan) comes with some privacy-protecting functionality. While these may provide adequate service for current iCloud customers, we wouldn't recommend purchasing an iCloud+ plan over a [VPN](../vpn.md) and [standalone email aliasing service](../email-aliasing.md) just for these features alone.
-**Private Relay** is a proxy service which relays your Safari traffic through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a full VPN, Private Relay does not protect traffic from your apps outside of Safari.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Hide My Email** is Apple's email aliasing service. You can create an email aliases for free when you *Sign In With Apple* on a website or app, or generate unlimited aliases on demand with a paid iCloud+ plan. Hide My Email has the advantage of using the `@icloud.com` domain for its aliases, which may be less likely to be blocked compared to other email aliasing services, but does not offer functionality offered by standalone services such as automatic PGP encryption or multiple mailbox support.
diff --git a/i18n/ru/passwords.md b/i18n/ru/passwords.md
index 7deeaaea..5e1f8b27 100644
--- a/i18n/ru/passwords.md
+++ b/i18n/ru/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Целевые атаки](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Пассивные атаки](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Поставщики услуг](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[Введение в безопасные пароли :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/ru/photo-management.md b/i18n/ru/photo-management.md
index 03f0895f..ff37b6d8 100644
--- a/i18n/ru/photo-management.md
+++ b/i18n/ru/photo-management.md
@@ -5,6 +5,11 @@ description: Photo management tools to keep your personal photos safe from the p
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. These options keep your personal photos private, while allowing you to share them only with family and trusted people.
## Ente Photos
diff --git a/i18n/ru/real-time-communication.md b/i18n/ru/real-time-communication.md
index 9a6b101e..e4735978 100644
--- a/i18n/ru/real-time-communication.md
+++ b/i18n/ru/real-time-communication.md
@@ -6,6 +6,13 @@ description: Other instant messengers make all of your private conversations ava
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Пассивные атаки](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Поставщики услуг](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: Массовое наблюдение](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: Капитализм слежки](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[Типы коммуникационных сетей :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -65,9 +72,9 @@ Contact lists on Signal are encrypted using your Signal PIN and the server does
-{ align=right }
+{ align=right }
-**SimpleX** Chat - это децентрализованный мессенджер, который не зависит от каких-либо уникальных идентификаторов, таких как номера телефонов или имена пользователей. Пользователи SimpleX Chat могут сканировать QR-код или открыть ссылку-приглашение для участия в групповых беседах.
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Пользователи SimpleX Chat могут сканировать QR-код или открыть ссылку-приглашение для участия в групповых беседах.
[:octicons-home-16: Homepage](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Privacy Policy" }
@@ -98,7 +105,7 @@ SimpleX Chat supports basic group chatting functionality, direct messaging, and
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network. Briar также может передавать сообщения через Wi-Fi или Bluetooth, если получатель находится в непосредственной близости. Режим локальной сети Briar может быть полезен, когда Вы не имеете доступа к Интернету.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar также может передавать сообщения через Wi-Fi или Bluetooth, если получатель находится в непосредственной близости. Режим локальной сети Briar может быть полезен, когда Вы не имеете доступа к Интернету.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/ru/security-keys.md b/i18n/ru/security-keys.md
index d1ce0e41..4486c739 100644
--- a/i18n/ru/security-keys.md
+++ b/i18n/ru/security-keys.md
@@ -5,6 +5,11 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A physical **security key** adds a very strong layer of protection to your online accounts. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/ru/tools.md b/i18n/ru/tools.md
index 3afad654..ca3e4237 100644
--- a/i18n/ru/tools.md
+++ b/i18n/ru/tools.md
@@ -31,6 +31,15 @@ If you want assistance figuring out the best privacy tools and alternative progr
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/ru/tor.md b/i18n/ru/tor.md
index 39264a09..77d5f985 100644
--- a/i18n/ru/tor.md
+++ b/i18n/ru/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: Капитализм слежки](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: Массовое наблюдение](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Цензура](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Tor** is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Частные лица и организации также могут делиться информацией через сеть Tor с помощью "скрытых сервисов .onion" без ущерба для своей конфиденциальности. Поскольку трафик Tor сложно заблокировать и отследить, Tor является эффективным инструментом обхода цензуры.
[Подробный обзор Tor :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-
-Существует множество способов подключения к сети Tor с твоего устройства, наиболее распространенным из которых является **Tor Browser**, форк Firefox, предназначенный для анонимного просмотра веб-страниц на настольных компьютерах и Android.
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
-If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Tor Browser
diff --git a/i18n/ru/vpn.md b/i18n/ru/vpn.md
index 310705cf..acc5dcd6 100644
--- a/i18n/ru/vpn.md
+++ b/i18n/ru/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: Капитализм слежки](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/sv/alternative-networks.md b/i18n/sv/alternative-networks.md
index 79017cee..4c8a6e25 100644
--- a/i18n/sv/alternative-networks.md
+++ b/i18n/sv/alternative-networks.md
@@ -5,9 +5,15 @@ description: These tools allow you to access networks other than the World Wide
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## Anonymizing Networks
-When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your anonymity, unless you know what you're doing.
+When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### Tor
@@ -15,7 +21,7 @@ When it comes to anonymizing networks, we want to specially note that [Tor](adva
{ align=right }
-The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective censorship circumvention tool.
+The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title=Homepage }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
diff --git a/i18n/sv/android/distributions.md b/i18n/sv/android/distributions.md
index c7b2e42b..8a4ee51a 100644
--- a/i18n/sv/android/distributions.md
+++ b/i18n/sv/android/distributions.md
@@ -29,6 +29,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A **custom Android-based operating system** (often known as a **custom ROM**) is a popular way to achieve higher levels of privacy and security on your device. This is in contrast to the "stock" version of Android which comes with your phone from the factory, and is often deeply integrated with Google Play Services.
We recommend installing one of these custom Android operating systems on your device, listed in order of preference, depending on your device's compatibility with these operating systems.
diff --git a/i18n/sv/android/general-apps.md b/i18n/sv/android/general-apps.md
index ccd92d26..f16988d1 100644
--- a/i18n/sv/android/general-apps.md
+++ b/i18n/sv/android/general-apps.md
@@ -91,6 +91,11 @@ The image orientation metadata is not deleted. If you enable location (in Secure
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/sv/browser-extensions.md b/i18n/sv/browser-extensions.md
index 7fb3306d..8ef4d256 100644
--- a/i18n/sv/browser-extensions.md
+++ b/i18n/sv/browser-extensions.md
@@ -5,6 +5,10 @@ description: These browser extensions can enhance your browsing experience and p
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
In general, we recommend keeping your browser extensions to a minimum to decrease your attack surface. They have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
However, some provide functionality which can outweigh these downsides in certain situations, particularly when it comes to [content blocking](basics/common-threats.md#mass-surveillance-programs).
@@ -56,7 +60,7 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
{ align=right }
-**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function.
+**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/sv/calendar.md b/i18n/sv/calendar.md
index ce4ef109..7a6047bb 100644
--- a/i18n/sv/calendar.md
+++ b/i18n/sv/calendar.md
@@ -5,6 +5,11 @@ description: Calendars contain some of your most sensitive data; use products th
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passiva attacker](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Tjänsteleverantörer](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Calendars** contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
## Tuta
diff --git a/i18n/sv/cloud.md b/i18n/sv/cloud.md
index ba33bab4..faf8c9e5 100644
--- a/i18n/sv/cloud.md
+++ b/i18n/sv/cloud.md
@@ -6,6 +6,11 @@ description: Many cloud storage providers require your trust that they will not
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passiva attacker](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Tjänsteleverantörer](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. The alternatives listed below eliminate the need for trust by implementing secure E2EE.
If these alternatives do not fit your needs, we suggest you look into using encryption software like [Cryptomator](encryption.md#cryptomator-cloud) with another cloud provider. Using Cryptomator in conjunction with **any** cloud provider (including these) may be a good idea to reduce the risk of encryption flaws in a provider's native clients.
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech).
+**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/sv/cryptocurrency.md b/i18n/sv/cryptocurrency.md
index f7005069..731c42bf 100644
--- a/i18n/sv/cryptocurrency.md
+++ b/i18n/sv/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: Massövervakning](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censur](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
Making payments online is one of the biggest challenges to privacy. These cryptocurrencies provide transaction privacy by default (something which is **not** guaranteed by the majority of cryptocurrencies), provided you have a strong understanding of how to make private payments effectively. We strongly encourage you first read our payments overview article before making any purchases:
[Making Private Payments :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -22,7 +27,7 @@ Many if not most cryptocurrency projects are scams. Make transactions carefully
{ align=right }
-**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve anonymity. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
[:octicons-home-16: Homepage](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentation}
diff --git a/i18n/sv/desktop-browsers.md b/i18n/sv/desktop-browsers.md
index a49e099c..af40f517 100644
--- a/i18n/sv/desktop-browsers.md
+++ b/i18n/sv/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Övervakningskapitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **desktop web browsers** and configurations for standard/non-anonymous browsing. We recommend [Mullvad Browser](#mullvad-browser) if you are focused on strong privacy protections and anti-fingerprinting out of the box, [Firefox](#firefox) for casual internet browsers looking for a good alternative to Google Chrome, and [Brave](#brave) if you need Chromium browser compatibility.
Om du vill surfa anonymt på internet bör du använda [Tor](tor.md) i stället. We make some configuration recommendations on this page, but all browsers other than Tor Browser will be traceable by *somebody* in some manner or another.
@@ -67,7 +71,7 @@ Om du vill surfa anonymt på internet bör du använda [Tor](tor.md) i stället.
{ align=right }
-**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed, aimed at providing Tor Browser's anti-fingerprinting browser technologies to VPN users. It is developed by the Tor Project and distributed by [Mullvad](vpn.md#mullvad), and does **not** require the use of Mullvad's VPN.
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. It is developed by the Tor Project and distributed by [Mullvad](vpn.md#mullvad), and does **not** require the use of Mullvad's VPN.
[:octicons-home-16: Homepage](https://mullvad.net/en/browser){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mullvad.net/en/help/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/sv/device-integrity.md b/i18n/sv/device-integrity.md
index 56000fca..44ac8891 100644
--- a/i18n/sv/device-integrity.md
+++ b/i18n/sv/device-integrity.md
@@ -45,6 +45,10 @@ These tools provide analysis based on the information they have the ability to a
## External Verification Tools
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -128,6 +132,11 @@ iMazing automates and interactively guides you through the process of using [MVT
## On-Device Verification
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
@@ -181,6 +190,10 @@ If your [threat model](basics/threat-modeling.md) requires privacy, you could co
## On-Device Scanners
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install on your device which scan your device for signs of compromise.
@@ -221,7 +234,7 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
{ align=right }
-**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Homepage](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/sv/dns.md b/i18n/sv/dns.md
index 13165daf..dd93ba1c 100644
--- a/i18n/sv/dns.md
+++ b/i18n/sv/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Övervakningskapitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
Encrypted DNS with third-party servers should only be used to get around basic [DNS blocking](https://en.wikipedia.org/wiki/DNS_blocking) when you can be sure there won't be any consequences. Encrypted DNS will not help you hide any of your browsing activity.
[Learn more about DNS :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/sv/document-collaboration.md b/i18n/sv/document-collaboration.md
index 6dc215eb..7ed5d961 100644
--- a/i18n/sv/document-collaboration.md
+++ b/i18n/sv/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/sv/email-aliasing.md b/i18n/sv/email-aliasing.md
index 9dc6a808..3be3792c 100644
--- a/i18n/sv/email-aliasing.md
+++ b/i18n/sv/email-aliasing.md
@@ -5,6 +5,11 @@ description: An email aliasing service allows you to easily generate a new email
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md). True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
diff --git a/i18n/sv/encryption.md b/i18n/sv/encryption.md
index 5cdb0edd..4b95d61d 100644
--- a/i18n/sv/encryption.md
+++ b/i18n/sv/encryption.md
@@ -14,11 +14,15 @@ De alternativ som anges här är flera plattformar och bra för att skapa krypte
### Cryptomator (moln)
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passiva attacker](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
-{ align=right }
+{ align=right }
-**Cryptomator** är en krypteringslösning som är utformad för privat lagring av filer till alla molnleverantörer. Det låter dig skapa valv som lagras på en virtuell enhet, vars innehåll krypteras och synkroniseras med din molnlagringsleverantör.
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. Det låter dig skapa valv som lagras på en virtuell enhet, vars innehåll krypteras och synkroniseras med din molnlagringsleverantör.
[:octicons-home-16: Homepage](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Privacy Policy" }
@@ -49,6 +53,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Picocrypt (Fil)
+
Protects against the following threat(s):
+
+- [:material-target-account: Riktade attacker](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -72,6 +80,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### VeraCrypt (disk)
+
Protects against the following threat(s):
+
+- [:material-target-account: Riktade attacker](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -103,6 +115,10 @@ Truecrypt har granskats [ett antal gånger](https://en.wikipedia.org/wiki/TrueCr
## Fullständig diskkryptering
+
Protects against the following threat(s):
+
+- [:material-target-account: Riktade attacker](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
### BitLocker
@@ -227,6 +243,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## Kommandorad
+
Protects against the following threat(s):
+
+- [:material-target-account: Riktade attacker](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Verktyg med kommandoradsgränssnitt är användbara för att integrera [skalskript](https://en.wikipedia.org/wiki/Shell_script).
### Kryptor
@@ -273,6 +293,12 @@ Verktyg med kommandoradsgränssnitt är användbara för att integrera [skalskri
## OpenPGP
+
Protects against the following threat(s):
+
+- [:material-target-account: Riktade attacker](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Passiva attacker](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Tjänsteleverantörer](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP behövs ibland för specifika uppgifter som digital signering och kryptering av e-post. PGP har många funktioner och är [komplext](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) eftersom det har funnits länge. För uppgifter som signering eller kryptering av filer föreslår vi ovanstående alternativ.
Vid kryptering med PGP har du möjlighet att konfigurera olika alternativ i din `gpg.conf` -fil. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/sv/file-sharing.md b/i18n/sv/file-sharing.md
index ffc4def4..58830628 100644
--- a/i18n/sv/file-sharing.md
+++ b/i18n/sv/file-sharing.md
@@ -5,6 +5,10 @@ description: Upptäck hur du kan dela dina filer privat mellan dina enheter, med
cover: file-sharing.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Tjänsteleverantörer](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Upptäck hur du kan dela dina filer privat mellan dina enheter, med vänner och familj eller anonymt på nätet.
## Fildelningsprogram
@@ -37,9 +41,9 @@ ffsend upload --host https://send.vis.ee/ FILE
-{ align=right }
+{ align=right }
-**OnionShare** är ett verktyg med öppen källkod som låter dig dela en fil av valfri storlek på ett säkert och anonymt sätt. Det fungerar genom att starta en webbserver som är tillgänglig som en Tor onion-tjänst, med en oigenkännlig URL som du kan dela med mottagarna för att ladda ner eller skicka filer.
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. Det fungerar genom att starta en webbserver som är tillgänglig som en Tor onion-tjänst, med en oigenkännlig URL som du kan dela med mottagarna för att ladda ner eller skicka filer.
