diff --git a/i18n/ar/os/android-overview.md b/i18n/ar/os/android-overview.md index a78631a2..d0c88ecb 100644 --- a/i18n/ar/os/android-overview.md +++ b/i18n/ar/os/android-overview.md @@ -107,7 +107,7 @@ With user profiles, you can impose restrictions on a specific profile, such as: [Work Profiles](https://support.google.com/work/android/answer/6191949) are another way to isolate individual apps and may be more convenient than separate user profiles. -A **device controller** app such as [Shelter](#recommended-apps) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. The work profile is dependent on a device controller to function. Features such as *File Shuttle* and *contact search blocking* or any kind of isolation features must be implemented by the controller. You must also fully trust the device controller app, as it has full access to your data inside of the work profile. diff --git a/i18n/bn/os/android-overview.md b/i18n/bn/os/android-overview.md index 4eefe344..e83a357a 100644 --- a/i18n/bn/os/android-overview.md +++ b/i18n/bn/os/android-overview.md @@ -107,7 +107,7 @@ With user profiles, you can impose restrictions on a specific profile, such as: [Work Profiles](https://support.google.com/work/android/answer/6191949) are another way to isolate individual apps and may be more convenient than separate user profiles. -A **device controller** app such as [Shelter](#recommended-apps) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. The work profile is dependent on a device controller to function. Features such as *File Shuttle* and *contact search blocking* or any kind of isolation features must be implemented by the controller. You must also fully trust the device controller app, as it has full access to your data inside of the work profile. diff --git a/i18n/cs/os/android-overview.md b/i18n/cs/os/android-overview.md index a78631a2..d0c88ecb 100644 --- a/i18n/cs/os/android-overview.md +++ b/i18n/cs/os/android-overview.md @@ -107,7 +107,7 @@ With user profiles, you can impose restrictions on a specific profile, such as: [Work Profiles](https://support.google.com/work/android/answer/6191949) are another way to isolate individual apps and may be more convenient than separate user profiles. -A **device controller** app such as [Shelter](#recommended-apps) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. The work profile is dependent on a device controller to function. Features such as *File Shuttle* and *contact search blocking* or any kind of isolation features must be implemented by the controller. You must also fully trust the device controller app, as it has full access to your data inside of the work profile. diff --git a/i18n/de/os/android-overview.md b/i18n/de/os/android-overview.md index a78631a2..d0c88ecb 100644 --- a/i18n/de/os/android-overview.md +++ b/i18n/de/os/android-overview.md @@ -107,7 +107,7 @@ With user profiles, you can impose restrictions on a specific profile, such as: [Work Profiles](https://support.google.com/work/android/answer/6191949) are another way to isolate individual apps and may be more convenient than separate user profiles. -A **device controller** app such as [Shelter](#recommended-apps) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. The work profile is dependent on a device controller to function. Features such as *File Shuttle* and *contact search blocking* or any kind of isolation features must be implemented by the controller. You must also fully trust the device controller app, as it has full access to your data inside of the work profile. diff --git a/i18n/el/os/android-overview.md b/i18n/el/os/android-overview.md index a78631a2..d0c88ecb 100644 --- a/i18n/el/os/android-overview.md +++ b/i18n/el/os/android-overview.md @@ -107,7 +107,7 @@ With user profiles, you can impose restrictions on a specific profile, such as: [Work Profiles](https://support.google.com/work/android/answer/6191949) are another way to isolate individual apps and may be more convenient than separate user profiles. -A **device controller** app such as [Shelter](#recommended-apps) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. The work profile is dependent on a device controller to function. Features such as *File Shuttle* and *contact search blocking* or any kind of isolation features must be implemented by the controller. You must also fully trust the device controller app, as it has full access to your data inside of the work profile. diff --git a/i18n/eo/os/android-overview.md b/i18n/eo/os/android-overview.md index a78631a2..d0c88ecb 100644 --- a/i18n/eo/os/android-overview.md +++ b/i18n/eo/os/android-overview.md @@ -107,7 +107,7 @@ With user profiles, you can impose restrictions on a specific profile, such as: [Work Profiles](https://support.google.com/work/android/answer/6191949) are another way to isolate individual apps and may be more convenient than separate user profiles. -A **device controller** app such as [Shelter](#recommended-apps) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. The work profile is dependent on a device controller to function. Features such as *File Shuttle* and *contact search blocking* or any kind of isolation features must be implemented by the controller. You must also fully trust the device controller app, as it has full access to your data inside of the work profile. diff --git a/i18n/es/os/android-overview.md b/i18n/es/os/android-overview.md index 9f5e4bdb..45acfa96 100644 --- a/i18n/es/os/android-overview.md +++ b/i18n/es/os/android-overview.md @@ -107,7 +107,7 @@ Con los perfiles de usuario, puedes imponer restricciones a un perfil específic Los [perfiles de trabajo](https://support.google.com/work/android/answer/6191949) son otra manera de aislar aplicaciones individuales y pueden ser más convenientes que usar perfiles de usuario separados. -Se requiere una aplicación de **controlador de dispositivo** como [Shelter](#recommended-apps) para crear un perfil de trabajo sin una MDM empresarial, a menos que estés utilizando un sistema operativo Android personalizado que incluya uno. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. El perfil de trabajo depende de un controlador de dispositivo para funcionar. Características como el *transbordador de archivos* y el *bloqueo de búsqueda de contactos* o cualquier tipo de característica de aislamiento debe ser implementada por el controlador. También debes confiar plenamente en la aplicación del controlador del dispositivo, ya que tiene acceso completo a tus datos dentro del perfil de trabajo. diff --git a/i18n/fa/os/android-overview.md b/i18n/fa/os/android-overview.md index a78631a2..d0c88ecb 100644 --- a/i18n/fa/os/android-overview.md +++ b/i18n/fa/os/android-overview.md @@ -107,7 +107,7 @@ With user profiles, you can impose restrictions on a specific profile, such as: [Work Profiles](https://support.google.com/work/android/answer/6191949) are another way to isolate individual apps and may be more convenient than separate user profiles. -A **device controller** app such as [Shelter](#recommended-apps) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. The work profile is dependent on a device controller to function. Features such as *File Shuttle* and *contact search blocking* or any kind of isolation features must be implemented by the controller. You must also fully trust the device controller app, as it has full access to your data inside of the work profile. diff --git a/i18n/fr/android.md b/i18n/fr/android.md index be3baa50..d9d5351b 100644 --- a/i18n/fr/android.md +++ b/i18n/fr/android.md @@ -131,12 +131,12 @@ Les téléphones Google Pixel sont les seuls appareils qui répondent actuelleme **DivestOS** est un léger dérivé de [LineageOS](https://lineageos.org/). DivestOS hérite de nombreux [appareils pris en charge](https://divestos.org/index.php?page=devices&base=LineageOS) de LineageOS. Il a des versions signées, ce qui permet d'avoir un [démarrage vérifié](https://source.android.com/security/verifiedboot) sur certains appareils autres que des Pixel. - [:octicons-home-16: Homepage](https://divestos.org){ .md-button .md-button--primary } - [:simple-torbrowser:](http://divestoseb5nncsydt7zzf5hrfg44md4bxqjs5ifcv4t7gt7u6ohjyyd.onion){ .card-link title="Onion Service" } - [:octicons-eye-16:](https://divestos.org/index.php?page=privacy_policy){ .card-link title="Privacy Policy" } + [:octicons-home-16: Page d'accueil](https://divestos.org){ .md-button .md-button--primary } + [:simple-torbrowser:](http://divestoseb5nncsydt7zzf5hrfg44md4bxqjs5ifcv4t7gt7u6ohjyyd.onion){ .card-link title="Service onion" } + [:octicons-eye-16:](https://divestos.org/index.php?page=privacy_policy){ .card-link title="Politique de confidentialité" } [:octicons-info-16:](https://divestos.org/index.php?page=faq){ .card-link title=Documentation} - [:octicons-code-16:](https://github.com/divested-mobile){ .card-link title="Source Code" } - [:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute } + [:octicons-code-16:](https://github.com/divested-mobile){ .card-link title="Code source" } + [:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribuer } DivestOS a une [correction](https://gitlab.com/divested-mobile/cve_checker) automatique des vulnérabilités de noyau ([CVE](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures)), moins de blobs propriétaires, et un fichier [hosts](https://divested.dev/index.php?page=dnsbl) personnalisé. Sa WebView renforcée, [Mulch](https://gitlab.com/divested-mobile/mulch), permet [CFI](https://en.wikipedia.org/wiki/Control-flow_integrity) pour toutes les architectures et [un partitionnement de l'état du réseau](https://developer.mozilla.org/en-US/docs/Web/Privacy/State_Partitioning), et reçoit des mises à jour hors bande. DivestOS inclut également les correctifs de noyau de GrapheneOS et active toutes les fonctions de sécurité de noyau disponibles via le [renforcement defconfig](https://github.com/Divested-Mobile/DivestOS-Build/blob/master/Scripts/Common/Functions.sh#L758). Tous les noyaux plus récents que la version 3.4 incluent une [désinfection](https://lwn.net/Articles/334747/) complète de la page et tous les ~22 noyaux compilés par Clang ont [`-ftrivial-auto-var-init=zero`](https://reviews.llvm.org/D54604?id=174471) activé. diff --git a/i18n/fr/cryptocurrency.md b/i18n/fr/cryptocurrency.md index d09a4d1a..203d7cb0 100644 --- a/i18n/fr/cryptocurrency.md +++ b/i18n/fr/cryptocurrency.md @@ -38,7 +38,7 @@ Pour une confidentialité optimale, assurez-vous d'utiliser un portefeuille sans Pour une confidentialité maximale (même avec un portefeuille sans garde), vous devriez utiliser votre propre nœud Monero. L'utilisation du nœud d'une autre personne expose certaines informations, telles que l'adresse IP à partir de laquelle vous vous connectez, les heures auxquelles vous synchronisez votre portefeuille et les transactions que vous envoyez à partir de votre portefeuille (mais pas d'autres détails sur ces transactions). Vous pouvez également vous connecter au nœud Monero de quelqu'un d'autre via Tor ou i2p. -In August 2021, CipherTrace [announced](https://ciphertrace.com/enhanced-monero-tracing/) enhanced Monero tracing capabilities for government agencies. Des publications publiques montrent que le Financial Crimes Enforcement Network du département du Trésor américain [a accordé une licence à](https://sam.gov/opp/d12cbe9afbb94ca68006d0f006d355ac/view) CipherTrace pour son "module Monero" à la fin de l'année 2022. +En août 2021, CipherTrace [a annoncé](https://ciphertrace.com/enhanced-monero-tracing/) des capacités de traçage de Monero améliorées pour les agences gouvernementales. Des publications publiques montrent que le Financial Crimes Enforcement Network du département du Trésor américain [a accordé une licence à](https://sam.gov/opp/d12cbe9afbb94ca68006d0f006d355ac/view) CipherTrace pour son "module Monero" à la fin de l'année 2022. La confidentialité du graphe des transactions Monero est limitée par son cercle de signatures relativement petit, en particulier contre les attaques ciblées. Les caractéristiques de confidentialité de Monero ont également été [remises en question](https://web.archive.org/web/20180331203053/https://www.wired.com/story/monero-privacy/) par certains chercheurs en sécurité, et un certain nombre de vulnérabilités graves ont été trouvées et corrigées dans le passé, de sorte que les affirmations faites par des organisations comme CipherTrace ne sont pas hors de question. S'il est peu probable qu'il existe des outils de surveillance de masse de Monero comme il en existe pour le Bitcoin et d'autres, il est certain que les outils de traçage facilitent les enquêtes ciblées. diff --git a/i18n/fr/news-aggregators.md b/i18n/fr/news-aggregators.md index 6bdeee4d..e1dc6536 100644 --- a/i18n/fr/news-aggregators.md +++ b/i18n/fr/news-aggregators.md @@ -101,10 +101,10 @@ Un [agrégateur d'actualités](https://en.wikipedia.org/wiki/News_aggregator) es **NetNewsWire** est un lecteur de flux gratuit et open-source pour macOS et iOS qui met l'accent sur un design et des fonctionnalités natives. Il prend en charge les formats de flux habituels, ainsi que les flux Reddit. - [:octicons-home-16: Homepage](https://netnewswire.com/){ .md-button .md-button--primary } - [:octicons-eye-16:](https://netnewswire.com/privacypolicy.html){ .card-link title="Privacy Policy" } + [:octicons-home-16: Page d'accueil](https://netnewswire.com/){ .md-button .md-button--primary } + [:octicons-eye-16:](https://netnewswire.com/privacypolicy.html){ .card-link title="Politique de confidentialité" } [:octicons-info-16:](https://netnewswire.com/help/){ .card-link title=Documentation} - [:octicons-code-16:](https://github.com/Ranchero-Software/NetNewsWire){ .card-link title="Source Code" } + [:octicons-code-16:](https://github.com/Ranchero-Software/NetNewsWire){ .card-link title="Code source" } ??? downloads "Téléchargements" diff --git a/i18n/fr/os/android-overview.md b/i18n/fr/os/android-overview.md index 39605b62..aa9b21a1 100644 --- a/i18n/fr/os/android-overview.md +++ b/i18n/fr/os/android-overview.md @@ -107,7 +107,7 @@ Avec les profils d'utilisateur, vous pouvez imposer des restrictions à un profi Les [Profils Professionnels](https://support.google.com/work/android/answer/6191949?hl=fr) sont une autre façon d'isoler des applications de manière individuelles et peuvent s'avérer plus pratiques que des profils d'utilisateur séparés. -Une application de **gestionnaire d'appareil** telle que [Shelter](#recommended-apps) est nécessaire pour créer un profil professionnel sans MDM d'entreprise, à moins que vous n'utilisiez un OS Android personnalisé qui en comprend une. +Une application de **gestionnaire d'appareil** telle que [Shelter](../android.md#shelter) est nécessaire pour créer un profil professionnel sans MDM d'entreprise, à moins que vous n'utilisiez un système d'exploitation Android personnalisé qui en comprend une. Le profil professionnel dépend d'un gestionnaire d'appareil pour fonctionner. Les fonctionnalités telles que la *Navigation de Fichiers* et le *blocage de la recherche de contacts* ou tout autre type de fonctionnalités d'isolation doivent être implémentées par le gestionnaire. Vous devez également faire entièrement confiance à l'application de gestionnaire d'appareil, car elle a un accès total à vos données au sein du profil professionnel. diff --git a/i18n/he/os/android-overview.md b/i18n/he/os/android-overview.md index bb64f1d7..5e9e1e76 100644 --- a/i18n/he/os/android-overview.md +++ b/i18n/he/os/android-overview.md @@ -107,7 +107,7 @@ Fairphone, למשל, משווקת את המכשירים שלהם כמקבלים [פרופילי עבודה](https://support.google.com/work/android/answer/6191949) הם דרך נוספת לבודד אפליקציות בודדות ועשויה להיות נוחה יותר מפרופילי משתמשים נפרדים. -נדרשת אפליקציית **בקר מכשיר** כגון [Shelter](#recommended-apps) כדי ליצור פרופיל עבודה ללא MDM ארגוני, אלא אם אתה משתמש במערכת הפעלה אנדרואיד מותאמת אישית הכוללת אחת. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. פרופיל העבודה תלוי בבקר התקן כדי לתפקד. תכונות כגון *מעבורת קבצים* ו*חסימת חיפוש אנשי קשר* או כל סוג של תכונות בידוד חייבות להיות מיושמות על ידי הבקר. עליך גם לסמוך באופן מלא על אפליקציית בקר המכשיר, מכיוון שיש לה גישה מלאה לנתונים שלך בתוך פרופיל העבודה. diff --git a/i18n/hi/os/android-overview.md b/i18n/hi/os/android-overview.md index a78631a2..d0c88ecb 100644 --- a/i18n/hi/os/android-overview.md +++ b/i18n/hi/os/android-overview.md @@ -107,7 +107,7 @@ With user profiles, you can impose restrictions on a specific profile, such as: [Work Profiles](https://support.google.com/work/android/answer/6191949) are another way to isolate individual apps and may be more convenient than separate user profiles. -A **device controller** app such as [Shelter](#recommended-apps) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. The work profile is dependent on a device controller to function. Features such as *File Shuttle* and *contact search blocking* or any kind of isolation features must be implemented by the controller. You must also fully trust the device controller app, as it has full access to your data inside of the work profile. diff --git a/i18n/hu/os/android-overview.md b/i18n/hu/os/android-overview.md index 91645643..bf371f8d 100644 --- a/i18n/hu/os/android-overview.md +++ b/i18n/hu/os/android-overview.md @@ -107,7 +107,7 @@ A felhasználói profilok segítségével korlátozásokat szabhatsz meg egy ado [Work Profiles](https://support.google.com/work/android/answer/6191949) are another way to isolate individual apps and may be more convenient than separate user profiles. -A **device controller** app such as [Shelter](#recommended-apps) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. The work profile is dependent on a device controller to function. Features such as *File Shuttle* and *contact search blocking* or any kind of isolation features must be implemented by the controller. You must also fully trust the device controller app, as it has full access to your data inside of the work profile. diff --git a/i18n/id/os/android-overview.md b/i18n/id/os/android-overview.md index c029c0a5..d6dd7386 100644 --- a/i18n/id/os/android-overview.md +++ b/i18n/id/os/android-overview.md @@ -107,7 +107,7 @@ With user profiles, you can impose restrictions on a specific profile, such as: [Work Profiles](https://support.google.com/work/android/answer/6191949) are another way to isolate individual apps and may be more convenient than separate user profiles. -A **device controller** app such as [Shelter](#recommended-apps) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. The work profile is dependent on a device controller to function. Features such as *File Shuttle* and *contact search blocking* or any kind of isolation features must be implemented by the controller. You must also fully trust the device controller app, as it has full access to your data inside of the work profile. diff --git a/i18n/it/advanced/payments.md b/i18n/it/advanced/payments.md index 98aaf751..b4d0561f 100644 --- a/i18n/it/advanced/payments.md +++ b/i18n/it/advanced/payments.md @@ -65,7 +65,7 @@ La maggior parte delle criptovalute utilizza una blockchain pubblica, il che sig Le transazioni anonime su una blockchain pubblica sono *teoricamente* possibili, e la wiki di Bitcoin [fornisce un esempio di transazione "completamente anonima"](https://en.bitcoin.it/wiki/Privacy#Example_-_A_perfectly_private_donation). Tuttavia, per farlo è necessaria una configurazione complicata che coinvolge Tor e il "solo-mining" di un blocco per generare criptovalute completamente indipendenti, una pratica che non è stata praticata da quasi nessun appassionato per molti anni. -== La scelta migliore è quella di evitare del tutto queste criptovalute e di scegliere una che garantisca la privacy di default.== l'utilizzo di altre criptovalute non rientra nell'ambito di questo sito ed è fortemente sconsigliato. +==La scelta migliore è quella di evitare del tutto queste criptovalute e di scegliere una che garantisca la privacy di default.