[:octicons-home-16: Homepage](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Onion Service" }
@@ -57,6 +61,8 @@ ffsend upload --host https://send.vis.ee/ FILE
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### Kriterier
**Observera att vi inte är knutna till något av de projekt som vi rekommenderar.** Förutom [våra standardkriterier](about/criteria.md)har vi utvecklat en tydlig uppsättning krav som gör det möjligt för oss att ge objektiva rekommendationer. Vi föreslår att du bekantar dig med den här listan innan du väljer att använda ett projekt, och att du gör din egen forskning för att se till att det är rätt val för dig.
diff --git a/i18n/sv/language-tools.md b/i18n/sv/language-tools.md
index 02dfa82d..80054c22 100644
--- a/i18n/sv/language-tools.md
+++ b/i18n/sv/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/sv/mobile-browsers.md b/i18n/sv/mobile-browsers.md
index 0fa74de6..f00d7cdd 100644
--- a/i18n/sv/mobile-browsers.md
+++ b/i18n/sv/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Övervakningskapitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. Om du vill surfa anonymt på internet bör du använda [Tor](tor.md) i stället.
## Android
diff --git a/i18n/sv/mobile-phones.md b/i18n/sv/mobile-phones.md
index 55f16a7c..374e51a7 100644
--- a/i18n/sv/mobile-phones.md
+++ b/i18n/sv/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/sv/multi-factor-authentication.md b/i18n/sv/multi-factor-authentication.md
index 3555e17e..b484e2ae 100644
--- a/i18n/sv/multi-factor-authentication.md
+++ b/i18n/sv/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Riktade attacker](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Hardware Keys
diff --git a/i18n/sv/notebooks.md b/i18n/sv/notebooks.md
index cde1be00..a93aded1 100644
--- a/i18n/sv/notebooks.md
+++ b/i18n/sv/notebooks.md
@@ -5,6 +5,10 @@ description: These encrypted note-taking apps let you keep track of your notes w
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Tjänsteleverantörer](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Håll koll på dina anteckningar och dagboksanteckningar utan att ge dem till tredje part.
Om du för närvarande använder ett program som Evernote, Google Keep eller Microsoft OneNote föreslår vi att du väljer ett alternativ som stöder E2EE.
diff --git a/i18n/sv/os/ios-overview.md b/i18n/sv/os/ios-overview.md
index 492d04cb..c3b3c292 100644
--- a/i18n/sv/os/ios-overview.md
+++ b/i18n/sv/os/ios-overview.md
@@ -42,7 +42,7 @@ You can also protect your data by limiting what you sync to iCloud in the first
A paid **iCloud+** subscription (with any iCloud storage plan) comes with some privacy-protecting functionality. While these may provide adequate service for current iCloud customers, we wouldn't recommend purchasing an iCloud+ plan over a [VPN](../vpn.md) and [standalone email aliasing service](../email-aliasing.md) just for these features alone.
-**Private Relay** is a proxy service which relays your Safari traffic through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a full VPN, Private Relay does not protect traffic from your apps outside of Safari.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Hide My Email** is Apple's email aliasing service. You can create an email aliases for free when you *Sign In With Apple* on a website or app, or generate unlimited aliases on demand with a paid iCloud+ plan. Hide My Email has the advantage of using the `@icloud.com` domain for its aliases, which may be less likely to be blocked compared to other email aliasing services, but does not offer functionality offered by standalone services such as automatic PGP encryption or multiple mailbox support.
diff --git a/i18n/sv/passwords.md b/i18n/sv/passwords.md
index 6969d4cf..68904626 100644
--- a/i18n/sv/passwords.md
+++ b/i18n/sv/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Riktade attacker](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Passiva attacker](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Tjänsteleverantörer](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[Introduktion till lösenord :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/sv/photo-management.md b/i18n/sv/photo-management.md
index a1551341..aad118d6 100644
--- a/i18n/sv/photo-management.md
+++ b/i18n/sv/photo-management.md
@@ -5,6 +5,11 @@ description: Photo management tools to keep your personal photos safe from the p
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. These options keep your personal photos private, while allowing you to share them only with family and trusted people.
## Ente Photos
diff --git a/i18n/sv/real-time-communication.md b/i18n/sv/real-time-communication.md
index f780be6f..96103a14 100644
--- a/i18n/sv/real-time-communication.md
+++ b/i18n/sv/real-time-communication.md
@@ -6,6 +6,13 @@ description: Other instant messengers make all of your private conversations ava
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passiva attacker](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Tjänsteleverantörer](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: Massövervakning](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: Övervakningskapitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[Types of Communication Networks :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -67,7 +74,7 @@ We have some additional tips on configuring and hardening your Signal installati
{ align=right }
-**SimpleX** Chat is an instant messenger that is decentralized and doesn't depend on any unique identifiers such as phone numbers or usernames. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
[:octicons-home-16: Homepage](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Privacy Policy" }
@@ -98,7 +105,7 @@ SimpleX Chat supports basic group chatting functionality, direct messaging, and
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/sv/security-keys.md b/i18n/sv/security-keys.md
index 33fe5a5c..90a39b1f 100644
--- a/i18n/sv/security-keys.md
+++ b/i18n/sv/security-keys.md
@@ -5,6 +5,11 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A physical **security key** adds a very strong layer of protection to your online accounts. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/sv/tools.md b/i18n/sv/tools.md
index af93524a..01eda4f7 100644
--- a/i18n/sv/tools.md
+++ b/i18n/sv/tools.md
@@ -31,6 +31,15 @@ Om du vill ha mer information om varje projekt, varför de valdes ut och ytterli
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/sv/tor.md b/i18n/sv/tor.md
index 0f82d89f..797473f0 100644
--- a/i18n/sv/tor.md
+++ b/i18n/sv/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: Övervakningskapitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: Massövervakning](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censur](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Tor** is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective censorship circumvention tool.
[Detailed Tor Overview :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-
-There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android.
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
-If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Tor Browser
diff --git a/i18n/sv/vpn.md b/i18n/sv/vpn.md
index 18cd69f9..de8fc4d8 100644
--- a/i18n/sv/vpn.md
+++ b/i18n/sv/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: Övervakningskapitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/tr/alternative-networks.md b/i18n/tr/alternative-networks.md
index 79017cee..4c8a6e25 100644
--- a/i18n/tr/alternative-networks.md
+++ b/i18n/tr/alternative-networks.md
@@ -5,9 +5,15 @@ description: These tools allow you to access networks other than the World Wide
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## Anonymizing Networks
-When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your anonymity, unless you know what you're doing.
+When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### Tor
@@ -15,7 +21,7 @@ When it comes to anonymizing networks, we want to specially note that [Tor](adva
{ align=right }
-The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective censorship circumvention tool.
+The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title=Homepage }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
diff --git a/i18n/tr/android/distributions.md b/i18n/tr/android/distributions.md
index 339587be..c3c27e85 100644
--- a/i18n/tr/android/distributions.md
+++ b/i18n/tr/android/distributions.md
@@ -29,6 +29,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A **custom Android-based operating system** (often known as a **custom ROM**) is a popular way to achieve higher levels of privacy and security on your device. This is in contrast to the "stock" version of Android which comes with your phone from the factory, and is often deeply integrated with Google Play Services.
We recommend installing one of these custom Android operating systems on your device, listed in order of preference, depending on your device's compatibility with these operating systems.
diff --git a/i18n/tr/android/general-apps.md b/i18n/tr/android/general-apps.md
index d13deac9..e3221737 100644
--- a/i18n/tr/android/general-apps.md
+++ b/i18n/tr/android/general-apps.md
@@ -91,6 +91,11 @@ The image orientation metadata is not deleted. If you enable location (in Secure
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/tr/browser-extensions.md b/i18n/tr/browser-extensions.md
index d5644115..f0a2bf5b 100644
--- a/i18n/tr/browser-extensions.md
+++ b/i18n/tr/browser-extensions.md
@@ -5,6 +5,10 @@ description: These browser extensions can enhance your browsing experience and p
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
In general, we recommend keeping your browser extensions to a minimum to decrease your attack surface. They have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
However, some provide functionality which can outweigh these downsides in certain situations, particularly when it comes to [content blocking](basics/common-threats.md#mass-surveillance-programs).
@@ -56,7 +60,7 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
{ align=right }
-**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function.
+**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/tr/calendar.md b/i18n/tr/calendar.md
index edcd57b4..e44bf1ee 100644
--- a/i18n/tr/calendar.md
+++ b/i18n/tr/calendar.md
@@ -5,6 +5,11 @@ description: Calendars contain some of your most sensitive data; use products th
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Calendars** contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
## Tuta
diff --git a/i18n/tr/cloud.md b/i18n/tr/cloud.md
index ebf8ccc7..9a94a270 100644
--- a/i18n/tr/cloud.md
+++ b/i18n/tr/cloud.md
@@ -6,6 +6,11 @@ description: Many cloud storage providers require your trust that they will not
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. Aşağıda listelenen alternatifler güvenli uçtan uca şifreleme uygulayarak güven ihtiyacını ortadan kaldırır.
Bu alternatifler ihtiyaçlarınızı karşılamıyorsa, başka bir bulut sağlayıcısıyla birlikte [Cryptomator](encryption.md#cryptomator-cloud) gibi bir şifreleme yazılımı kullanmanızı öneririz. Cryptomator'ı **herhangi bir ** bulut sağlayıcısıyla kullanmak (listenenenler dahil) sağlayıcının yerel istemcilerindeki şifreleme kusurlarını azaltmak için iyi bir fikir olabilir.
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech).
+**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/tr/cryptocurrency.md b/i18n/tr/cryptocurrency.md
index 2fd5ccf5..348e2546 100644
--- a/i18n/tr/cryptocurrency.md
+++ b/i18n/tr/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
Making payments online is one of the biggest challenges to privacy. These cryptocurrencies provide transaction privacy by default (something which is **not** guaranteed by the majority of cryptocurrencies), provided you have a strong understanding of how to make private payments effectively. We strongly encourage you first read our payments overview article before making any purchases:
[Making Private Payments :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -22,7 +27,7 @@ Many if not most cryptocurrency projects are scams. Make transactions carefully
{ align=right }
-**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve anonymity. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
[:octicons-home-16: Homepage](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentation}
diff --git a/i18n/tr/desktop-browsers.md b/i18n/tr/desktop-browsers.md
index 5607571a..6d4b6114 100644
--- a/i18n/tr/desktop-browsers.md
+++ b/i18n/tr/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **desktop web browsers** and configurations for standard/non-anonymous browsing. Eğer varsayılan olarak güçlü mahremiyet koruması ve parmak izi önleme istiyorsanız [Mullvad Browser'ı](#mullvad-browser), Google Chrome için iyi bir alternatif arayan normal kullanıcılar için [Firefox'u](#firefox) ve eğer Chromium uyumlu bir tarayıcıya ihtiyacınız varsa [Brave'i](#brave) öneririz.
İnternette anonim olarak gezinmeniz gerekiyorsa, bunlar yerine [Tor](tor.md) kullanmalısınız. Bu sayfada bazı yapılandırma önerilerinde bulunmaktayız fakat Tor Browser hariç tüm tarayıcılar *birisi* tarafından herhangi bir şekilde takip edilebilirdir.
@@ -65,9 +69,9 @@ These are our currently recommended **desktop web browsers** and configurations
-{ align=right }
+{ align=right }
-**Mullvad Browser**, [Tor Browser]'ın (tor.md#tor-browser) Tor ağ entegrasyonları kaldırılmış bir sürümüdür ve Tor Browser'ın parmak izi önleme tarayıcı teknolojilerini VPN kullanıcılarına sunmayı amaçlamaktadır. Tor Projesi tarafından geliştirilir ve [Mullvad] (vpn.md#mullvad) tarafından dağıtılır, ayrıca **Mullvad'ın VPN'inin kullanılmasını gerektirmez.
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. Tor Projesi tarafından geliştirilir ve [Mullvad] (vpn.md#mullvad) tarafından dağıtılır, ayrıca **Mullvad'ın VPN'inin kullanılmasını gerektirmez.
[:octicons-home-16: Homepage](https://mullvad.net/en/browser){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mullvad.net/en/help/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/tr/device-integrity.md b/i18n/tr/device-integrity.md
index 706830d8..ecaf8bdc 100644
--- a/i18n/tr/device-integrity.md
+++ b/i18n/tr/device-integrity.md
@@ -45,6 +45,10 @@ These tools provide analysis based on the information they have the ability to a
## External Verification Tools
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
Harici doğrulama araçları bilgisayarınızda çalışır ve mobil cihazınızı adli izler için tarar, bu da potansiyel tehlikeyi tespit etmeye yardımcı olur.
@@ -128,6 +132,11 @@ iMazing automates and interactively guides you through the process of using [MVT
## On-Device Verification
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
@@ -181,6 +190,10 @@ If your [threat model](basics/threat-modeling.md) requires privacy, you could co
## On-Device Scanners
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install on your device which scan your device for signs of compromise.
@@ -221,7 +234,7 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
{ align=right }
-**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Anasayfa](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Gizlilik Politikası" }
diff --git a/i18n/tr/dns.md b/i18n/tr/dns.md
index 4f6fb8eb..a07cf5e6 100644
--- a/i18n/tr/dns.md
+++ b/i18n/tr/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
Üçüncü taraf sunucularla şifrelenmiş DNS, yalnızca herhangi bir sonucu olmayacağından emin olduğunuzda temel [DNS Engellemesini](https://en.wikipedia.org/wiki/DNS_blocking) aşmak için kullanılmalıdır. Şifrelenmiş DNS internet faaliyetlerinizi gizlemenize yardımcı olmaz.
[DNS hakkında daha fazla bilgi edinin :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/tr/document-collaboration.md b/i18n/tr/document-collaboration.md
index 4f7ed135..9bf30ec2 100644
--- a/i18n/tr/document-collaboration.md
+++ b/i18n/tr/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/tr/email-aliasing.md b/i18n/tr/email-aliasing.md
index 2b447982..c2f4c549 100644
--- a/i18n/tr/email-aliasing.md
+++ b/i18n/tr/email-aliasing.md
@@ -5,6 +5,11 @@ description: An email aliasing service allows you to easily generate a new email
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md). True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
diff --git a/i18n/tr/encryption.md b/i18n/tr/encryption.md
index da9ff73b..4e15e295 100644
--- a/i18n/tr/encryption.md
+++ b/i18n/tr/encryption.md
@@ -14,11 +14,15 @@ The options listed here are multi-platform and great for creating encrypted back
### Cryptomator (Cloud)
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
{ align=right }
-**Cryptomator** is an encryption solution designed for privately saving files to any cloud provider. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
[:octicons-home-16: Homepage](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Privacy Policy" }
@@ -49,6 +53,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Picocrypt (File)
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -72,6 +80,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### VeraCrypt (Disk)
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -103,6 +115,10 @@ Truecrypt has been [audited a number of times](https://en.wikipedia.org/wiki/Tru
## OS Full Disk Encryption
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
### BitLocker
@@ -227,6 +243,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## Command-line
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Tools with command-line interfaces are useful for integrating [shell scripts](https://en.wikipedia.org/wiki/Shell_script).
### Kryptor
@@ -273,6 +293,12 @@ Tools with command-line interfaces are useful for integrating [shell scripts](ht
## OpenPGP
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP is sometimes needed for specific tasks such as digitally signing and encrypting email. PGP has many features and is [complex](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) as it has been around a long time. For tasks such as signing or encrypting files, we suggest the above options.
When encrypting with PGP, you have the option to configure different options in your `gpg.conf` file. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/tr/file-sharing.md b/i18n/tr/file-sharing.md
index 0e4d95ff..70618485 100644
--- a/i18n/tr/file-sharing.md
+++ b/i18n/tr/file-sharing.md
@@ -5,6 +5,10 @@ description: Discover how to privately share your files between your devices, wi
cover: file-sharing.webp
---
+Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Discover how to privately share your files between your devices, with your friends and family, or anonymously online.
## Dosya Paylaşımı
@@ -39,7 +43,7 @@ ffsend upload --host https://send.vis.ee/ FILE
{ align=right }
-**OnionShare** herhangi bir boyuttaki dosyayı gizli ve güvenli bir şekilde paylaşmanıza olanak tanıyan açık kaynak bir araçtır. Tor onion hizmeti olarak erişilebilir bir wen sunucusu başlatarak çalışır, böylece dosyaları indirmek veya göndermek için alıcıyla tahmin edilemez bir link paylaşabilirsiniz.
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. Tor onion hizmeti olarak erişilebilir bir wen sunucusu başlatarak çalışır, böylece dosyaları indirmek veya göndermek için alıcıyla tahmin edilemez bir link paylaşabilirsiniz.
[:octicons-home-16: Homepage](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Onion Service" }
@@ -57,6 +61,8 @@ ffsend upload --host https://send.vis.ee/ FILE
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### Kriterler
**Lütfen önerdiğimiz projelerin hiçbirine bağlı olmadığımızı unutmayın.** [standart kriterlerimize](about/criteria.md)ek olarak, objektif tavsiyelerde bulunabilmemiz için bir takım gereklilikler geliştirdik. Bir projeyi kullanmayı seçmeden önce bu listeye aşina olmanızı ve sizin için doğru seçim olduğundan emin olmak için kendi araştırmanızı yapmanızı öneririz.
diff --git a/i18n/tr/language-tools.md b/i18n/tr/language-tools.md
index 1f6f756c..b69f9ff1 100644
--- a/i18n/tr/language-tools.md
+++ b/i18n/tr/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/tr/mobile-browsers.md b/i18n/tr/mobile-browsers.md
index db5776fd..1809657f 100644
--- a/i18n/tr/mobile-browsers.md
+++ b/i18n/tr/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. İnternette anonim olarak gezinmeniz gerekiyorsa, bunun yerine [Tor](tor.md) kullanmalısınız.
## Android
diff --git a/i18n/tr/mobile-phones.md b/i18n/tr/mobile-phones.md
index 05d9bc84..c65b0814 100644
--- a/i18n/tr/mobile-phones.md
+++ b/i18n/tr/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/tr/multi-factor-authentication.md b/i18n/tr/multi-factor-authentication.md
index a55257f7..3307efa3 100644
--- a/i18n/tr/multi-factor-authentication.md
+++ b/i18n/tr/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Hardware Keys
diff --git a/i18n/tr/notebooks.md b/i18n/tr/notebooks.md
index 1cab1e1b..70cc3157 100644
--- a/i18n/tr/notebooks.md
+++ b/i18n/tr/notebooks.md
@@ -5,6 +5,10 @@ description: These encrypted note-taking apps let you keep track of your notes w
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Keep track of your notes and journalings without giving them to a third-party.
If you are currently using an application like Evernote, Google Keep, or Microsoft OneNote, we suggest you pick an alternative here that supports E2EE.
diff --git a/i18n/tr/os/ios-overview.md b/i18n/tr/os/ios-overview.md
index 14826451..deba7cf8 100644
--- a/i18n/tr/os/ios-overview.md
+++ b/i18n/tr/os/ios-overview.md
@@ -42,7 +42,7 @@ You can also protect your data by limiting what you sync to iCloud in the first
A paid **iCloud+** subscription (with any iCloud storage plan) comes with some privacy-protecting functionality. While these may provide adequate service for current iCloud customers, we wouldn't recommend purchasing an iCloud+ plan over a [VPN](../vpn.md) and [standalone email aliasing service](../email-aliasing.md) just for these features alone.
-**Private Relay** is a proxy service which relays your Safari traffic through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a full VPN, Private Relay does not protect traffic from your apps outside of Safari.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Hide My Email** is Apple's email aliasing service. You can create an email aliases for free when you *Sign In With Apple* on a website or app, or generate unlimited aliases on demand with a paid iCloud+ plan. Hide My Email has the advantage of using the `@icloud.com` domain for its aliases, which may be less likely to be blocked compared to other email aliasing services, but does not offer functionality offered by standalone services such as automatic PGP encryption or multiple mailbox support.
diff --git a/i18n/tr/passwords.md b/i18n/tr/passwords.md
index c45e1cc9..6ab4159a 100644
--- a/i18n/tr/passwords.md
+++ b/i18n/tr/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[Introduction to Passwords :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/tr/photo-management.md b/i18n/tr/photo-management.md
index 89f3a7d0..c526c59a 100644
--- a/i18n/tr/photo-management.md
+++ b/i18n/tr/photo-management.md
@@ -5,6 +5,11 @@ description: Photo management tools to keep your personal photos safe from the p
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. These options keep your personal photos private, while allowing you to share them only with family and trusted people.
## Ente Photos
diff --git a/i18n/tr/real-time-communication.md b/i18n/tr/real-time-communication.md
index 8cb811a3..68d89a33 100644
--- a/i18n/tr/real-time-communication.md
+++ b/i18n/tr/real-time-communication.md
@@ -6,6 +6,13 @@ description: Other instant messengers make all of your private conversations ava
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[İletişim Ağı Türleri :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -67,7 +74,7 @@ Signal kurulumunuzu yapılandırma ve sağlamlaştırma konusunda bazı ek ipuç
{ align=right }
-**SimpleX** Chat is an instant messenger that is decentralized and doesn't depend on any unique identifiers such as phone numbers or usernames. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
[:octicons-home-16: Homepage](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Privacy Policy" }
@@ -98,7 +105,7 @@ SimpleX Chat supports basic group chatting functionality, direct messaging, and
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/tr/security-keys.md b/i18n/tr/security-keys.md
index 4c60d2c0..5fb71cc3 100644
--- a/i18n/tr/security-keys.md
+++ b/i18n/tr/security-keys.md
@@ -5,6 +5,11 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A physical **security key** adds a very strong layer of protection to your online accounts. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/tr/tools.md b/i18n/tr/tools.md
index 741660be..207e92c1 100644
--- a/i18n/tr/tools.md
+++ b/i18n/tr/tools.md
@@ -31,6 +31,15 @@ For more details about each project, why they were chosen, and additional tips o
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/tr/tor.md b/i18n/tr/tor.md
index f1e0947b..885f3bd6 100644
--- a/i18n/tr/tor.md
+++ b/i18n/tr/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Tor** is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective censorship circumvention tool.
[Detailed Tor Overview :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-
-There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android.
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
-If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Tor Tarayıcı
diff --git a/i18n/tr/vpn.md b/i18n/tr/vpn.md
index 070e1af7..9f336e5c 100644
--- a/i18n/tr/vpn.md
+++ b/i18n/tr/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/uk/alternative-networks.md b/i18n/uk/alternative-networks.md
index f2a5030a..ea5b425e 100644
--- a/i18n/uk/alternative-networks.md
+++ b/i18n/uk/alternative-networks.md
@@ -5,9 +5,15 @@ description: These tools allow you to access networks other than the World Wide
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## Anonymizing Networks
-When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your anonymity, unless you know what you're doing.
+When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### Tor
@@ -15,7 +21,7 @@ When it comes to anonymizing networks, we want to specially note that [Tor](adva
{ align=right }
-The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Приватні особи та організації також можуть обмінюватися інформацією через мережу Tor з "прихованими сервісами .onion" без шкоди для своєї конфіденційності. Оскільки трафік Tor важко заблокувати і відстежити, Tor є ефективним інструментом обходу цензури.
+The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Приватні особи та організації також можуть обмінюватися інформацією через мережу Tor з "прихованими сервісами .onion" без шкоди для своєї конфіденційності. Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title=Homepage }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
diff --git a/i18n/uk/android/distributions.md b/i18n/uk/android/distributions.md
index 339587be..c3c27e85 100644
--- a/i18n/uk/android/distributions.md
+++ b/i18n/uk/android/distributions.md
@@ -29,6 +29,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A **custom Android-based operating system** (often known as a **custom ROM**) is a popular way to achieve higher levels of privacy and security on your device. This is in contrast to the "stock" version of Android which comes with your phone from the factory, and is often deeply integrated with Google Play Services.
We recommend installing one of these custom Android operating systems on your device, listed in order of preference, depending on your device's compatibility with these operating systems.
diff --git a/i18n/uk/android/general-apps.md b/i18n/uk/android/general-apps.md
index d13deac9..e3221737 100644
--- a/i18n/uk/android/general-apps.md
+++ b/i18n/uk/android/general-apps.md
@@ -91,6 +91,11 @@ The image orientation metadata is not deleted. If you enable location (in Secure
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/uk/browser-extensions.md b/i18n/uk/browser-extensions.md
index d5644115..f0a2bf5b 100644
--- a/i18n/uk/browser-extensions.md
+++ b/i18n/uk/browser-extensions.md
@@ -5,6 +5,10 @@ description: These browser extensions can enhance your browsing experience and p
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
In general, we recommend keeping your browser extensions to a minimum to decrease your attack surface. They have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
However, some provide functionality which can outweigh these downsides in certain situations, particularly when it comes to [content blocking](basics/common-threats.md#mass-surveillance-programs).
@@ -56,7 +60,7 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
{ align=right }
-**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function.
+**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/uk/calendar.md b/i18n/uk/calendar.md
index edcd57b4..0b263b0d 100644
--- a/i18n/uk/calendar.md
+++ b/i18n/uk/calendar.md
@@ -5,6 +5,11 @@ description: Calendars contain some of your most sensitive data; use products th
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Пасивні атаки](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Постачальники послуг](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Calendars** contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
## Tuta
diff --git a/i18n/uk/cloud.md b/i18n/uk/cloud.md
index 1b691f08..ae1e8ed6 100644
--- a/i18n/uk/cloud.md
+++ b/i18n/uk/cloud.md
@@ -6,6 +6,11 @@ description: Many cloud storage providers require your trust that they will not
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Пасивні атаки](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Постачальники послуг](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. The alternatives listed below eliminate the need for trust by implementing secure E2EE.
If these alternatives do not fit your needs, we suggest you look into using encryption software like [Cryptomator](encryption.md#cryptomator-cloud) with another cloud provider. Using Cryptomator in conjunction with **any** cloud provider (including these) may be a good idea to reduce the risk of encryption flaws in a provider's native clients.
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech).
+**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/uk/cryptocurrency.md b/i18n/uk/cryptocurrency.md
index 2fd5ccf5..642ae244 100644
--- a/i18n/uk/cryptocurrency.md
+++ b/i18n/uk/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: Масове спостереження](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Цензура](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
Making payments online is one of the biggest challenges to privacy. These cryptocurrencies provide transaction privacy by default (something which is **not** guaranteed by the majority of cryptocurrencies), provided you have a strong understanding of how to make private payments effectively. We strongly encourage you first read our payments overview article before making any purchases:
[Making Private Payments :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -22,7 +27,7 @@ Many if not most cryptocurrency projects are scams. Make transactions carefully
{ align=right }
-**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve anonymity. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
[:octicons-home-16: Homepage](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentation}
diff --git a/i18n/uk/desktop-browsers.md b/i18n/uk/desktop-browsers.md
index c4328fb3..d9d6f9bf 100644
--- a/i18n/uk/desktop-browsers.md
+++ b/i18n/uk/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Капіталізм нагляду](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **desktop web browsers** and configurations for standard/non-anonymous browsing. We recommend [Mullvad Browser](#mullvad-browser) if you are focused on strong privacy protections and anti-fingerprinting out of the box, [Firefox](#firefox) for casual internet browsers looking for a good alternative to Google Chrome, and [Brave](#brave) if you need Chromium browser compatibility.
If you need to browse the internet anonymously, you should use [Tor](tor.md) instead. We make some configuration recommendations on this page, but all browsers other than Tor Browser will be traceable by *somebody* in some manner or another.
@@ -67,7 +71,7 @@ If you need to browse the internet anonymously, you should use [Tor](tor.md) ins
{ align=right }
-**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed, aimed at providing Tor Browser's anti-fingerprinting browser technologies to VPN users. It is developed by the Tor Project and distributed by [Mullvad](vpn.md#mullvad), and does **not** require the use of Mullvad's VPN.
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. It is developed by the Tor Project and distributed by [Mullvad](vpn.md#mullvad), and does **not** require the use of Mullvad's VPN.
[:octicons-home-16: Homepage](https://mullvad.net/en/browser){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mullvad.net/en/help/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/uk/device-integrity.md b/i18n/uk/device-integrity.md
index fb19bab5..7de334df 100644
--- a/i18n/uk/device-integrity.md
+++ b/i18n/uk/device-integrity.md
@@ -45,6 +45,10 @@ These tools provide analysis based on the information they have the ability to a
## External Verification Tools
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -128,6 +132,11 @@ iMazing automates and interactively guides you through the process of using [MVT
## On-Device Verification
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
@@ -181,6 +190,10 @@ If your [threat model](basics/threat-modeling.md) requires privacy, you could co
## On-Device Scanners
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install on your device which scan your device for signs of compromise.
@@ -221,7 +234,7 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
{ align=right }
-**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Homepage](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/uk/dns.md b/i18n/uk/dns.md
index 6f917b90..f7110d7a 100644
--- a/i18n/uk/dns.md
+++ b/i18n/uk/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Капіталізм нагляду](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
Зашифрований DNS на сторонніх серверах слід використовувати, щоб обійти базове [блокування за DNS](https://en.wikipedia.org/wiki/DNS_blocking) лише тоді, коли ви впевнені, що це не матиме жодних наслідків. Зашифрований DNS не допоможе вам приховати будь-яку вашу веб-активність.
[Дізнайтеся більше про DNS :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/uk/document-collaboration.md b/i18n/uk/document-collaboration.md
index 4f7ed135..9bf30ec2 100644
--- a/i18n/uk/document-collaboration.md
+++ b/i18n/uk/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/uk/email-aliasing.md b/i18n/uk/email-aliasing.md
index 2b447982..c2f4c549 100644
--- a/i18n/uk/email-aliasing.md
+++ b/i18n/uk/email-aliasing.md
@@ -5,6 +5,11 @@ description: An email aliasing service allows you to easily generate a new email
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md). True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
diff --git a/i18n/uk/encryption.md b/i18n/uk/encryption.md
index da9ff73b..26bf0d00 100644
--- a/i18n/uk/encryption.md
+++ b/i18n/uk/encryption.md
@@ -14,11 +14,15 @@ The options listed here are multi-platform and great for creating encrypted back
### Cryptomator (Cloud)
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Пасивні атаки](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
{ align=right }
-**Cryptomator** is an encryption solution designed for privately saving files to any cloud provider. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
[:octicons-home-16: Homepage](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Privacy Policy" }
@@ -49,6 +53,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Picocrypt (File)
+
Protects against the following threat(s):
+
+- [:material-target-account: Цілеспрямовані атаки](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -72,6 +80,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### VeraCrypt (Disk)
+
Protects against the following threat(s):
+
+- [:material-target-account: Цілеспрямовані атаки](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -103,6 +115,10 @@ Truecrypt has been [audited a number of times](https://en.wikipedia.org/wiki/Tru
## OS Full Disk Encryption
+Protects against the following threat(s):
+
+- [:material-target-account: Цілеспрямовані атаки](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
### BitLocker
@@ -227,6 +243,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## Command-line
+Protects against the following threat(s):
+
+- [:material-target-account: Цілеспрямовані атаки](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Tools with command-line interfaces are useful for integrating [shell scripts](https://en.wikipedia.org/wiki/Shell_script).