== l'utilizzo di altre criptovalute non rientra nell'ambito di questo sito ed è fortemente sconsigliato. ### Custodia portafoglio diff --git a/i18n/it/android.md b/i18n/it/android.md index d590958e..b0d9f2dd 100644 --- a/i18n/it/android.md +++ b/i18n/it/android.md @@ -129,7 +129,7 @@ I telefoni Google Pixel sono gli unici dispositivi che attualmente soddisfano i ![DivestOS logo](assets/img/android/divestos.svg){ align=right } **DivestOS** è un soft-fork di [LineageOS](https://lineageos.org/). - DivestOS eredita molti [dispositivi supportati] (https://divestos.org/index.php?page=devices&base=LineageOS) da LineageOS. Fornisce build firmate, che consentono di avere [verified boot](https://source.android.com/security/verifiedboot) su alcuni dispositivi non-Pixel. + DivestOS eredita molti [dispositivi supportati](https://divestos.org/index.php?page=devices&base=LineageOS) da LineageOS. Fornisce build firmate, che consentono di avere [verified boot](https://source.android.com/security/verifiedboot) su alcuni dispositivi non-Pixel. [:octicons-home-16: Pagina principale](https://divestos.org){ .md-button .md-button--primary } [:simple-torbrowser:](http://divestoseb5nncsydt7zzf5hrfg44md4bxqjs5ifcv4t7gt7u6ohjyyd.onion){ .card-link title="Servizi Onion" } @@ -211,7 +211,7 @@ In questo sito raccomandiamo un'ampia gamma di applicazioni per Android. Le app !!! warning "Attenzione" - Shelter è consigliato rispetto a [Insular](https://secure-system.gitlab.io/Insular/) e [Island](https://github.com/oasisfeng/island) perché supporta il [blocco della ricerca dei contatti] (https://secure-system.gitlab.io/Insular/faq.html). + Shelter è consigliato rispetto a [Insular](https://secure-system.gitlab.io/Insular/) e [Island](https://github.com/oasisfeng/island) perché supporta il [blocco della ricerca dei contatti](https://secure-system.gitlab.io/Insular/faq.html). Utilizzando Shelter, l'utente si affida completamente al suo sviluppatore, in quanto Shelter agisce come [amministratore del dispositivo](https://developer.android.com/guide/topics/admin/device-admin) per creare il profilo di lavoro e ha ampio accesso ai dati memorizzati all'interno del profilo di lavoro. @@ -379,7 +379,7 @@ Se scarichi i file APK da installare manualmente, è possibile verificarne la fi ![Logo di F-Droid](assets/img/android/f-droid.svg){ align=right width=120px } -**Non** raccomandiamo attualmente F-Droid come metodo per ottenere applicazioni.== F-Droid è spesso consigliato come alternativa a Google Play, in particolare nelle comunità sulla privacy. La possibilità di aggiungere repository di terze parti e di non essere confinati nel giardino recintato di Google ne ha determinato la popolarità. F-Droid ha inoltre [build riproducibili](https://f-droid.org/en/docs/Reproducible_Builds/) per alcune applicazioni ed è dedicato al software libero e open-source. Tuttavia, ci sono [problemi notevoli](https://privsec.dev/posts/android/f-droid-security-issues/) con il client ufficiale F-Droid, il loro controllo di qualità e il modo in cui costruiscono, firmano e pubblicano i pacchetti. +==**Non** raccomandiamo attualmente F-Droid come metodo per ottenere applicazioni.== F-Droid è spesso consigliato come alternativa a Google Play, in particolare nelle comunità sulla privacy. La possibilità di aggiungere repository di terze parti e di non essere confinati nel giardino recintato di Google ne ha determinato la popolarità. F-Droid ha inoltre [build riproducibili](https://f-droid.org/en/docs/Reproducible_Builds/) per alcune applicazioni ed è dedicato al software libero e open-source. Tuttavia, ci sono [problemi notevoli](https://privsec.dev/posts/android/f-droid-security-issues/) con il client ufficiale F-Droid, il loro controllo di qualità e il modo in cui costruiscono, firmano e pubblicano i pacchetti. A causa del processo di costruzione delle app, le applicazioni presenti nel repository ufficiale di F-Droid sono spesso in ritardo con gli aggiornamenti. Inoltre i manutentori di F-Droid riutilizzano gli ID dei pacchetti mentre firmano le app con le proprie chiavi, il che non è l'ideale perché conferisce al team di F-Droid la massima fiducia. diff --git a/i18n/it/basics/account-deletion.md b/i18n/it/basics/account-deletion.md index 1c95855f..b11b255b 100644 --- a/i18n/it/basics/account-deletion.md +++ b/i18n/it/basics/account-deletion.md @@ -51,7 +51,7 @@ Per l'e-mail dell'account, o create un nuovo account e-mail utilizzando il vostr È possibile consultare [JustDeleteMe](https://justdeleteme.xyz) per le istruzioni sull'eliminazione dell'account per un servizio specifico. Alcuni siti offrono fortunatamente l'opzione "Elimina account", mentre altri si spingono fino a costringervi a parlare con un agente di supporto. Il processo di cancellazione può variare da un sito all'altro, e in alcuni casi la cancellazione dell'account sarà impossibile. -Per i servizi che non permettono l'eliminazione dell'account, la cosa migliore da fare è quella di falsificare tutte le informazioni (come detto in precedenza) e di rafforzare la sicurezza dell'account. Per fare ciò, abilita [MFA](multi-factor-authentication.md) e qualsiasi altra funzionalità che il sito offre. Inoltre, cambia la password con una generata casualmente che sia della lunghezza massima consentita (un [gestore di password](../passwords.md)può esserti utile per questo). +Per i servizi che non permettono l'eliminazione dell'account, la cosa migliore da fare è quella di falsificare tutte le informazioni (come detto in precedenza) e di rafforzare la sicurezza dell'account. Per fare ciò, abilita [MFA](multi-factor-authentication.md) e qualsiasi altra funzionalità che il sito offre. Inoltre, cambia la password con una generata casualmente che sia della lunghezza massima consentita (un [gestore di password](../passwords.md) può esserti utile per questo). Se siete soddisfatti che tutte le informazioni che vi interessano siano state rimosse, potete tranquillamente dimenticarvi di questo account. In caso contrario, potrebbe essere una buona idea quella di conservare le credenziali insieme alle altre password e di tanto in tanto effettuare un nuovo accesso per reimpostare la password. diff --git a/i18n/it/basics/passwords-overview.md b/i18n/it/basics/passwords-overview.md index aad2bdfe..ac7e6759 100644 --- a/i18n/it/basics/passwords-overview.md +++ b/i18n/it/basics/passwords-overview.md @@ -16,7 +16,7 @@ Questo fenomeno è chiamato [credential stuffing](https://en.wikipedia.org/wiki/ ### Usa password generate randomicamente -== Non dovresti **mai** affidarti a te stesso per creare un'ottima password.== Consigliamo di utilizzare [password generate randomicamente](#passwords) o [passphrase di tipo diceware](#diceware-passphrases) con un'entropia sufficiente a proteggere i tuoi account e dispositivi. +==Non dovresti **mai** affidarti a te stesso per creare un'ottima password.