### Kryptor
@@ -273,6 +293,12 @@ Tools with command-line interfaces are useful for integrating [shell scripts](ht
## OpenPGP
+Protects against the following threat(s):
+
+- [:material-target-account: Цілеспрямовані атаки](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Пасивні атаки](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Постачальники послуг](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP is sometimes needed for specific tasks such as digitally signing and encrypting email. PGP has many features and is [complex](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) as it has been around a long time. For tasks such as signing or encrypting files, we suggest the above options.
When encrypting with PGP, you have the option to configure different options in your `gpg.conf` file. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/uk/file-sharing.md b/i18n/uk/file-sharing.md
index cfe78654..d41ca7f8 100644
--- a/i18n/uk/file-sharing.md
+++ b/i18n/uk/file-sharing.md
@@ -5,6 +5,10 @@ description: Discover how to privately share your files between your devices, wi
cover: file-sharing.webp
---
+Protects against the following threat(s):
+
+- [:material-server-network: Постачальники послуг](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Discover how to privately share your files between your devices, with your friends and family, or anonymously online.
## File Sharing
@@ -39,7 +43,7 @@ ffsend upload --host https://send.vis.ee/ FILE
{ align=right }
-**OnionShare** is an open-source tool that lets you securely and anonymously share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.
[:octicons-home-16: Homepage](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Onion Service" }
@@ -57,6 +61,8 @@ ffsend upload --host https://send.vis.ee/ FILE
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### Criteria
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
diff --git a/i18n/uk/language-tools.md b/i18n/uk/language-tools.md
index 1f6f756c..b69f9ff1 100644
--- a/i18n/uk/language-tools.md
+++ b/i18n/uk/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/uk/mobile-browsers.md b/i18n/uk/mobile-browsers.md
index 1fdcb7a1..cc06352f 100644
--- a/i18n/uk/mobile-browsers.md
+++ b/i18n/uk/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Капіталізм нагляду](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. If you need to browse the internet anonymously, you should use [Tor](tor.md) instead.
## Android
diff --git a/i18n/uk/mobile-phones.md b/i18n/uk/mobile-phones.md
index 05d9bc84..c65b0814 100644
--- a/i18n/uk/mobile-phones.md
+++ b/i18n/uk/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/uk/multi-factor-authentication.md b/i18n/uk/multi-factor-authentication.md
index 6155ae93..a4887751 100644
--- a/i18n/uk/multi-factor-authentication.md
+++ b/i18n/uk/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Цілеспрямовані атаки](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Hardware Keys
diff --git a/i18n/uk/notebooks.md b/i18n/uk/notebooks.md
index d450ba8b..75cede65 100644
--- a/i18n/uk/notebooks.md
+++ b/i18n/uk/notebooks.md
@@ -5,6 +5,10 @@ description: These encrypted note-taking apps let you keep track of your notes w
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Постачальники послуг](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Keep track of your notes and journalings without giving them to a third-party.
If you are currently using an application like Evernote, Google Keep, or Microsoft OneNote, we suggest you pick an alternative here that supports E2EE.
diff --git a/i18n/uk/os/ios-overview.md b/i18n/uk/os/ios-overview.md
index b0935919..0100a6f3 100644
--- a/i18n/uk/os/ios-overview.md
+++ b/i18n/uk/os/ios-overview.md
@@ -42,7 +42,7 @@ You can also protect your data by limiting what you sync to iCloud in the first
A paid **iCloud+** subscription (with any iCloud storage plan) comes with some privacy-protecting functionality. While these may provide adequate service for current iCloud customers, we wouldn't recommend purchasing an iCloud+ plan over a [VPN](../vpn.md) and [standalone email aliasing service](../email-aliasing.md) just for these features alone.
-**Private Relay** is a proxy service which relays your Safari traffic through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a full VPN, Private Relay does not protect traffic from your apps outside of Safari.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Hide My Email** is Apple's email aliasing service. You can create an email aliases for free when you *Sign In With Apple* on a website or app, or generate unlimited aliases on demand with a paid iCloud+ plan. Hide My Email has the advantage of using the `@icloud.com` domain for its aliases, which may be less likely to be blocked compared to other email aliasing services, but does not offer functionality offered by standalone services such as automatic PGP encryption or multiple mailbox support.
diff --git a/i18n/uk/passwords.md b/i18n/uk/passwords.md
index d86cbfb0..0473a8cf 100644
--- a/i18n/uk/passwords.md
+++ b/i18n/uk/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Цілеспрямовані атаки](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Пасивні атаки](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Постачальники послуг](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[Introduction to Passwords :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/uk/photo-management.md b/i18n/uk/photo-management.md
index 89f3a7d0..c526c59a 100644
--- a/i18n/uk/photo-management.md
+++ b/i18n/uk/photo-management.md
@@ -5,6 +5,11 @@ description: Photo management tools to keep your personal photos safe from the p
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. These options keep your personal photos private, while allowing you to share them only with family and trusted people.
## Ente Photos
diff --git a/i18n/uk/real-time-communication.md b/i18n/uk/real-time-communication.md
index 4bd1f966..705931c5 100644
--- a/i18n/uk/real-time-communication.md
+++ b/i18n/uk/real-time-communication.md
@@ -6,6 +6,13 @@ description: Other instant messengers make all of your private conversations ava
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Пасивні атаки](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Постачальники послуг](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: Масове спостереження](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: Капіталізм нагляду](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[Types of Communication Networks :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -67,7 +74,7 @@ We have some additional tips on configuring and hardening your Signal installati
{ align=right }
-**SimpleX** Chat is an instant messenger that is decentralized and doesn't depend on any unique identifiers such as phone numbers or usernames. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
[:octicons-home-16: Homepage](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Privacy Policy" }
@@ -98,7 +105,7 @@ SimpleX Chat supports basic group chatting functionality, direct messaging, and
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/uk/security-keys.md b/i18n/uk/security-keys.md
index 4c60d2c0..5fb71cc3 100644
--- a/i18n/uk/security-keys.md
+++ b/i18n/uk/security-keys.md
@@ -5,6 +5,11 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A physical **security key** adds a very strong layer of protection to your online accounts. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/uk/tools.md b/i18n/uk/tools.md
index ad3f256a..5d626345 100644
--- a/i18n/uk/tools.md
+++ b/i18n/uk/tools.md
@@ -31,6 +31,15 @@ For more details about each project, why they were chosen, and additional tips o
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/uk/tor.md b/i18n/uk/tor.md
index a3d39327..6764a6ce 100644
--- a/i18n/uk/tor.md
+++ b/i18n/uk/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: Капіталізм нагляду](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: Масове спостереження](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Цензура](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Tor** is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Приватні особи та організації також можуть обмінюватися інформацією через мережу Tor з "прихованими сервісами .onion" без шкоди для своєї конфіденційності. Оскільки трафік Tor важко заблокувати і відстежити, Tor є ефективним інструментом обходу цензури.
[Детальний огляд Tor :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-
-Існує безліч способів під'єднатися до мережі Tor з вашого пристрою, найпоширенішим з яких є **Tor Browser**, форк Firefox, призначений для анонімного перегляду веб-сторінок на настільних комп'ютерах і Android.
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
-If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Tor Browser
diff --git a/i18n/uk/vpn.md b/i18n/uk/vpn.md
index fb8c3724..05d693d4 100644
--- a/i18n/uk/vpn.md
+++ b/i18n/uk/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: Капіталізм нагляду](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/vi/alternative-networks.md b/i18n/vi/alternative-networks.md
index 79017cee..4c8a6e25 100644
--- a/i18n/vi/alternative-networks.md
+++ b/i18n/vi/alternative-networks.md
@@ -5,9 +5,15 @@ description: These tools allow you to access networks other than the World Wide
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## Anonymizing Networks
-When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your anonymity, unless you know what you're doing.
+When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### Tor
@@ -15,7 +21,7 @@ When it comes to anonymizing networks, we want to specially note that [Tor](adva
{ align=right }
-The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective censorship circumvention tool.
+The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title=Homepage }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
diff --git a/i18n/vi/android/distributions.md b/i18n/vi/android/distributions.md
index 55c022ac..80ccb0e6 100644
--- a/i18n/vi/android/distributions.md
+++ b/i18n/vi/android/distributions.md
@@ -29,6 +29,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A **custom Android-based operating system** (often known as a **custom ROM**) is a popular way to achieve higher levels of privacy and security on your device. This is in contrast to the "stock" version of Android which comes with your phone from the factory, and is often deeply integrated with Google Play Services.
We recommend installing one of these custom Android operating systems on your device, listed in order of preference, depending on your device's compatibility with these operating systems.
diff --git a/i18n/vi/android/general-apps.md b/i18n/vi/android/general-apps.md
index cdfdc9d4..74849c12 100644
--- a/i18n/vi/android/general-apps.md
+++ b/i18n/vi/android/general-apps.md
@@ -91,6 +91,11 @@ The image orientation metadata is not deleted. If you enable location (in Secure
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/vi/browser-extensions.md b/i18n/vi/browser-extensions.md
index c5ecaa0b..2e7690aa 100644
--- a/i18n/vi/browser-extensions.md
+++ b/i18n/vi/browser-extensions.md
@@ -5,6 +5,10 @@ description: These browser extensions can enhance your browsing experience and p
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
In general, we recommend keeping your browser extensions to a minimum to decrease your attack surface. They have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
However, some provide functionality which can outweigh these downsides in certain situations, particularly when it comes to [content blocking](basics/common-threats.md#mass-surveillance-programs).
@@ -56,7 +60,7 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
{ align=right }
-**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function.
+**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/vi/calendar.md b/i18n/vi/calendar.md
index ba57f147..a16176c3 100644
--- a/i18n/vi/calendar.md
+++ b/i18n/vi/calendar.md
@@ -5,6 +5,11 @@ description: Calendars contain some of your most sensitive data; use products th
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Calendars** contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
## Tuta
diff --git a/i18n/vi/cloud.md b/i18n/vi/cloud.md
index 2e031ddc..1c64467d 100644
--- a/i18n/vi/cloud.md
+++ b/i18n/vi/cloud.md
@@ -6,6 +6,11 @@ description: Many cloud storage providers require your trust that they will not
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. The alternatives listed below eliminate the need for trust by implementing secure E2EE.
If these alternatives do not fit your needs, we suggest you look into using encryption software like [Cryptomator](encryption.md#cryptomator-cloud) with another cloud provider. Using Cryptomator in conjunction with **any** cloud provider (including these) may be a good idea to reduce the risk of encryption flaws in a provider's native clients.
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech).
+**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/vi/cryptocurrency.md b/i18n/vi/cryptocurrency.md
index 1bc717ab..aeda299d 100644
--- a/i18n/vi/cryptocurrency.md
+++ b/i18n/vi/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
Making payments online is one of the biggest challenges to privacy. These cryptocurrencies provide transaction privacy by default (something which is **not** guaranteed by the majority of cryptocurrencies), provided you have a strong understanding of how to make private payments effectively. We strongly encourage you first read our payments overview article before making any purchases:
[Making Private Payments :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -22,7 +27,7 @@ Many if not most cryptocurrency projects are scams. Make transactions carefully
{ align=right }
-**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve anonymity. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
[:octicons-home-16: Homepage](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentation}
diff --git a/i18n/vi/desktop-browsers.md b/i18n/vi/desktop-browsers.md
index bb0495ac..f91e4afe 100644
--- a/i18n/vi/desktop-browsers.md
+++ b/i18n/vi/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **desktop web browsers** and configurations for standard/non-anonymous browsing. We recommend [Mullvad Browser](#mullvad-browser) if you are focused on strong privacy protections and anti-fingerprinting out of the box, [Firefox](#firefox) for casual internet browsers looking for a good alternative to Google Chrome, and [Brave](#brave) if you need Chromium browser compatibility.
If you need to browse the internet anonymously, you should use [Tor](tor.md) instead. We make some configuration recommendations on this page, but all browsers other than Tor Browser will be traceable by *somebody* in some manner or another.
@@ -67,7 +71,7 @@ If you need to browse the internet anonymously, you should use [Tor](tor.md) ins
{ align=right }
-**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed, aimed at providing Tor Browser's anti-fingerprinting browser technologies to VPN users. It is developed by the Tor Project and distributed by [Mullvad](vpn.md#mullvad), and does **not** require the use of Mullvad's VPN.
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. It is developed by the Tor Project and distributed by [Mullvad](vpn.md#mullvad), and does **not** require the use of Mullvad's VPN.
[:octicons-home-16: Homepage](https://mullvad.net/en/browser){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mullvad.net/en/help/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/vi/device-integrity.md b/i18n/vi/device-integrity.md
index fb19bab5..7de334df 100644
--- a/i18n/vi/device-integrity.md
+++ b/i18n/vi/device-integrity.md
@@ -45,6 +45,10 @@ These tools provide analysis based on the information they have the ability to a
## External Verification Tools
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -128,6 +132,11 @@ iMazing automates and interactively guides you through the process of using [MVT
## On-Device Verification
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
@@ -181,6 +190,10 @@ If your [threat model](basics/threat-modeling.md) requires privacy, you could co
## On-Device Scanners
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install on your device which scan your device for signs of compromise.
@@ -221,7 +234,7 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
{ align=right }
-**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Homepage](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/vi/dns.md b/i18n/vi/dns.md
index a1d69e89..5e58df19 100644
--- a/i18n/vi/dns.md
+++ b/i18n/vi/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
Encrypted DNS with third-party servers should only be used to get around basic [DNS blocking](https://en.wikipedia.org/wiki/DNS_blocking) when you can be sure there won't be any consequences. Encrypted DNS will not help you hide any of your browsing activity.
[Learn more about DNS :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/vi/document-collaboration.md b/i18n/vi/document-collaboration.md
index db613c86..2d506972 100644
--- a/i18n/vi/document-collaboration.md
+++ b/i18n/vi/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/vi/email-aliasing.md b/i18n/vi/email-aliasing.md
index 550ff176..895da806 100644
--- a/i18n/vi/email-aliasing.md
+++ b/i18n/vi/email-aliasing.md
@@ -5,6 +5,11 @@ description: An email aliasing service allows you to easily generate a new email
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md). True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
diff --git a/i18n/vi/encryption.md b/i18n/vi/encryption.md
index e58c3f62..efc70ddb 100644
--- a/i18n/vi/encryption.md
+++ b/i18n/vi/encryption.md
@@ -14,11 +14,15 @@ The options listed here are multi-platform and great for creating encrypted back
### Cryptomator (Cloud)
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
{ align=right }
-**Cryptomator** is an encryption solution designed for privately saving files to any cloud provider. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.
[:octicons-home-16: Homepage](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Privacy Policy" }
@@ -49,6 +53,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Picocrypt (File)
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -83,6 +91,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### VeraCrypt (Disk)
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -114,6 +126,10 @@ Truecrypt has been [audited a number of times](https://en.wikipedia.org/wiki/Tru
## OS Full Disk Encryption
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
### BitLocker
@@ -238,6 +254,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## Command-line
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Tools with command-line interfaces are useful for integrating [shell scripts](https://en.wikipedia.org/wiki/Shell_script).
### Kryptor
@@ -284,6 +304,12 @@ Tools with command-line interfaces are useful for integrating [shell scripts](ht
## OpenPGP
+Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP is sometimes needed for specific tasks such as digitally signing and encrypting email. PGP has many features and is [complex](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) as it has been around a long time. For tasks such as signing or encrypting files, we suggest the above options.
When encrypting with PGP, you have the option to configure different options in your `gpg.conf` file. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/vi/file-sharing.md b/i18n/vi/file-sharing.md
index 53a8aacc..7601fb32 100644
--- a/i18n/vi/file-sharing.md
+++ b/i18n/vi/file-sharing.md
@@ -5,6 +5,10 @@ description: Discover how to privately share your files between your devices, wi
cover: file-sharing.webp
---
+Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Discover how to privately share your files between your devices, with your friends and family, or anonymously online.
## File Sharing
@@ -39,7 +43,7 @@ ffsend upload --host https://send.vis.ee/ FILE
{ align=right }
-**OnionShare** is an open-source tool that lets you securely and anonymously share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.
[:octicons-home-16: Homepage](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Onion Service" }
@@ -57,6 +61,8 @@ ffsend upload --host https://send.vis.ee/ FILE
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### Framadate
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
diff --git a/i18n/vi/language-tools.md b/i18n/vi/language-tools.md
index baeb4aca..840f6e7c 100644
--- a/i18n/vi/language-tools.md
+++ b/i18n/vi/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/vi/mobile-browsers.md b/i18n/vi/mobile-browsers.md
index 66606dcb..fcea48c4 100644
--- a/i18n/vi/mobile-browsers.md
+++ b/i18n/vi/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. If you need to browse the internet anonymously, you should use [Tor](tor.md) instead.
## Android
diff --git a/i18n/vi/mobile-phones.md b/i18n/vi/mobile-phones.md
index 11067912..cf1e3b59 100644
--- a/i18n/vi/mobile-phones.md
+++ b/i18n/vi/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/vi/multi-factor-authentication.md b/i18n/vi/multi-factor-authentication.md
index 510aae9e..22dcb75b 100644
--- a/i18n/vi/multi-factor-authentication.md
+++ b/i18n/vi/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Hardware Keys
diff --git a/i18n/vi/notebooks.md b/i18n/vi/notebooks.md
index a7aa6deb..1fff7a6b 100644
--- a/i18n/vi/notebooks.md
+++ b/i18n/vi/notebooks.md
@@ -5,6 +5,10 @@ description: These encrypted note-taking apps let you keep track of your notes w
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Theo dõi các ghi chú và nhật ký của bạn mà không đưa chúng cho bên thứ ba.
Nếu bạn hiện đang sử dụng một ứng dụng như Evernote, Google Keep hoặc Microsoft OneNote, chúng tôi khuyên bạn nên chọn một ứng dụng thay thế hỗ trợ E2EE tại đây.
diff --git a/i18n/vi/os/ios-overview.md b/i18n/vi/os/ios-overview.md
index b0935919..0100a6f3 100644
--- a/i18n/vi/os/ios-overview.md
+++ b/i18n/vi/os/ios-overview.md
@@ -42,7 +42,7 @@ You can also protect your data by limiting what you sync to iCloud in the first
A paid **iCloud+** subscription (with any iCloud storage plan) comes with some privacy-protecting functionality. While these may provide adequate service for current iCloud customers, we wouldn't recommend purchasing an iCloud+ plan over a [VPN](../vpn.md) and [standalone email aliasing service](../email-aliasing.md) just for these features alone.
-**Private Relay** is a proxy service which relays your Safari traffic through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a full VPN, Private Relay does not protect traffic from your apps outside of Safari.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Hide My Email** is Apple's email aliasing service. You can create an email aliases for free when you *Sign In With Apple* on a website or app, or generate unlimited aliases on demand with a paid iCloud+ plan. Hide My Email has the advantage of using the `@icloud.com` domain for its aliases, which may be less likely to be blocked compared to other email aliasing services, but does not offer functionality offered by standalone services such as automatic PGP encryption or multiple mailbox support.
diff --git a/i18n/vi/passwords.md b/i18n/vi/passwords.md
index 8bc2381f..95b503a6 100644
--- a/i18n/vi/passwords.md
+++ b/i18n/vi/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[Introduction to Passwords :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/vi/photo-management.md b/i18n/vi/photo-management.md
index ac0dd6eb..3067b317 100644
--- a/i18n/vi/photo-management.md
+++ b/i18n/vi/photo-management.md
@@ -5,6 +5,11 @@ description: Photo management tools to keep your personal photos safe from the p
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. These options keep your personal photos private, while allowing you to share them only with family and trusted people.
## Ente Photos
diff --git a/i18n/vi/real-time-communication.md b/i18n/vi/real-time-communication.md
index da87e285..aacdb131 100644
--- a/i18n/vi/real-time-communication.md
+++ b/i18n/vi/real-time-communication.md
@@ -6,6 +6,13 @@ description: Other instant messengers make all of your private conversations ava
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[Types of Communication Networks :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -67,7 +74,7 @@ We have some additional tips on configuring and hardening your Signal installati
{ align=right }
-**SimpleX** Chat is an instant messenger that is decentralized and doesn't depend on any unique identifiers such as phone numbers or usernames. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Users of SimpleX Chat can scan a QR code or click an invite link to participate in group conversations.
[:octicons-home-16: Homepage](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Privacy Policy" }
@@ -98,7 +105,7 @@ SimpleX Chat supports basic group chatting functionality, direct messaging, and
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/vi/security-keys.md b/i18n/vi/security-keys.md
index 37d5bf6d..a33db6b9 100644
--- a/i18n/vi/security-keys.md
+++ b/i18n/vi/security-keys.md
@@ -5,6 +5,11 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A physical **security key** adds a very strong layer of protection to your online accounts. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/vi/tools.md b/i18n/vi/tools.md
index e1349c84..0254b077 100644
--- a/i18n/vi/tools.md
+++ b/i18n/vi/tools.md
@@ -31,6 +31,15 @@ For more details about each project, why they were chosen, and additional tips o
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/vi/tor.md b/i18n/vi/tor.md
index 69cd62d0..ed83d06e 100644
--- a/i18n/vi/tor.md
+++ b/i18n/vi/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Tor** is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. Individuals and organizations can also share information over the Tor network with ".onion hidden services" without compromising their privacy. Because Tor traffic is difficult to block and trace, Tor is an effective censorship circumvention tool.
[Detailed Tor Overview :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-
-There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for anonymous browsing for desktop computers and Android.
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
-If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Tor Browser
diff --git a/i18n/vi/vpn.md b/i18n/vi/vpn.md
index 6a402cd8..dc1fc23f 100644
--- a/i18n/vi/vpn.md
+++ b/i18n/vi/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/zh-Hant/alternative-networks.md b/i18n/zh-Hant/alternative-networks.md
index 94bffa84..9c11f89c 100644
--- a/i18n/zh-Hant/alternative-networks.md
+++ b/i18n/zh-Hant/alternative-networks.md
@@ -5,9 +5,15 @@ description: 這些工具可存取萬維網以外的網路。
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## 匿名網路
-當談到匿名網路時,要特別注意的是 我們首選的[Tor](advanced/tor-overview.md) 。 它是迄今為止使用最多、研究最深入、開發最活躍的匿名網路。 使用其他網路有可能危及匿名性,除非知道自己在做什麼。
+當談到匿名網路時,要特別注意的是 我們首選的[Tor](advanced/tor-overview.md) 。 它是迄今為止使用最多、研究最深入、開發最活躍的匿名網路。 Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### Tor
@@ -15,7 +21,7 @@ cover: alternative-networks.webp
{ align=right }
-**Tor** 網絡是一組由志願者操作的伺服器,可免費連線,並改善隱私權和安全性。 個人和組織還可以通過 Tor 網絡與“.onion 隱藏服務”分享資訊,而不會損害他們的隱私。 很難阻止和追蹤 Tor 流量,因此它是一種有效的審查規避工具。
+**Tor** 網絡是一組由志願者操作的伺服器,可免費連線,並改善隱私權和安全性。 個人和組織還可以通過 Tor 網絡與“.onion 隱藏服務”分享資訊,而不會損害他們的隱私。 Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title=Homepage }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
diff --git a/i18n/zh-Hant/android/distributions.md b/i18n/zh-Hant/android/distributions.md
index e77e2ca0..cf0327ab 100644
--- a/i18n/zh-Hant/android/distributions.md
+++ b/i18n/zh-Hant/android/distributions.md
@@ -31,6 +31,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
**基於 Android 的自訂作業系統**(通常稱為 **自訂 ROM**)是在裝置上實現更高層級的隱私和安全性的流行方法。 這與 Android 的「stock」版本形成鮮明對比,「stock」版本是手機出廠時附帶的,並且通常與 Google Play 服務 深度整合。
我們建議您在裝置上安裝這些自訂 Android 作業系統之一(按優先順序列出),具體取決於您的裝置與這些作業系統的相容性。
diff --git a/i18n/zh-Hant/android/general-apps.md b/i18n/zh-Hant/android/general-apps.md
index c2e2d779..abcdb5eb 100644
--- a/i18n/zh-Hant/android/general-apps.md
+++ b/i18n/zh-Hant/android/general-apps.md
@@ -91,6 +91,11 @@ Shelter 支援阻止跨配置檔案的聯絡人搜尋以及透過預設檔案管
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/zh-Hant/browser-extensions.md b/i18n/zh-Hant/browser-extensions.md
index db2ca566..469a0028 100644
--- a/i18n/zh-Hant/browser-extensions.md
+++ b/i18n/zh-Hant/browser-extensions.md
@@ -5,6 +5,10 @@ description: 這些瀏覽器擴充套件可以增強瀏覽體驗並保護隱私
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
一般來說,建議將瀏覽器擴充套件維持在最低限度,以減少攻擊面。 它們在瀏覽器中擁有特權存取權限,要求用戶信任開發人員,也會[突顯出讓瀏覽器](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint),[削弱](https:/ /groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ)站點隔離。
然而,有些提供的功能在某些情況下可以克服這些缺點,特別是在[內容攔截](basics/common-threats.md#mass-surveillance-programs)方面。
@@ -56,7 +60,7 @@ uBlock Origin 還有一個「Lite」版本,與原始版相比,其功能集
{ align=right }
-**uBlock Origin Lite** 是相容於 Manifest V3 的內容攔截器。 相較於 _uBlock Origin_ ,此附加元件不需要廣泛的「讀取/修改資料」權限即可運作。
+**uBlock Origin Lite** 是相容於 Manifest V3 的內容攔截器。 Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/zh-Hant/calendar.md b/i18n/zh-Hant/calendar.md
index 60fa5ecb..534c8e07 100644
--- a/i18n/zh-Hant/calendar.md
+++ b/i18n/zh-Hant/calendar.md
@@ -5,6 +5,11 @@ description: 行事曆包含一些您最敏感的資料,使用實現靜態加
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: 被動攻擊](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: 服務提供商](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Calendars** contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
## Tuta
diff --git a/i18n/zh-Hant/cloud.md b/i18n/zh-Hant/cloud.md
index e94d59d9..3efd3423 100644
--- a/i18n/zh-Hant/cloud.md
+++ b/i18n/zh-Hant/cloud.md
@@ -6,6 +6,11 @@ description: 許多雲端儲存服務供應商需要您相信他們不會查看
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: 被動攻擊](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: 服務提供商](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. 下面列出的替代方案通過實施安全的 E2EE,消除了對信任的需要。
如果這些替代方案不符合您的需求,建議您考慮使用其他雲端提供商的加密軟件,例如 [Cryptomator](encryption.md#cryptomator-cloud) 。 把 Cryptomator 結合在 **任一種** 雲服務商(包含這裡推薦的) 也是好方法,可減低某服務商原生客立端加密漏洞之風險。
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** 是去中心化協定的儲存、社交媒體和應用程式開源平台。 其提供安全且私密的空間,用戶可以在其中儲存、分享和查看照片、影片、文件等。 Peergos 透過抗量子端對端加密來保護檔案,並確保有關檔案所有資料保持私密。 它建構在 [IPFS(星際檔案系統)](https://ipfs.tech) 。
+**Peergos** 是去中心化協定的儲存、社交媒體和應用程式開源平台。 其提供安全且私密的空間,用戶可以在其中儲存、分享和查看照片、影片、文件等。 Peergos 透過抗量子端對端加密來保護檔案,並確保有關檔案所有資料保持私密。 It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/zh-Hant/cryptocurrency.md b/i18n/zh-Hant/cryptocurrency.md
index e42e8b08..12183088 100644
--- a/i18n/zh-Hant/cryptocurrency.md
+++ b/i18n/zh-Hant/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: 大規模監控](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: 審查](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
線上支付是隱私面臨的最大挑戰之一。 下列加密貨幣預設提供交易隱私(大多數加密貨幣**並未保證**如此 ),前提是您對如何有效地進行私人支付有深入了解。 我們強烈建議您在網路購買前先閱讀本站私密付款之介紹:
[私密付款 :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -20,9 +25,9 @@ cover: cryptocurrency.webp
-{ align=right }
+{ align=right }
-**Monero** 使用增強隱私技術的區塊鏈,混淆交易以實現匿名性。 每筆 Monero 交易都隱藏了交易金額、發送和接收地址以及資金來源,使其成為加密貨幣新手的理想選擇。
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. 每筆 Monero 交易都隱藏了交易金額、發送和接收地址以及資金來源,使其成為加密貨幣新手的理想選擇。
[:octicons-home-16: Homepage](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentation}
diff --git a/i18n/zh-Hant/desktop-browsers.md b/i18n/zh-Hant/desktop-browsers.md
index 958624a6..b20b31ec 100644
--- a/i18n/zh-Hant/desktop-browsers.md
+++ b/i18n/zh-Hant/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: 監控資本主義](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
這些是我們目前推薦的**桌面瀏覽器**和標準/非匿名瀏覽的設定。 如果您重視強大的隱私保護和內建的的反指紋追蹤功能,我們推薦使用 [Mullvad 瀏覽器](#mullvad-browser);如果您在尋求 Google Chrome 的良好替代方案的休閒用網路瀏覽器,我們推薦使用 [Firefox](#firefox);如果您需要 Chromium 的瀏覽器相容性,我們推薦使用 [Brave](#brave)。