== Consigliamo di utilizzare [password generate randomicamente](#passwords) o [passphrase di tipo diceware](#diceware-passphrases) con un'entropia sufficiente a proteggere i tuoi account e dispositivi. Tutti i nostri [gestori di password consigliati](../passwords.md) includono un generatore di password integrato che puoi utilizzare. @@ -26,7 +26,7 @@ Dovresti evitare di cambiare troppo spesso le password che necessitano di essere Per quanto riguarda le password che non devi ricordare (come quelle memorizzate all'interno del vostro gestore di password), se la vostra [ modellazione delle minacce](threat-modeling.md) lo richiede, vi consigliamo di controllare gli account importanti (soprattutto quelli che non utilizzano l'autenticazione a più fattori) e di cambiare la loro password almeno ogni due mesi, nel caso in cui siano stati compromessi in una violazione dei dati non ancora resa pubblica. La maggior parte dei gestori di password ti consente d'impostare una data di scadenza per le tue password cosi da gestirle più facilmente. -!!! consiglio "Controlla le violazioni dei dati" +!!! tip "Controlla le violazioni dei dati" Se il tuo gestore di password permette di verificare la presenza di password compromesse, assicurati di controllare le vostre password e di cambiare immediatamente qualsiasi password che potrebbe essere stata esposta in una violazione dei dati. In alternativa, puoi seguire il feed di [Have I Been Pwned's Latest Breaches](https://feeds.feedburner.com/HaveIBeenPwnedLatestBreaches) con l'aiuto di un [aggregatore di notizie](../news-aggregators.md). @@ -60,7 +60,7 @@ Per generare una passfrase diceware utilizzando un vero dado, segui questi passa 4. Ripeti questa procedura finché la vostra passfrase non avrà il numero di parole necessario, che dovrete separare con uno spazio. -!!! avviso "Importante" +!!! warning "Importante" **Non** dovresti rigenerare le parole affinché non ottieni una combinazione di parole che ti attragga. Il processo dovrebbe essere effettuato randomicamente. diff --git a/i18n/it/basics/threat-modeling.md b/i18n/it/basics/threat-modeling.md index 845f8bb0..caef676d 100644 --- a/i18n/it/basics/threat-modeling.md +++ b/i18n/it/basics/threat-modeling.md @@ -53,7 +53,7 @@ La valutazione dei rischi è un processo personale e soggettivo. Molte persone t Ci sono molti modi in cui un avversario può accedere ai tuoi dati. Per esempio, un avversario può leggere le tue comunicazioni private mentre attraversano la rete, o può eliminare o corrompere i tuoi dati. -== Le motivazioni degli avversari sono molto diverse, così come le loro tattiche.== Un governo che cerca di impedire la diffusione di un video che mostra la violenza della polizia può accontentarsi di cancellare o ridurre la disponibilità di quel video. Al contrario, un avversario politico può desiderare di accedere a contenuti segreti e pubblicarli all'insaputa dell'interessato. +==Le motivazioni degli avversari sono molto diverse, così come le loro tattiche.== Un governo che cerca di impedire la diffusione di un video che mostra la violenza della polizia può accontentarsi di cancellare o ridurre la disponibilità di quel video. Al contrario, un avversario politico può desiderare di accedere a contenuti segreti e pubblicarli all'insaputa dell'interessato. La pianificazione della sicurezza comporta la comprensione di quanto catastrofiche possono essere le conseguenze se un avversario riesce a impossessarsi di uno dei tuoi asset. Per determinare ciò, dovresti prendere in considerazione la capacità del tuo avversario. Ad esempio, il tuo operatore di telefonia mobile ha accesso a tutti i tuoi record telefonici. Un hacker su una rete Wi-Fi aperta può accedere alle tue comunicazioni non criptate. Il tuo governo potrebbe avere capacità maggiori. @@ -61,7 +61,7 @@ La pianificazione della sicurezza comporta la comprensione di quanto catastrofic ### Quanti problemi sono disposto ad affrontare per tentare di prevenire le potenziali conseguenze? -== Non esiste un'opzione perfetta per la sicurezza.== Non tutti hanno le stesse priorità, preoccupazioni o accesso alle risorse. La valutazione dei rischi consentirà di pianificare la giusta strategia per te, bilanciando convenienza, costi e privacy. +==Non esiste un'opzione perfetta per la sicurezza.== Non tutti hanno le stesse priorità, preoccupazioni o accesso alle risorse. La valutazione dei rischi consentirà di pianificare la giusta strategia per te, bilanciando convenienza, costi e privacy. Per esempio, un avvocato che rappresenta un cliente in un caso di sicurezza nazionale potrebbe essere disposto a prendere più provvedimenti per proteggere le comunicazioni relative al caso, come ad esempio usando mail criptate, rispetto ad una madre che manda regolarmente email alla figlia con video divertenti di gattini. diff --git a/i18n/it/desktop-browsers.md b/i18n/it/desktop-browsers.md index 518bb865..a6403f48 100644 --- a/i18n/it/desktop-browsers.md +++ b/i18n/it/desktop-browsers.md @@ -262,7 +262,7 @@ Le funzionalità di Shields possono essere ridotte per ogni sito se necessario; - [x] Seleziona **Utilizza sempre connessioni sicure** nel menu **Sicurezza** - [ ] Disabilita **Finestra in Incognito con Tor** (1) - !!! Suggerimento "Pulizia alla chiusura" + !!! tip "Pulizia alla chiusura" - [x] Selezionare **Cancella i cookie e i dati del sito alla chiusura di tutte le finestre** nel menu *Cookies e altri dati del sito* diff --git a/i18n/it/dns.md b/i18n/it/dns.md index 4c318df4..ac92265e 100644 --- a/i18n/it/dns.md +++ b/i18n/it/dns.md @@ -51,7 +51,7 @@ Apple non fornisce un'interfaccia nativa per la creazione di profili DNS cifrati !!! info - `systemd-resolved', che molte distribuzioni Linux usano per fare le ricerche DNS, non supporta ancora [DoH](https://github.com/systemd/systemd/issues/8639). Se vuoi usare DoH, è necessario installare un proxy come [dnscrypt-proxy](https://github.com/DNSCrypt/dnscrypt-proxy) e [configurarlo] (https://wiki.archlinux.org/title/Dnscrypt-proxy) per prendere tutte le query DNS dal resolver di sistema e inoltrarle tramite HTTPS. + `systemd-resolved`, che molte distribuzioni Linux usano per fare le ricerche DNS, non supporta ancora [DoH](https://github.com/systemd/systemd/issues/8639). Se vuoi usare DoH, è necessario installare un proxy come [dnscrypt-proxy](https://github.com/DNSCrypt/dnscrypt-proxy) e [configurarlo] (https://wiki.archlinux.org/title/Dnscrypt-proxy) per prendere tutte le query DNS dal resolver di sistema e inoltrarle tramite HTTPS. ## Proxy DNS criptati diff --git a/i18n/it/email-clients.md b/i18n/it/email-clients.md index e909abff..e4128c3a 100644 --- a/i18n/it/email-clients.md +++ b/i18n/it/email-clients.md @@ -156,9 +156,7 @@ Canary Mail è closed-source. Lo consigliamo a causa della scarsa scelta di clie !!! warning "Attenzione" - ![Kontact logo](assets/img/email-clients/kontact.svg){ align=right } - - **Kontact** è un'applicazione di gestione delle informazioni personali (PIM, personal information manager) del progetto [KDE](https://kde.org). Offre un client di posta, una rubrica, un'agenda e un client RSS. + Quando si risponde a