如果您需要匿名瀏覽網際網路,應該使用 [Tor](tor.md)。 我們在此頁面提供一些設定建議,但除了 Tor 瀏覽器以外的所有瀏覽器都可能以某種方式被*某人*追蹤。
@@ -65,9 +69,9 @@ schema:
-{ align=right }
+{ align=right }
-**Mullvad 瀏覽器** 是移除 Tor 網路整合的 [Tor 瀏覽器](tor.md#tor-browser) 版本,旨在為 VPN 使用者提供 Tor 瀏覽器的反指紋辨識技術。 它由 Tor Porject 開發並由 [Mullvad](vpn.md#mullvad) 發佈,且**不**需要使用 Mullvad 的 VPN。
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. 它由 Tor Porject 開發並由 [Mullvad](vpn.md#mullvad) 發佈,且**不**需要使用 Mullvad 的 VPN。
[:octicons-home-16: 首頁](https://mullvad.net/en/browser){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mullvad.net/en/help/privacy-policy){ .card-link title="隱私權政策" }
diff --git a/i18n/zh-Hant/device-integrity.md b/i18n/zh-Hant/device-integrity.md
index 9864a2f0..357a1c58 100644
--- a/i18n/zh-Hant/device-integrity.md
+++ b/i18n/zh-Hant/device-integrity.md
@@ -45,6 +45,10 @@ cover: device-integrity.webp
## 外部驗證工具
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -128,6 +132,11 @@ iMazing 會自動並以互動方式引導完成使用 [MVT](#mobile-verification
## 裝置驗證
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
可安裝這些應用程式來檢查裝置和作業系統是否有篡改跡象,並驗證裝置的身份。
@@ -181,6 +190,10 @@ Auditor is not a scanning/analysis tool like some other tools on this page. Rath
## 設備掃瞄器
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
可在設備上安裝這些應用程序,這些應用程式會掃描裝置是否有遭駭洩漏跡象。
@@ -221,7 +234,7 @@ Hypatia 特別擅長偵測常見的追蹤軟體:如果懷疑自己是追蹤軟
{ align=right }
-**iVerify** 是一款 iOS 應用程式,會自動掃描裝置檢查配置設定、修補程式等級和其他安全性領域。 它還會檢查裝置是否有被越獄工具或間諜軟體(例如 Pegasus)入侵的跡象。
+**iVerify** 是一款 iOS 應用程式,會自動掃描裝置檢查配置設定、修補程式等級和其他安全性領域。 It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Homepage](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/zh-Hant/dns.md b/i18n/zh-Hant/dns.md
index 53cb0f6f..4ef7762e 100644
--- a/i18n/zh-Hant/dns.md
+++ b/i18n/zh-Hant/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: 監控資本主義](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
使用第三方伺服器的加密 DNS 只能避開基本的 [DNS 封鎖](https://en.wikipedia.org/wiki/DNS_blocking) ,當您確定不會有不良後果時。 加密的 DNS 無法為您隱藏瀏覽活動。
[了解更多 DNS :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/zh-Hant/document-collaboration.md b/i18n/zh-Hant/document-collaboration.md
index 9664e95d..b140ab68 100644
--- a/i18n/zh-Hant/document-collaboration.md
+++ b/i18n/zh-Hant/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/zh-Hant/email-aliasing.md b/i18n/zh-Hant/email-aliasing.md
index 3397879a..faee8c5f 100644
--- a/i18n/zh-Hant/email-aliasing.md
+++ b/i18n/zh-Hant/email-aliasing.md
@@ -5,6 +5,11 @@ description: 電子郵件別名服務可輕鬆地替每次網站註冊生成一
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. 電子郵件別名會自動把郵件轉發到所選擇的電子郵件地址,以隱藏“主要”電子郵件地址和[電子郵件提供商](email.md)。 真正的電子郵件別名比許多提供商常用和支持的加地址更好,可自行創建別名,如 'yourname +[anythinghere]@ example.com' ,因為網站,廣告商和跟蹤網絡可以簡單地刪除+符號之後的任何內容,以知道使用者真實電子郵件地址。 [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) 等組織要求廣告商[規範化電子郵件地址](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) ,無論用戶的隱私意願,都可以關聯和追蹤它們。
diff --git a/i18n/zh-Hant/encryption.md b/i18n/zh-Hant/encryption.md
index b7a40af2..b16efcb3 100644
--- a/i18n/zh-Hant/encryption.md
+++ b/i18n/zh-Hant/encryption.md
@@ -14,11 +14,15 @@ cover: encryption.webp
### Cryptomator (雲端)
+
Protects against the following threat(s):
+
+- [:material-bug-outline: 被動攻擊](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
{ align=right }
-**Cryptomator** 是一種加密解決方案,專為將檔案私密保存到任何雲端提供商而設計。 它允許您創建存儲在虛擬驅動器上的保管庫,其內容已加密並與雲端儲存供應商同步。
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. 它允許您創建存儲在虛擬驅動器上的保管庫,其內容已加密並與雲端儲存供應商同步。
[:octicons-home-16: Homepage](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Privacy Policy" }
@@ -49,6 +53,10 @@ Cryptomator 的文件詳細介紹它的預期[安全目標](https://docs.cryptom
### Picocrypt (檔案)
+
Protects against the following threat(s):
+
+- [:material-target-account: 針對性攻擊](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -72,6 +80,10 @@ Cryptomator 的文件詳細介紹它的預期[安全目標](https://docs.cryptom
### VeraCrypt (磁碟)
+
Protects against the following threat(s):
+
+- [:material-target-account: 針對性攻擊](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -103,6 +115,10 @@ Truecrypt 已完成[多次審計](https://en.wikipedia.org/wiki/TrueCrypt#Securi
## 作業系統完整磁碟加密
+Protects against the following threat(s):
+
+- [:material-target-account: 針對性攻擊](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
加密開機用的作業系統,我們通常建議使用其隨附的加密軟體,而不是第三方工具。 因為作業系統原生的加密工具通常會使用作業系統和硬體特定的功能,例如裝置中的[安全加密處理器](https://en.wikipedia.org/wiki/Secure_cryptoprocessor)保護電腦免於進階的實體攻擊。 至於*非開機用*的輔助磁碟和外接硬碟,我們則建議使用開源工具,例如
VeraCrypt< /a> ,因為它們提供了額外的靈活性避免供應商鎖定。
@@ -252,6 +268,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## 命令列
+Protects against the following threat(s):
+
+- [:material-target-account: 針對性攻擊](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
命令行界面的工具可用於集成 [shell 腳本](https://en.wikipedia.org/wiki/Shell_script)。
@@ -300,6 +320,12 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## OpenPGP
+Protects against the following threat(s):
+
+- [:material-target-account: 針對性攻擊](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: 被動攻擊](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: 服務提供商](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP 有時需要執行特定任務,例如數位簽署和加密電子郵件。 PGP具有許多功能,但也有爭議 [複數](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) ,因為它已經存在了很長時間。 對於簽署或加密檔案等任務,我們建議您使用上述選項。
使用 PGP 加密時,您可以選擇在 `gpg.conf` 檔案中設定不同的選項。 我們建議您繼續使用 [ GnuPG 用戶常見問題集](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf)中指定的標準選項。
diff --git a/i18n/zh-Hant/file-sharing.md b/i18n/zh-Hant/file-sharing.md
index 331586d3..2e086ba7 100644
--- a/i18n/zh-Hant/file-sharing.md
+++ b/i18n/zh-Hant/file-sharing.md
@@ -5,6 +5,10 @@ description: 探索如何在裝置之間、與朋友和家人私下分享檔案
cover: file-sharing.webp
---
+Protects against the following threat(s):
+
+- [:material-server-network: 服務提供商](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
探索如何在裝置之間、與朋友和家人私下分享檔案,或匿名上線。
## 檔案分享
@@ -39,7 +43,7 @@ ffsend upload --host https://send.vis.ee/ FILE
{ align=right }
-**OnionShare** 是一個開源工具,可讓您安全匿名地共享任何大小的檔案。 它的工作原理是啟動可作為 Tor 洋蔥服務訪問的網頁伺服器,具有一個無法猜測的URL ,您可以與收件人共享以下載或發送檔案。
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. 它的工作原理是啟動可作為 Tor 洋蔥服務訪問的網頁伺服器,具有一個無法猜測的URL ,您可以與收件人共享以下載或發送檔案。
[:octicons-home-16: Homepage](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Onion Service" }
@@ -57,6 +61,8 @@ ffsend upload --host https://send.vis.ee/ FILE
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### 標準
**請注意,我們所推薦專案沒有任何瓜葛。 ** 除了 [標準準則](about/criteria.md)外,我們還發展出一套明確要求以提出客觀建議。 我們建議您在選擇使用項目之前先熟悉此列表,並進行自己的研究,以確保它是您的正確選擇。
diff --git a/i18n/zh-Hant/language-tools.md b/i18n/zh-Hant/language-tools.md
index 6fa84289..2e5e2c2d 100644
--- a/i18n/zh-Hant/language-tools.md
+++ b/i18n/zh-Hant/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/zh-Hant/mobile-browsers.md b/i18n/zh-Hant/mobile-browsers.md
index 66d8fd46..927b4384 100644
--- a/i18n/zh-Hant/mobile-browsers.md
+++ b/i18n/zh-Hant/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: 監控資本主義](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
這些是我們目前推薦的 **行動網路瀏覽器** 以及 標準/非匿名網路瀏覽 的配置。 如果需要匿名瀏覽網際網路,您應該使用 [Tor](tor.md) 代替。
## Android
diff --git a/i18n/zh-Hant/mobile-phones.md b/i18n/zh-Hant/mobile-phones.md
index 08cc5b4a..6f4460c1 100644
--- a/i18n/zh-Hant/mobile-phones.md
+++ b/i18n/zh-Hant/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/zh-Hant/multi-factor-authentication.md b/i18n/zh-Hant/multi-factor-authentication.md
index a6b214b2..06c44695 100644
--- a/i18n/zh-Hant/multi-factor-authentication.md
+++ b/i18n/zh-Hant/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: 這些工具可協助透過多重身份驗證保護網路帳戶,
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: 針對性攻擊](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
硬體金鑰
diff --git a/i18n/zh-Hant/notebooks.md b/i18n/zh-Hant/notebooks.md
index 50de47c7..4d04d959 100644
--- a/i18n/zh-Hant/notebooks.md
+++ b/i18n/zh-Hant/notebooks.md
@@ -5,6 +5,10 @@ description: 這些加密的筆記錄應用程式可讓您跟進記錄,而無
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: 服務提供商](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
保存記錄您的筆記和日誌,不要將它們提供給第三方。
如果您目前使用的是 Evernote、Google Keep 或 Microsoft OneNote 等應用程式,我們建議您在這裡選擇一個支援 E2EE 的替代方案。
diff --git a/i18n/zh-Hant/os/ios-overview.md b/i18n/zh-Hant/os/ios-overview.md
index 5624668d..09d75a3c 100644
--- a/i18n/zh-Hant/os/ios-overview.md
+++ b/i18n/zh-Hant/os/ios-overview.md
@@ -42,7 +42,7 @@ Apple 產品的大多數隱私和安全問題與其雲服務有關,而不是
付費 **iCloud+** 訂閱(任何 iCloud 存儲方案)附帶一些隱私保護功能。 雖然這些能為當前 iCloud 客戶提供足夠服務,但不建議通過 [VPN](../vpn.md) 購買 iCloud 方案,和將 [獨立電子郵件別名服務](../email-aliasing.md)僅用在這些功能。
-**Private Relay** 為代理服務,通過兩台伺服器中繼 Safari 流量:一台由 Apple 擁有,另一台由第三方提供商(包括 Akamai、Cloudflare 和 Fastly)擁有 )。 理論上這應該可以防止鏈中的任何單一提供商(包括 Apple)完全了解您連線訪問的網站。 與完整的 VPN 不同,Private Relay 不會保護 Safari 以外其它應用程式的流量。
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). 理論上這應該可以防止鏈中的任何單一提供商(包括 Apple)完全了解您連線訪問的網站。 Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Hide My Email** 是 Apple 電子郵件別名服務。 當您在網站或應用程式上*使用 Apple 登錄*時,您可以免費創建電子郵件別名,或者通過付費 iCloud+ 方案生成無數的別名。 Hide My Email 的優點是使用 `@icloud.com` 域作為其別名,與其他電子郵件別名服務相比,它可能不太可能被阻止,但不提供獨立服務提供的功能,例如 例如自動 PGP 加密或多郵箱支持。
diff --git a/i18n/zh-Hant/passwords.md b/i18n/zh-Hant/passwords.md
index 1f9854f3..fa9c7665 100644
--- a/i18n/zh-Hant/passwords.md
+++ b/i18n/zh-Hant/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: 針對性攻擊](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: 被動攻擊](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: 服務提供商](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[密碼介紹 :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/zh-Hant/photo-management.md b/i18n/zh-Hant/photo-management.md
index 3311a15f..b8963b71 100644
--- a/i18n/zh-Hant/photo-management.md
+++ b/i18n/zh-Hant/photo-management.md
@@ -5,6 +5,11 @@ description: 照片管理工具可確保個人照片免受雲端儲存提供者
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. 這些選項可保密個人照片,同時允許您僅與家人和信任的人分享。
## Ente Photos
diff --git a/i18n/zh-Hant/real-time-communication.md b/i18n/zh-Hant/real-time-communication.md
index 2b45c0ed..aa772125 100644
--- a/i18n/zh-Hant/real-time-communication.md
+++ b/i18n/zh-Hant/real-time-communication.md
@@ -6,6 +6,13 @@ description: 其他即時通訊則會讓用戶所有的私人對話被該軟體
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: 被動攻擊](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: 服務提供商](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: 大規模監控](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: 監控資本主義](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[通訊網絡 :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -67,7 +74,7 @@ Signal 需要手機號碼才能註冊,但是您應該建立用戶名,以隱
{ align=right }
-**SimpleX** Chat 是一個分散的即時通訊工具,不依賴任何獨有識別碼,如電話號碼或用戶名。 SimpleX Chat 使用者可以掃描二維碼或點擊邀請連結以參與羣組對話。
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. SimpleX Chat 使用者可以掃描二維碼或點擊邀請連結以參與羣組對話。
[:octicons-home-16: Homepage](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Privacy Policy" }
@@ -98,7 +105,7 @@ SimpleX Chat 提供基本的小組聊天功能、直接傳訊與 markdown 格式
{ align=right }
-**Briar** 是 [連接](https://briarproject.org/how-it-works)其他使用 Tor網路客戶端的加密即時通訊工具。 Briar 還可以在本地附近通過 Wi-Fi 或藍牙連接。 當無法使用網際網路時, Briar 的本地網格(mesh)模式可能很有用。
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar 還可以在本地附近通過 Wi-Fi 或藍牙連接。 當無法使用網際網路時, Briar 的本地網格(mesh)模式可能很有用。
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/zh-Hant/security-keys.md b/i18n/zh-Hant/security-keys.md
index d1f8dd50..9d2b0dd5 100644
--- a/i18n/zh-Hant/security-keys.md
+++ b/i18n/zh-Hant/security-keys.md
@@ -5,6 +5,11 @@ description: 這些工具可協助透過多重身份驗證保護網路帳戶,
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
實體**安全密鑰**可為線上帳戶添加強大的保護層。 與[驗證器應用程式](multi-factor-authentication.md) 相比,FIDO2 安全密鑰協定不受網路釣魚的影響,在沒持有金鑰的情況下不會受到損害。 許多服務支援 FIDO2/WebAuthn 作為保護帳戶安全的多因素驗證選項,且某些服務可用安全金鑰作為無密碼身份驗證的強大單因素驗證器。
## YubiKey 安全金鑰
diff --git a/i18n/zh-Hant/tools.md b/i18n/zh-Hant/tools.md
index 303c4825..03714f05 100644
--- a/i18n/zh-Hant/tools.md
+++ b/i18n/zh-Hant/tools.md
@@ -31,6 +31,15 @@ description: Privacy Guides 是最透明和可靠的網站,用於尋找保護
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/zh-Hant/tor.md b/i18n/zh-Hant/tor.md
index 66214bf1..61b5dfac 100644
--- a/i18n/zh-Hant/tor.md
+++ b/i18n/zh-Hant/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: 監控資本主義](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: 大規模監控](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: 審查](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Tor** 網絡是一組由志願者操作的伺服器,可讓您免費連線,並改善您的隱私權和安全性。 個人和組織還可以通過 Tor 網絡與“.onion 隱藏服務”分享資訊,而不會損害他們的隱私。 很難阻止和追蹤 Tor 流量,因此它是一種有效的審查規避工具。
[詳細的 Tor 總覽 :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ schema:
-有多種方式可以從您的設備連上 Tor 網絡,最常用的是 ** Tor 瀏覽器**,這是 Firefox 的一個分支,專為桌面電腦和 Android 的匿名瀏覽而設計。
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
其些應用程式比其他應用程式更好,但再次提醒其選用決定取決於您的威脅模型。 如果是Tor 的一般使用者,不擔心 ISP 收集針對您的證據,那麼使用[Orbot](#orbot) 等應用程式或行動瀏覽器應用程式訪用 Tor 網絡可能沒問題。 越多人使用 Tor 有助於減少 Tor 的不良印記,降低 ISP 和政府可能編制的「Tor 用戶清單」內容。
-如果更完全的匿名至關重要,則應 **僅使用** 桌面版的 Tor 客戶端應用,最好再加上[Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) 一起搭配使用。 行動瀏覽器在 Tor 上不太常見(因此更容易識別指紋),且其他配置未經嚴格的去匿名化測試。
+如果更完全的匿名至關重要,則應 **僅使用** 桌面版的 Tor 客戶端應用,最好再加上[Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) 一起搭配使用。 Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Tor 瀏覽器
diff --git a/i18n/zh-Hant/vpn.md b/i18n/zh-Hant/vpn.md
index e6bc5e7b..6e97f355 100644
--- a/i18n/zh-Hant/vpn.md
+++ b/i18n/zh-Hant/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: 監控資本主義](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
diff --git a/i18n/zh/alternative-networks.md b/i18n/zh/alternative-networks.md
index 0552e32f..1b3241fd 100644
--- a/i18n/zh/alternative-networks.md
+++ b/i18n/zh/alternative-networks.md
@@ -5,9 +5,15 @@ description: These tools allow you to access networks other than the World Wide
cover: alternative-networks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
## Anonymizing Networks
-When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your anonymity, unless you know what you're doing.