qualcuno di una mailing list, l'opzione "rispondi" può includere anche la mailing list. Per maggiori informazioni visita le loro (https://github.com/thundernest/k-9/issues/3738). ### Kontact (KDE) diff --git a/i18n/it/financial-services.md b/i18n/it/financial-services.md index 67012ca1..0c446d04 100644 --- a/i18n/it/financial-services.md +++ b/i18n/it/financial-services.md @@ -12,7 +12,7 @@ Effettuare pagamenti online è una delle maggiori sfide per la privacy. Questi s Esistono diversi servizi che forniscono "carte di debito virtuali" che si possono utilizzare con i negozi online senza rivelare i propri dati bancari o di fatturazione nella maggior parte dei casi. È importante sapere che questi servizi finanziari **non** sono anonimi e sono soggetti alle leggi "Know Your Customer" (KYC) e possono richiedere un documento d'identità o altre informazioni identificative. Questi servizi sono utili soprattutto per proteggere l'utente dalle violazioni dei dati dei negozi, dal tracciamento meno sofisticato o dalla correlazione degli acquisti da parte delle agenzie di marketing e dal furto di dati online; e **non** per effettuare un acquisto in modo completamente anonimo. -!!! consiglio "Controlla la tua banca" +!!! tip "Controlla la tua banca" Molte banche e fornitori di carte di credito offrono una funzionalità nativa di carte virtuali. Se sei cliente di una banca che offre già questa opzione, è preferibile usarla rispetto a questi altri servizi consigliati. In questo modo non affidate i vostri dati personali a più soggetti. diff --git a/i18n/it/mobile-browsers.md b/i18n/it/mobile-browsers.md index 73cbb3a9..692450a1 100644 --- a/i18n/it/mobile-browsers.md +++ b/i18n/it/mobile-browsers.md @@ -82,7 +82,7 @@ Le funzionalità di Shields possono essere ridotte per ogni sito se necessario; - [x] Seleziona **Aggressivo** sotto Blocca tracker & pubblicità -???? warning "Usa gli elenchi di filtri predefiniti" +??? warning "Usa gli elenchi di filtri predefiniti" Brave ti consente di selezionare ulteriori filtri di contenuti mediante la pagina interna `brave://adblock`. Si consiglia di non utilizzare questa funzione e di mantenere gli elenchi di filtri predefiniti. il loro utilizzo ti distingue dagli altri utenti Brave, e potrebbe inoltre aumentare la superficie di attacco se esiste un exploit nel browser sfruttabile da codice malizioso presente nelle liste stesse. - [x] Seleziona **Aggiorna le connessioni a HTTPS** diff --git a/i18n/it/news-aggregators.md b/i18n/it/news-aggregators.md index 493f4d49..6cdc643f 100644 --- a/i18n/it/news-aggregators.md +++ b/i18n/it/news-aggregators.md @@ -142,7 +142,7 @@ Alcuni social supportano anche gli RSS, ma non spesso viene citato. Reddit consente d'iscriverti ai subreddit tramite RSS. -!!! esempio +!!! example Sostituisci `nome_subreddit` con il nome del subreddit a cui desideri iscriverti. ```text diff --git a/i18n/it/notebooks.md b/i18n/it/notebooks.md index 21bfaad3..b10fad34 100644 --- a/i18n/it/notebooks.md +++ b/i18n/it/notebooks.md @@ -62,13 +62,14 @@ Joplin non supporta la protezione con password/PIN per [l'applicazione stessa o - [:simple-linux: Linux](https://standardnotes.com) - [:octicons-globe-16: Web](https://app.standardnotes.com/) -### Org-mode +### Cryptee !!! recommendation - ![Logo Org-mode](assets/img/notebooks/org-mode.svg){ align=right } + ![Logo Cryptee](./assets/img/notebooks/cryptee.svg#only-light){ align=right } + ![Logo Cryptee](./assets/img/notebooks/cryptee-dark.svg#only-dark){ align=right } - **Org-mode** è una [major mode](https://www.gnu.org/software/emacs/manual/html_node/elisp/Major-Modes.html) per GNU Emacs. Org-mode serve per prendere appunti, mantenere elenchi TODO, pianificare progetti e scrivere documenti con un sistema di testo semplice rapido ed efficace. + **Cryptee** è un editor di documenti E2EE open-source, basato sul web e un'applicazione per l'archiviazione di foto. Cryptee è una PWA, il che significa che funziona senza problemi su tutti i dispositivi moderni senza richiedere applicazioni native per ciascuna piattaforma. [:octicons-home-16: Pagina Principale](https://crypt.ee){ .md-button .md-button--primary } [:octicons-eye-16:](https://crypt.ee/privacy){ .card-link title="Politica sulla Privacy" } diff --git a/i18n/it/os/android-overview.md b/i18n/it/os/android-overview.md index 918fecd5..5701163b 100644 --- a/i18n/it/os/android-overview.md +++ b/i18n/it/os/android-overview.md @@ -107,7 +107,7 @@ Con i profili utente, è possibile imporre restrizioni a un profilo specifico, c I [Profili di lavoro](https://support.google.com/work/android/answer/6191949) sono un altro modo per isolare le singole app e può essere più comodo dei profili utente separati. -Per creare un profilo di lavoro senza un MDM aziendale è necessaria un'applicazione come **controllore del dispositivo**, come [Shelter](#recommended-apps), a meno che tu non utilizzi un sistema operativo Android modificato che ne include uno. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. Il profilo di lavoro dipende da un controllore del dispositivo per funzionare. Funzionalità come *File Shuttle* e *blocco della ricerca dei contatti* o qualsiasi tipo di funzionalità di isolamento devono essere implementate dal controllore. È inoltre necessario fidarsi completamente dell'app di controllo del dispositivo, che ha pieno accesso ai dati dell'utente all'interno del profilo di lavoro. diff --git a/i18n/ja/os/android-overview.md b/i18n/ja/os/android-overview.md index a78631a2..d0c88ecb 100644 --- a/i18n/ja/os/android-overview.md +++ b/i18n/ja/os/android-overview.md @@ -107,7 +107,7 @@ With user profiles, you can impose restrictions on a specific profile, such as: [Work Profiles](https://support.google.com/work/android/answer/6191949) are another way to isolate individual apps and may be more convenient than separate user profiles. -A **device controller** app such as [Shelter](#recommended-apps) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. The work profile is dependent on a device controller to function. Features such as *File Shuttle* and *contact search blocking* or any kind of isolation features must be implemented by the controller. You must also fully trust the device controller app, as it has full access to your data inside of the work profile. diff --git a/i18n/ko/CODE_OF_CONDUCT.md b/i18n/ko/CODE_OF_CONDUCT.md index 88a0e910..d85fbc31 100644 --- a/i18n/ko/CODE_OF_CONDUCT.md +++ b/i18n/ko/CODE_OF_CONDUCT.md @@ -1,4 +1,4 @@ -# Community Code of Conduct +# 커뮤니티 행동 강령 **We pledge** to make our community a harassment-free experience for everyone. diff --git a/i18n/ko/advanced/dns-overview.md b/i18n/ko/advanced/dns-overview.md index 8bbb1fa3..d405dfb7 100644 --- a/i18n/ko/advanced/dns-overview.md +++ b/i18n/ko/advanced/dns-overview.md @@ -131,7 +131,7 @@ DoH 네이티브 구현은 iOS 14, macOS 11, Microsoft Windows, Android 13(단, 인터넷 필터링(혹은 검열)이 존재하는 지역에서는 '차단된 정보에 접근하는 행위' 자체가 자신의 [위협 모델](../basics/threat-modeling.md)에서 고려해야 할 어떠한 결과를 초래할 수도 있습니다. Privacy Guides는 이러한 목적으로 암호화 DNS를 사용하는 것은 추천드리지 **않습니다**. 