+When it comes to anonymizing networks, we want to specially note that [Tor](advanced/tor-overview.md) is our top choice. It is by far the most utilized, robustly studied, and actively developed anonymous network. Using other networks could be more likely to endanger your [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }, unless you know what you're doing.
### Tor
@@ -15,7 +21,7 @@ When it comes to anonymizing networks, we want to specially note that [Tor](adva
{ align=right }
-The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. 个人和组织也可以通过Tor网络与".onion隐藏服务"分享信息,而不损害其隐私。 由于Tor流量难以阻止和跟踪,因此Tor是一种有效的审查规避工具。
+The **Tor** network is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. 个人和组织也可以通过Tor网络与".onion隐藏服务"分享信息,而不损害其隐私。 Because Tor traffic is difficult to block and trace, Tor is an effective [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray } circumvention tool.
[:octicons-home-16:](https://torproject.org){ .card-link title=Homepage }
[:simple-torbrowser:](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion){ .card-link title="Onion Service" }
diff --git a/i18n/zh/android/distributions.md b/i18n/zh/android/distributions.md
index 125d9089..727be70e 100644
--- a/i18n/zh/android/distributions.md
+++ b/i18n/zh/android/distributions.md
@@ -29,6 +29,8 @@ schema:
url: ./
---
+[:material-target-account:](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } [:material-bug-outline:](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A **custom Android-based operating system** (often known as a **custom ROM**) is a popular way to achieve higher levels of privacy and security on your device. This is in contrast to the "stock" version of Android which comes with your phone from the factory, and is often deeply integrated with Google Play Services.
We recommend installing one of these custom Android operating systems on your device, listed in order of preference, depending on your device's compatibility with these operating systems.
diff --git a/i18n/zh/android/general-apps.md b/i18n/zh/android/general-apps.md
index 536a11ed..77b1629f 100644
--- a/i18n/zh/android/general-apps.md
+++ b/i18n/zh/android/general-apps.md
@@ -91,6 +91,11 @@ The image orientation metadata is not deleted. If you enable location (in Secure
### Secure PDF Viewer
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
+
{ align=right }
diff --git a/i18n/zh/browser-extensions.md b/i18n/zh/browser-extensions.md
index 2ab95673..cff6f8df 100644
--- a/i18n/zh/browser-extensions.md
+++ b/i18n/zh/browser-extensions.md
@@ -5,6 +5,10 @@ description: These browser extensions can enhance your browsing experience and p
cover: browser-extensions.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
In general, we recommend keeping your browser extensions to a minimum to decrease your attack surface. They have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
However, some provide functionality which can outweigh these downsides in certain situations, particularly when it comes to [content blocking](basics/common-threats.md#mass-surveillance-programs).
@@ -56,7 +60,7 @@ uBlock Origin also has a "Lite" version of their extension, which offers a very
{ align=right }
-**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function.
+**uBlock Origin Lite** is a Manifest V3 compatible content blocker. Compared to the original _uBlock Origin_, this extension does not require broad "read/modify data" permissions to function, which lowers the risk of [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange } on your browser if a malicious rule is added to a filter list.
[:octicons-repo-16: Repository](https://github.com/uBlockOrigin/uBOL-home#readme){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/uBlockOrigin/uBOL-home/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/zh/calendar.md b/i18n/zh/calendar.md
index 0c886dd6..a47feb02 100644
--- a/i18n/zh/calendar.md
+++ b/i18n/zh/calendar.md
@@ -5,6 +5,11 @@ description: Calendars contain some of your most sensitive data; use products th
cover: calendar.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: 被动攻击](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: 服务提供商](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Calendars** contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
## Tuta
diff --git a/i18n/zh/cloud.md b/i18n/zh/cloud.md
index b577b943..52ed95dc 100644
--- a/i18n/zh/cloud.md
+++ b/i18n/zh/cloud.md
@@ -6,6 +6,11 @@ description: Many cloud storage providers require your trust that they will not
cover: cloud.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: 被动攻击](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: 服务提供商](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Many **cloud storage providers** require your full trust that they will not look at your files. The alternatives listed below eliminate the need for trust by implementing secure E2EE.
If these alternatives do not fit your needs, we suggest you look into using encryption software like [Cryptomator](encryption.md#cryptomator-cloud) with another cloud provider. Using Cryptomator in conjunction with **any** cloud provider (including these) may be a good idea to reduce the risk of encryption flaws in a provider's native clients.
@@ -89,7 +94,7 @@ They have also received the Digital Trust Label, a certification from the [Swiss
{ align=right }
-**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech).
+**Peergos** is a decentralized protocol and open-source platform for storage, social media, and applications. It provides a secure and private space where users can store, share, and view their photos, videos, documents, etc. Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files remains private. It is built on top of [IPFS (InterPlanetary File System)](https://ipfs.tech), a peer-to-peer architecture that protects against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }.
[:octicons-home-16: Homepage](https://peergos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://peergos.net/privacy.html){ .card-link title="Privacy Policy" }
diff --git a/i18n/zh/cryptocurrency.md b/i18n/zh/cryptocurrency.md
index 2fd5ccf5..f4962c4b 100644
--- a/i18n/zh/cryptocurrency.md
+++ b/i18n/zh/cryptocurrency.md
@@ -5,6 +5,11 @@ icon: material/bank-circle
cover: cryptocurrency.webp
---
+
Protects against the following threat(s):
+
+- [:material-eye-outline: 大规模监控](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: 审查](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
Making payments online is one of the biggest challenges to privacy. These cryptocurrencies provide transaction privacy by default (something which is **not** guaranteed by the majority of cryptocurrencies), provided you have a strong understanding of how to make private payments effectively. We strongly encourage you first read our payments overview article before making any purchases:
[Making Private Payments :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
@@ -22,7 +27,7 @@ Many if not most cryptocurrency projects are scams. Make transactions carefully
{ align=right }
-**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve anonymity. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
+**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple }. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
[:octicons-home-16: Homepage](https://getmonero.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://getmonero.org/resources/user-guides){ .card-link title=Documentation}
diff --git a/i18n/zh/desktop-browsers.md b/i18n/zh/desktop-browsers.md
index 6879e47c..7df3dc97 100644
--- a/i18n/zh/desktop-browsers.md
+++ b/i18n/zh/desktop-browsers.md
@@ -57,6 +57,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: 监视资本主义](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **desktop web browsers** and configurations for standard/non-anonymous browsing. 如果你需要强大的隐私保护和开箱即用的防指纹功能,我们推荐 [Mullvad 浏览器](#mullvad-browser) ;如果你需要谷歌 Chrome 浏览器的良好替代品,我们推荐 [Firefox](#firefox) ;如果你需要 Chromium 浏览器的兼容性,我们推荐 [Brave](#brave)。
如果您需要匿名浏览互联网,则应使用 [Tor](tor.md) 。 我们在本页会提出一些配置建议,但除 Tor 浏览器之外的所有浏览器都可以通过 *某种方式* 追踪到。
@@ -65,9 +69,9 @@ These are our currently recommended **desktop web browsers** and configurations
-{ align=right }
+{ align=right }
-**Mullvad 浏览器** 是 [Tor 浏览器](tor.md#tor-browser) 去除了 Tor 网络的一个版本,旨在为 VPN 用户提供 Tor 浏览器的反指纹浏览器技术。 它由 Tor 项目开发,由 [Mullvad](vpn.md#mullvad) 发布,**不需要** 使用 Mullvad 的 VPN。
+**Mullvad Browser** is a version of [Tor Browser](tor.md#tor-browser) with Tor network integrations removed. It aims to provide to VPN users Tor Browser's anti-fingerprinting browser technologies, which are key protections against [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }. 它由 Tor 项目开发,由 [Mullvad](vpn.md#mullvad) 发布,**不需要** 使用 Mullvad 的 VPN。
[:octicons-home-16: Homepage](https://mullvad.net/en/browser){ .md-button .md-button--primary }
[:octicons-eye-16:](https://mullvad.net/en/help/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/zh/device-integrity.md b/i18n/zh/device-integrity.md
index c4a19a01..63a1a62c 100644
--- a/i18n/zh/device-integrity.md
+++ b/i18n/zh/device-integrity.md
@@ -45,6 +45,10 @@ These tools provide analysis based on the information they have the ability to a
## External Verification Tools
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -128,6 +132,11 @@ iMazing automates and interactively guides you through the process of using [MVT
## On-Device Verification
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
@@ -181,6 +190,10 @@ If your [threat model](basics/threat-modeling.md) requires privacy, you could co
## On-Device Scanners
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
These are apps you can install on your device which scan your device for signs of compromise.
@@ -221,7 +234,7 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
{ align=right }
-**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
+**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or of [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red } such as [Pegasus](https://en.wikipedia.org/wiki/Pegasus_\(spyware\)).
[:octicons-home-16: Homepage](https://iverify.io/products/basic){ .md-button .md-button--primary }
[:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/zh/dns.md b/i18n/zh/dns.md
index b77e571b..cd8eb7cd 100644
--- a/i18n/zh/dns.md
+++ b/i18n/zh/dns.md
@@ -9,6 +9,10 @@ global:
- "table tbody"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: 监视资本主义](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
Encrypted DNS with third-party servers should only be used to get around basic [DNS blocking](https://en.wikipedia.org/wiki/DNS_blocking) when you can be sure there won't be any consequences. 加密的DNS不会帮助你隐藏任何浏览活动。
[Learn more about DNS :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
diff --git a/i18n/zh/document-collaboration.md b/i18n/zh/document-collaboration.md
index 4f7ed135..9bf30ec2 100644
--- a/i18n/zh/document-collaboration.md
+++ b/i18n/zh/document-collaboration.md
@@ -5,7 +5,9 @@ description: Most online office suites do not support E2EE, meaning the cloud pr
cover: document-collaboration.webp
---
-
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The provider's privacy policy may legally protect your rights, but it does not provide technical access constraints.
diff --git a/i18n/zh/email-aliasing.md b/i18n/zh/email-aliasing.md
index 2b447982..c2f4c549 100644
--- a/i18n/zh/email-aliasing.md
+++ b/i18n/zh/email-aliasing.md
@@ -5,6 +5,11 @@ description: An email aliasing service allows you to easily generate a new email
cover: email-aliasing.webp
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-account-search: Public Exposure](basics/common-threats.md#limiting-public-information){ .pg-green }
+
An **email aliasing service** allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your [email provider](email.md). True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like `yourname+[anythinghere]@example.com`, because websites, advertisers, and tracking networks can trivially remove anything after the `+` sign. Organizations like the [IAB](https://en.wikipedia.org/wiki/Interactive_Advertising_Bureau) require that advertisers [normalize email addresses](https://shkspr.mobi/blog/2023/01/the-iab-loves-tracking-users-but-it-hates-users-tracking-them) so that they can be correlated and tracked, regardless of users' privacy wishes.
diff --git a/i18n/zh/encryption.md b/i18n/zh/encryption.md
index 3f7da660..95df3bfa 100644
--- a/i18n/zh/encryption.md
+++ b/i18n/zh/encryption.md
@@ -14,11 +14,15 @@ cover: encryption.webp
### Cryptomator (云)
+
Protects against the following threat(s):
+
+- [:material-bug-outline: 被动攻击](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+
{ align=right }
-**Cryptomator** is an encryption solution designed for privately saving files to any cloud provider. 它允许你创建存储在虚拟驱动器上的保险库,其中的内容被加密并与你的云存储供应商同步。
+**Cryptomator** is an encryption solution designed for privately saving files to any cloud [:material-server-network: Service Provider](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }, eliminating the need to trust that they won't access your files. 它允许你创建存储在虚拟驱动器上的保险库,其中的内容被加密并与你的云存储供应商同步。
[:octicons-home-16: Homepage](https://cryptomator.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://cryptomator.org/privacy){ .card-link title="Privacy Policy" }
@@ -49,6 +53,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### Picocrypt (File)
+
Protects against the following threat(s):
+
+- [:material-target-account: 定向攻击](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -72,6 +80,10 @@ Cryptomator's documentation details its intended [security target](https://docs.