대신 [Tor](https://torproject.org)나 [VPN](../vpn.md)을 사용하세요. VPN을 사용하는 경우, 자신이 사용하는 VPN의 DNS 서버를 사용해야 합니다. VPN을 사용하는 순간부터 이미 자신의 모든 네트워크 활동을 VPN 업체에게 맡기고 있는 것이기 때문입니다. -When we do a DNS lookup, it's generally because we want to access a resource. 다음은 암호화 DNS를 사용하더라도 여러분의 인터넷 탐색 활동이 노출될 수 있는 몇 가지 경우입니다. +일반적으로 우리가 무언가에 대한 DNS 조회를 할 때는 해당 리소스에 접근하고자 하는 의도가 있습니다. 다음은 암호화 DNS를 사용하더라도 여러분의 인터넷 탐색 활동이 노출될 수 있는 몇 가지 경우입니다. @@ -201,11 +201,11 @@ SNI(Server Name Indication, 서버 이름 표시)는 주로 하나의 IP 주소 ### OCSP(온라인 인증서 상태 프로토콜) -Another way your browser can disclose your browsing activities is with the [Online Certificate Status Protocol](https://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol). When visiting an HTTPS website, the browser might check to see if the website's [certificate](https://en.wikipedia.org/wiki/Public_key_certificate) has been revoked. This is generally done through the HTTP protocol, meaning it is **not** encrypted. +[OCSP](https://ko.wikipedia.org/wiki/%EC%98%A8%EB%9D%BC%EC%9D%B8_%EC%9D%B8%EC%A6%9D%EC%84%9C_%EC%83%81%ED%83%9C_%ED%94%84%EB%A1%9C%ED%86%A0%EC%BD%9C)를 통해 인터넷 탐색 활동이 노출될 가능성도 있습니다. 여러분이 HTTPS 웹사이트를 방문할 때, 브라우저는 해당 웹사이트의 [인증서](https://ko.wikipedia.org/wiki/%EA%B3%B5%EA%B0%9C_%ED%82%A4_%EC%9D%B8%EC%A6%9D%EC%84%9C)가 만료되었는지 확인합니다. 이 과정은 HTTP 프로토콜을 사용해 이루어집니다. 다시 말해, 암호화가 적용되지 **않습니다**. -The OCSP request contains the certificate "[serial number](https://en.wikipedia.org/wiki/Public_key_certificate#Common_fields)", which is unique. It is sent to the "OCSP responder" in order to check its status. +OCSP 요청에는 고유한 인증서 [일련번호](https://en.wikipedia.org/wiki/Public_key_certificate#Common_fields)가 포함되어 있습니다. 이는 인증서 상태를 확인하는 과정에서 'OCSP 응답자(Responder)'에게 전송됩니다. -We can simulate what a browser would do using the [`openssl`](https://en.wikipedia.org/wiki/OpenSSL) command. +[`openssl`](https://ko.wikipedia.org/wiki/OpenSSL) 명령어로 브라우저의 동작을 시뮬레이션할 수 있습니다. 1. 서버 인증서를 가져오고 [`sed`](https://ko.wikipedia.org/wiki/Sed_(%EC%9C%A0%ED%8B%B8%EB%A6%AC%ED%8B%B0))를 이용해 중요한 부분만 파일에 기록합니다. @@ -217,7 +217,7 @@ We can simulate what a browser would do using the [`openssl`](https://en.wikiped ``` -2. Get the intermediate certificate. [Certificate Authorities (CA)](https://en.wikipedia.org/wiki/Certificate_authority) normally don't sign a certificate directly; they use what is known as an "intermediate" certificate. +2. 중간 인증서(Intermediate Certificate)를 받습니다. [인증 기관(CA)](https://ko.wikipedia.org/wiki/%EC%9D%B8%EC%A6%9D_%EA%B8%B0%EA%B4%80)은 일반적으로 인증서에 직접 서명하지 않고 '중간 인증서'라고 불리는 것을 사용합니다. @@ -227,7 +227,7 @@ We can simulate what a browser would do using the [`openssl`](https://en.wikiped ``` -3. The first certificate in `pg_and_intermediate.cert` is actually the server certificate from step 1. We can use `sed` again to delete until the first instance of END: +3. `pg_and_intermediate.cert`의 첫 번째 인증서는 1단계에서의 서버에 대한 인증서입니다. `sed` 명령어를 다시 사용해 END가 처음 등장하는 부분까지 제거합니다. @@ -237,7 +237,7 @@ We can simulate what a browser would do using the [`openssl`](https://en.wikiped ``` -4. Get the OCSP responder for the server certificate: +4. 서버 인증서에 대한 OCSP 응답자를 얻어냅니다. @@ -246,7 +246,7 @@ We can simulate what a browser would do using the [`openssl`](https://en.wikiped ``` -Our certificate shows the Lets Encrypt certificate responder. If we want to see all the details of the certificate we can use: +인증서에서 Lets Encrypt 인증서 응답자를 확인할 수 있습니다. 인증서의 모든 세부 정보를 확인하려면 다음 명령어를 사용합니다. @@ -255,7 +255,7 @@ Our certificate shows the Lets Encrypt certificate responder. If we want to see ``` -5. Start the packet capture: +5. 패킷 캡처를 시작합니다. @@ -264,7 +264,7 @@ Our certificate shows the Lets Encrypt certificate responder. If we want to see ``` -6. Make the OCSP request: +6. OCSP 요청을 생성합니다. @@ -276,7 +276,7 @@ Our certificate shows the Lets Encrypt certificate responder. If we want to see ``` -7. Open the capture: +7. 캡처를 엽니다. @@ -285,7 +285,7 @@ Our certificate shows the Lets Encrypt certificate responder. If we want to see ``` -There will be two packets with the "OCSP" protocol: a "Request" and a "Response". For the "Request" we can see the "serial number" by expanding the triangle ▸ next to each field: +'OCSP' 프로토콜에서 'Request', 'Response'라는 두 패킷을 확인할 수 있습니다. 'Request'에서는 각 필드 옆의 삼각형 ▸을 눌러 일련번호(Serial Number)를 확인할 수 있습니다. @@ -299,7 +299,7 @@ There will be two packets with the "OCSP" protocol: a "Request" and a "Response" ``` -For the "Response" we can also see the "serial number": +'Response'에서도 마찬가지로 일련번호를 확인할 수 있습니다. @@ -315,7 +315,7 @@ For the "Response" we can also see the "serial number": ``` -8. Or use `tshark` to filter the packets for the Serial Number: +8. 혹은 `tshark`를 이용해 패킷을 일련번호로 필터링합니다. @@ -324,7 +324,7 @@ For the "Response" we can also see the "serial number": ``` -If the network observer has the public certificate, which is publicly available, they can match the serial number with that certificate and therefore determine the site you're visiting from that. The process can be automated and can associate IP addresses with serial numbers. It is also possible to check [Certificate Transparency](https://en.wikipedia.org/wiki/Certificate_Transparency) logs for the serial number. +네트워크 관찰자가 공개적으로 사용할 수 있는 공개 인증서를 가지고 있는 경우, 일련번호를 해당 인증서와 대조할 수 있으므로 여러분이 어떤 사이트를 방문하는지 알아낼 수 있습니다. 이 과정은 자동화될 수 있으며, 일련번호를 IP 주소와 연관시킬 수 있습니다. [인증서 투명성](https://en.wikipedia.org/wiki/Certificate_Transparency) 로그에서 일련번호를 확인하는 것 또한 가능합니다. @@ -350,7 +350,7 @@ graph TB ``` -Encrypted DNS with a third-party should only be used to get around redirects and basic [DNS blocking](https://en.wikipedia.org/wiki/DNS_blocking) when you can be sure there won't be any consequences or you're interested in a provider that does some rudimentary filtering. +제3자 서버를 사용하는 암호화 DNS는 '이를 사용함으로써 아무런 문제가 발생하지 않을 것이라고 확신할 수 있을 때' ISP의 기본적인 리디렉션 및 [DNS 차단](https://en.wikipedia.org/wiki/DNS_blocking)을 우회하는 용도로만 사용하거나, 기초적인 DNS 필터링 서비스를 필요로 할 때만 사용해야 합니다. [권장 DNS 서버 목록](../dns.md ""){.md-button} @@ -358,30 +358,30 @@ Encrypted DNS with a third-party should only be used to get around redirects and ## DNSSEC이란 무엇인가요? -[Domain Name System Security Extensions](https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions) (DNSSEC) is a feature of DNS that authenticates responses to domain name lookups. It does not provide privacy protections for those lookups, but rather prevents attackers from manipulating or poisoning the responses to DNS requests. +DNSSEC([Domain Name System Security Extensions](https://ko.wikipedia.org/wiki/DNSSEC))는 도메인 이름 조회에 대한 응답을 인증하는 DNS 기능입니다. 