### VeraCrypt (磁盘)
+
Protects against the following threat(s):
+
+- [:material-target-account: 定向攻击](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
{ align=right }
@@ -103,6 +115,10 @@ Truecrypt has been [audited a number of times](https://en.wikipedia.org/wiki/Tru
## OS Full Disk Encryption
+Protects against the following threat(s):
+
+- [:material-target-account: 定向攻击](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
For encrypting the drive your operating system boots from, we generally recommend enabling the encryption software that comes with your operating system rather than using a third-party tool. This is because your operating system's native encryption tools often make use of OS and hardware-specific features like the [secure cryptoprocessor](https://en.wikipedia.org/wiki/Secure_cryptoprocessor) in your device to protect your computer against more advanced physical attacks. For secondary drives and external drives which you *don't* boot from, we still recommend using open-source tools like [VeraCrypt](#veracrypt-disk) over the tools below, because they offer additional flexibility and let you avoid vendor lock-in.
### BitLocker
@@ -227,6 +243,10 @@ cryptsetup luksHeaderBackup /dev/device --header-backup-file /mnt/backup/file.im
## Command-line
+Protects against the following threat(s):
+
+- [:material-target-account: 定向攻击](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Tools with command-line interfaces are useful for integrating [shell scripts](https://en.wikipedia.org/wiki/Shell_script).
### Kryptor
@@ -273,6 +293,12 @@ Tools with command-line interfaces are useful for integrating [shell scripts](ht
## OpenPGP
+Protects against the following threat(s):
+
+- [:material-target-account: 定向攻击](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: 被动攻击](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: 服务提供商](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
OpenPGP is sometimes needed for specific tasks such as digitally signing and encrypting email. PGP has many features and is [complex](https://latacora.micro.blog/2019/07/16/the-pgp-problem.html) as it has been around a long time. For tasks such as signing or encrypting files, we suggest the above options.
When encrypting with PGP, you have the option to configure different options in your `gpg.conf` file. We recommend staying with the standard options specified in the [GnuPG user FAQ](https://gnupg.org/faq/gnupg-faq.html#new_user_gpg_conf).
diff --git a/i18n/zh/file-sharing.md b/i18n/zh/file-sharing.md
index aa2c614f..18bf0a3b 100644
--- a/i18n/zh/file-sharing.md
+++ b/i18n/zh/file-sharing.md
@@ -5,6 +5,10 @@ description: Discover how to privately share your files between your devices, wi
cover: file-sharing.webp
---
+Protects against the following threat(s):
+
+- [:material-server-network: 服务提供商](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Discover how to privately share your files between your devices, with your friends and family, or anonymously online.
## 文件共享
@@ -39,7 +43,7 @@ ffsend upload --host https://send.vis.ee/ FILE
{ align=right }
-**OnionShare** is an open-source tool that lets you securely and anonymously share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.
+**OnionShare** is an open-source tool that lets you securely and [:material-incognito: anonymously](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.
[:octicons-home-16: Homepage](https://onionshare.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion){ .card-link title="Onion Service" }
@@ -57,6 +61,8 @@ ffsend upload --host https://send.vis.ee/ FILE
+OnionShare provides the option to connect via [Tor bridges](https://docs.onionshare.org/2.6.2/en/tor.html#automatic-censorship-circumvention) to circumvent [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}.
+
### Criteria
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
diff --git a/i18n/zh/language-tools.md b/i18n/zh/language-tools.md
index 1f6f756c..b69f9ff1 100644
--- a/i18n/zh/language-tools.md
+++ b/i18n/zh/language-tools.md
@@ -5,6 +5,13 @@ description: These language tools do not send your input text to a server and ca
cover: language-tools.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
+- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+- [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }
+
Text inputted to grammar, spelling, and style checkers, as well as translation services, can contain sensitive information which may be stored on their servers for an indefinite amount of time. The language tools listed on this page do not send your submitted text to a server, and can be self-hosted and used offline for maximum control of your data.
## LanguageTool
diff --git a/i18n/zh/mobile-browsers.md b/i18n/zh/mobile-browsers.md
index 8b3b3a52..e60f82ac 100644
--- a/i18n/zh/mobile-browsers.md
+++ b/i18n/zh/mobile-browsers.md
@@ -37,6 +37,10 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-account-cash: 监视资本主义](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. 如果您需要匿名浏览互联网,则应使用 [Tor](tor.md) 。
## 安卓
diff --git a/i18n/zh/mobile-phones.md b/i18n/zh/mobile-phones.md
index 0b93c079..acd2be3f 100644
--- a/i18n/zh/mobile-phones.md
+++ b/i18n/zh/mobile-phones.md
@@ -23,6 +23,11 @@ schema:
name: Privacy Guides
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
Most **mobile phones** receive short or limited windows of security updates from OEMs; after these devices reach the end of their support period, they **cannot** be considered secure as they no longer receive firmware or driver security updates.
The mobile devices listed here provide a long lifespan of guaranteed security updates and allow you to install a custom operating system without violating the Android security model.
diff --git a/i18n/zh/multi-factor-authentication.md b/i18n/zh/multi-factor-authentication.md
index fdc94728..37c27507 100644
--- a/i18n/zh/multi-factor-authentication.md
+++ b/i18n/zh/multi-factor-authentication.md
@@ -5,6 +5,10 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: 定向攻击](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+
Hardware Keys
diff --git a/i18n/zh/notebooks.md b/i18n/zh/notebooks.md
index d450ba8b..699e8b48 100644
--- a/i18n/zh/notebooks.md
+++ b/i18n/zh/notebooks.md
@@ -5,6 +5,10 @@ description: These encrypted note-taking apps let you keep track of your notes w
cover: notebooks.webp
---
+
Protects against the following threat(s):
+
+- [:material-server-network: 服务提供商](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
Keep track of your notes and journalings without giving them to a third-party.
If you are currently using an application like Evernote, Google Keep, or Microsoft OneNote, we suggest you pick an alternative here that supports E2EE.
diff --git a/i18n/zh/os/ios-overview.md b/i18n/zh/os/ios-overview.md
index 7a9caea5..f8fd999f 100644
--- a/i18n/zh/os/ios-overview.md
+++ b/i18n/zh/os/ios-overview.md
@@ -42,7 +42,7 @@ You can also protect your data by limiting what you sync to iCloud in the first
A paid **iCloud+** subscription (with any iCloud storage plan) comes with some privacy-protecting functionality. While these may provide adequate service for current iCloud customers, we wouldn't recommend purchasing an iCloud+ plan over a [VPN](../vpn.md) and [standalone email aliasing service](../email-aliasing.md) just for these features alone.
-**Private Relay** is a proxy service which relays your Safari traffic through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a full VPN, Private Relay does not protect traffic from your apps outside of Safari.
+[**Private Relay**](https://apple.com/legal/privacy/data/en/icloud-relay) is a proxy service which relays all of your Safari traffic, your DNS queries, and unencrypted traffic on your device through two servers: one owned by Apple and one owned by a third-party provider (including Akamai, Cloudflare, and Fastly). In theory this should prevent any single provider in the chain—including Apple—from having full visibility into which websites you visit while connected. Unlike a VPN, Private Relay does not protect traffic that's already encrypted.
**Hide My Email** is Apple's email aliasing service. You can create an email aliases for free when you *Sign In With Apple* on a website or app, or generate unlimited aliases on demand with a paid iCloud+ plan. Hide My Email has the advantage of using the `@icloud.com` domain for its aliases, which may be less likely to be blocked compared to other email aliasing services, but does not offer functionality offered by standalone services such as automatic PGP encryption or multiple mailbox support.
diff --git a/i18n/zh/passwords.md b/i18n/zh/passwords.md
index aaff7fb3..3b50ef92 100644
--- a/i18n/zh/passwords.md
+++ b/i18n/zh/passwords.md
@@ -132,6 +132,12 @@ schema:
url: "./"
---
+
Protects against the following threat(s):
+
+- [:material-target-account: 定向攻击](basics/common-threats.md#attacks-against-specific-individuals ""){.pg-red}
+- [:material-bug-outline: 被动攻击](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: 服务提供商](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+
**Password managers** allow you to securely store and manage passwords and other credentials with the use of a master password.
[Introduction to Passwords :material-arrow-right-drop-circle:](./basics/passwords-overview.md)
diff --git a/i18n/zh/photo-management.md b/i18n/zh/photo-management.md
index e1e74d24..070fac30 100644
--- a/i18n/zh/photo-management.md
+++ b/i18n/zh/photo-management.md
@@ -5,6 +5,11 @@ description: Photo management tools to keep your personal photos safe from the p
cover: photo-management.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+- [:material-server-network: Service Providers](basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+
Most cloud **photo management solutions** like Google Photos, Flickr, and Amazon Photos don't secure your photos against being accessed by the cloud storage provider themselves. These options keep your personal photos private, while allowing you to share them only with family and trusted people.
## Ente Photos
diff --git a/i18n/zh/real-time-communication.md b/i18n/zh/real-time-communication.md
index a0286f0d..4ed1f094 100644
--- a/i18n/zh/real-time-communication.md
+++ b/i18n/zh/real-time-communication.md
@@ -6,6 +6,13 @@ description: Other instant messengers make all of your private conversations ava
cover: real-time-communication.webp
---
+
Protects against the following threat(s):
+
+- [:material-bug-outline: 被动攻击](basics/common-threats.md#security-and-privacy ""){.pg-orange}
+- [:material-server-network: 服务提供商](basics/common-threats.md#privacy-from-service-providers ""){.pg-teal}
+- [:material-eye-outline: 大规模监控](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-account-cash: 监视资本主义](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+
These are our recommendations for encrypted **real-time communication**.
[通信网络的类型 :material-arrow-right-drop-circle:](./advanced/communication-network-types.md)
@@ -67,7 +74,7 @@ Signal协议在2016年被独立[审计](https://eprint.iacr.org/2016/1013.pdf)
{ align=right }
-**SimpleX** Chat 是一个去中心化的即时通讯软件,并且不依赖任何的个人识别码(电话号码,用户名等)。 SimpleX Chat的用户可以扫描二维码或着点击邀请链接参与到群组聊天。
+**SimpleX** Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. Its decentralized network makes SimpleX Chat an effective tool against [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. SimpleX Chat的用户可以扫描二维码或着点击邀请链接参与到群组聊天。
[:octicons-home-16: Homepage](https://simplex.chat){ .md-button .md-button--primary }
[:octicons-eye-16:](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md){ .card-link title="Privacy Policy" }
@@ -98,7 +105,7 @@ SimpleX Chat supports basic group chatting functionality, direct messaging, and
{ align=right }
-**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
+**Briar** is an encrypted instant messenger that [connects](https://briarproject.org/how-it-works) to other clients using the Tor Network, making it an effective tool at circumventing [:material-close-outline: Censorship](basics/common-threats.md#avoiding-censorship){ .pg-blue-gray }. Briar can also connect via Wi-Fi or Bluetooth when in local proximity. Briar’s local mesh mode can be useful when internet availability is a problem.
[:octicons-home-16: Homepage](https://briarproject.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://briarproject.org/privacy-policy){ .card-link title="Privacy Policy" }
diff --git a/i18n/zh/security-keys.md b/i18n/zh/security-keys.md
index fcbdaadd..b1d4f2cb 100644
--- a/i18n/zh/security-keys.md
+++ b/i18n/zh/security-keys.md
@@ -5,6 +5,11 @@ description: These tools assist you with securing your internet accounts with Mu
cover: multi-factor-authentication.webp
---
+
Protects against the following threat(s):
+
+- [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
+- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
+
A physical **security key** adds a very strong layer of protection to your online accounts. Compared to [authenticator apps](multi-factor-authentication.md), the FIDO2 security key protocol is immune to phishing, and cannot be compromised without physical possession of the key itself. Many services support FIDO2/WebAuthn as a multi-factor authentication option for securing your account, and some services allow you to use a security key as a strong single-factor authenticator with passwordless authentication.
## Yubico Security Key
diff --git a/i18n/zh/tools.md b/i18n/zh/tools.md
index 36721fdb..fbd7f686 100644
--- a/i18n/zh/tools.md
+++ b/i18n/zh/tools.md
@@ -31,6 +31,15 @@ If you want assistance figuring out the best privacy tools and alternative progr
+
+
Threat Model Labels
+
+You may find any of the following icons on some of the recommendation pages:
:material-incognito: :material-target-account: :material-package-variant-closed-remove: :material-bug-outline: :material-server-network: :material-eye-outline: :material-account-cash: :material-account-search: :material-close-outline:
+
+We are testing a new feature that allows readers to better identify and understand the kinds of threats that privacy tools best defend against. Let us know what you think about this feature by replying to this dedicated forum [thread](https://discuss.privacyguides.net/t/implement-threat-model-labels/18659)!
+
+
+
## Private Web Browsers
diff --git a/i18n/zh/tor.md b/i18n/zh/tor.md
index e3024289..3a54eeee 100644
--- a/i18n/zh/tor.md
+++ b/i18n/zh/tor.md
@@ -23,6 +23,12 @@ schema:
url: "./"
---
+Protects against the following threat(s):
+
+- [:material-account-cash: 监视资本主义](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
+- [:material-eye-outline: 大规模监控](basics/common-threats.md#mass-surveillance-programs ""){.pg-blue}
+- [:material-close-outline: 审查](basics/common-threats.md#avoiding-censorship ""){.pg-blue-gray}
+
**Tor** is a group of volunteer-operated servers that allows you to connect for free and improve your privacy and security on the Internet. 个人和组织也可以通过Tor网络与".onion隐藏服务"分享信息,而不损害其隐私。 由于Tor流量难以阻止和跟踪,因此Tor是一种有效的审查规避工具。
[详细的Tor概述 :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
@@ -34,11 +40,11 @@ Before connecting to Tor, please ensure you've read our [overview](advanced/tor-
-有多种方法可以从您的设备连接到Tor网络,最常用的是 **Tor浏览器**,这是Firefox的一个分支,专为桌面计算机和Android的匿名浏览而设计。
+There are a variety of ways to connect to the Tor network from your device, the most commonly used being the **Tor Browser**, a fork of Firefox designed for [:material-incognito: anonymous](basics/common-threats.md#anonymity-vs-privacy ""){.pg-purple} browsing for desktop computers and Android.
Some of these apps are better than others, and again making a determination comes down to your threat model. If you are a casual Tor user who is not worried about your ISP collecting evidence against you, using apps like [Orbot](#orbot) or mobile browser apps to access the Tor network is probably fine. Increasing the number of people who use Tor on an everyday basis helps reduce the bad stigma of Tor, and lowers the quality of "lists of Tor users" that ISPs and governments may compile.
-If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against deanonymization.
+If more complete anonymity is paramount to your situation, you should **only** be using the desktop Tor Browser client, ideally in a [Whonix](desktop.md#whonix) + [Qubes](desktop.md#qubes-os) configuration. Mobile browsers are less common on Tor (and more fingerprintable as a result), and other configurations are not as rigorously tested against de-anonymization.
## Tor浏览器
diff --git a/i18n/zh/vpn.md b/i18n/zh/vpn.md
index e5d3a757..4d4e8e14 100644
--- a/i18n/zh/vpn.md
+++ b/i18n/zh/vpn.md
@@ -10,7 +10,9 @@ global:
- "table tbody"
---
-
+
Protects against the following threat(s):
+
+- [:material-account-cash: 监视资本主义](basics/common-threats.md#surveillance-as-a-business-model ""){.pg-brown}
If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.