이 기능은 프라이버시 보호와는 별 관련이 없지만, 공격자가 DNS 요청 응답을 변조하거나 오염시키는 것을 방지합니다. -In other words, DNSSEC digitally signs data to help ensure its validity. In order to ensure a secure lookup, the signing occurs at every level in the DNS lookup process. As a result, all answers from DNS can be trusted. +DNSSEC은 데이터 유효성을 보장하기 위해 데이터에 디지털 서명을 수행합니다. 안전한 조회 과정을 보장하기 위해, 디지털 서명은 DNS 조회 과정의 모든 영역에서 이루어집니다. 결과적으로, 모든 DNS 응답을 신뢰할 수 있습니다. -The DNSSEC signing process is similar to someone signing a legal document with a pen; that person signs with a unique signature that no one else can create, and a court expert can look at that signature and verify that the document was signed by that person. These digital signatures ensure that data has not been tampered with. +DNSSEC 서명 과정은 사람이 펜으로 법적 문서에 서명하는 과정과 유사합니다. 다른 사람이 따라 만들 수 없는 고유한 서명으로 서명하고, 법조인은 해당 서명을 보고 문서의 서명이 위조되지 않았음을 확인합니다. 마찬가지로 디지털 서명은 데이터가 변조되지 않았음을 확인합니다. -DNSSEC implements a hierarchical digital signing policy across all layers of DNS. For example, in the case of a `privacyguides.org` lookup, a root DNS server would sign a key for the `.org` nameserver, and the `.org` nameserver would then sign a key for `privacyguides.org`’s authoritative nameserver. +DNSSEC은 DNS의 모든 계층에 걸쳐 계층적(Hierarchical) 디지털 서명 정책을 구현합니다. 예를 들어 `privacyguides.org`를 조회하는 경우, 루트 DNS 서버는 자신의 키로 서명해 `.org` 네임 서버에게 제공하고, `.org` 네임 서버 또한 자신의 키로 서명해 `privacyguides.org`의 권한 있는 서버에 제공합니다. -Adapted from [DNS Security Extensions (DNSSEC) overview](https://cloud.google.com/dns/docs/dnssec) by Google and [DNSSEC: An Introduction](https://blog.cloudflare.com/dnssec-an-introduction/) by Cloudflare, both licensed under [CC BY 4.0](https://creativecommons.org/licenses/by/4.0/). +Google의 [DNS Security Extensions (DNSSEC) 개요](https://cloud.google.com/dns/docs/dnssec?hl=ko)와 Cloudflare의 [DNSSEC: An Introduction](https://blog.cloudflare.com/dnssec-an-introduction/)를 각색하였으며, 두 글은 모두 [CC BY 4.0](https://creativecommons.org/licenses/by/4.0/) 라이선스를 따릅니다. ## QNAME 최소화란 무엇인가요? -QNAME은 '정규화된 이름(Qualified Name)'입니다(예시: `privacyguides.org`). QNAME minimisation reduces the amount of information sent from the DNS server to the [authoritative name server](https://en.wikipedia.org/wiki/Name_server#Authoritative_name_server). +QNAME은 '정규화된 이름(Qualified Name)'입니다(예시: `privacyguides.org`). QNAME 최소화(QNAME Minimization)는 DNS 서버로부터 [Authoritative Name Server(권한 있는 이름 서버)](https://en.wikipedia.org/wiki/Name_server#Authoritative_name_server)로 전송되는 정보의 양을 줄입니다. -Instead of sending the whole domain `privacyguides.org`, QNAME minimization means the DNS server will ask for all the records that end in `.org`. Further technical description is defined in [RFC 7816](https://datatracker.ietf.org/doc/html/rfc7816). +QNAME 최소화를 이용하면 DNS 서버가 `privacyguides.org`이라는 전체 도메인을 전송하는 것이 아닌, `.org`로 끝나는 모든 레코드를 요청하게 됩니다. 세부 기술 설명은 [RFC 7816](https://datatracker.ietf.org/doc/html/rfc7816)에 정의되어 있습니다. ## ECS(EDNS 클라이언트 서브넷)란 무엇인가요? -The [EDNS Client Subnet](https://en.wikipedia.org/wiki/EDNS_Client_Subnet) is a method for a recursive DNS resolver to specify a [subnetwork](https://en.wikipedia.org/wiki/Subnetwork) for the [host or client](https://en.wikipedia.org/wiki/Client_(computing)) which is making the DNS query. +[EDNS 클라이언트 서브넷](https://en.wikipedia.org/wiki/EDNS_Client_Subnet)이란, DNS 쿼리를 생성하는 [호스트나 클라이언트](https://ko.wikipedia.org/wiki/%ED%81%B4%EB%9D%BC%EC%9D%B4%EC%96%B8%ED%8A%B8_(%EC%BB%B4%ED%93%A8%ED%8C%85))의 [서브넷](https://ko.wikipedia.org/wiki/%EB%B6%80%EB%B6%84%EB%A7%9D)을 Recursive DNS 리졸버가 지정할 수 있는 방식입니다. -It's intended to "speed up" delivery of data by giving the client an answer that belongs to a server that is close to them such as a [content delivery network](https://en.wikipedia.org/wiki/Content_delivery_network), which are often used in video streaming and serving JavaScript web apps. +ECS는 동영상 스트리밍이나 JavaScript 웹 앱 서비스에 때 자주 쓰이는 [콘텐츠 전송 네트워크(CDN)](https://ko.wikipedia.org/wiki/%EC%BD%98%ED%85%90%EC%B8%A0_%EC%A0%84%EC%86%A1_%EB%84%A4%ED%8A%B8%EC%9B%8C%ED%81%AC)처럼 클라이언트와 가까운 서버의 응답을 제공하여 데이터 전송 속도를 높이는 기술입니다. -This feature does come at a privacy cost, as it tells the DNS server some information about the client's location. +단, ECS는 DNS 서버에 클라이언트의 위치에 관한 일부 정보를 알려주기 때문에 프라이버시 면에서 불이익이 존재합니다. diff --git a/i18n/ko/basics/account-deletion.md b/i18n/ko/basics/account-deletion.md index 56c4b1d6..069f79ef 100644 --- a/i18n/ko/basics/account-deletion.md +++ b/i18n/ko/basics/account-deletion.md @@ -1,10 +1,10 @@ --- title: "계정 삭제" icon: 'material/account-remove' -description: It's easy to accumulate a large number of internet accounts, here are some tips on how to prune your collection. +description: 온라인 계정은 어느새 잔뜩 쌓여 있기 마련입니다. 여러분의 계정을 정리하는 데 도움이 될 몇 가지 팁을 알려드립니다. --- -온라인 계정은 시간이 지날수록 쌓여갑니다. 그리고 그 중 상당수는 더 이상 사용하지 않는 계정일 겁니다. 휴면 계정은 데이터 유출에 취약하므로 '사용하지 않는 계정 삭제'는 프라이버시 보호에 있어서 중요합니다. 데이터 유출이란, 보호되어야 할 정보가 서비스 보안 손상으로 인해 무단으로 열람, 전송, 도난당하는 것을 말합니다. Data breaches are unfortunately all [too common](https://haveibeenpwned.com/PwnedWebsites) these days, and so practicing good digital hygiene is the best way to minimize the impact they have on your life. The goal of this guide then is to help navigate you through the irksome process of account deletion, often made difficult by [deceptive design](https://www.deceptive.design/), for the betterment of your online presence. +온라인 계정은 시간이 지날수록 쌓여갑니다. 그리고 그 중 상당수는 더 이상 사용하지 않는 계정일 겁니다. 휴면 계정은 데이터 유출에 취약하므로 '사용하지 않는 계정을 삭제하는 것'은 프라이버시 보호에 있어서 중요합니다. 데이터 유출이란, 보호되어야 할 정보가 서비스 보안 손상으로 인해 무단으로 열람, 전송, 도난당하는 것을 말합니다. 안타깝게도 최근에는 데이터 유출 사고가 [너무 많이 발생합니다](https://haveibeenpwned.com/PwnedWebsites). 데이터 유출 사고가 여러분의 삶에 미치는 영향을 최소화하고자 한다면 디지털에서도 위생 관념을 철저히 해야 합니다. 본 내용은 온라인 상에서 여러분의 발자취를 지우기 어렵게 만드는 각종 [다크 패턴](https://www.deceptive.design/)으로 인해 복잡해진 계정 삭제 절차를 안내하는 것을 목적으로 작성되었습니다. ## 오래된 계정 찾기 @@ -16,7 +16,7 @@ description: It's easy to accumulate a large number of internet accounts, here a ![Bitwarden 데이터 유출 보고서 기능](../assets/img/account-deletion/exposed_passwords.png) -비밀번호 관리자를 따로 사용한 적이 없더라도, 자신도 모르는 사이 브라우저나 휴대폰 내장 비밀번호 관리자를 사용했을 가능성이 있습니다. 예시: [Firefox 비밀번호 관리자](https://support.mozilla.org/kb/password-manager-remember-delete-edit-logins), [Google 비밀번호 관리자](https://passwords.google.com/intro), [Edge 암호 관리자](https://support.microsoft.com/en-us/microsoft-edge/save-or-forget-passwords-in-microsoft-edge-b4beecb0-f2a8-1ca0-f26f-9ec247a3f336) +비밀번호 관리자를 따로 사용한 적이 없더라도, 자신도 모르는 사이 브라우저나 휴대폰 내장 비밀번호 관리자를 사용했을 가능성이 있습니다. (예시: [Firefox 비밀번호 관리자](https://support.mozilla.org/kb/password-manager-remember-delete-edit-logins), [Google 비밀번호 관리자](https://passwords.google.com/intro), [Edge 암호 관리자](https://support.microsoft.com/en-us/microsoft-edge/save-or-forget-passwords-in-microsoft-edge-b4beecb0-f2a8-1ca0-f26f-9ec247a3f336)) 데스크톱 플랫폼에도 보통 비밀번호 관리자가 있기 때문에, 잊어버린 비밀번호를 복구하는 데에 유용할 수 있습니다: @@ -29,7 +29,7 @@ description: It's easy to accumulate a large number of internet accounts, here a 비밀번호 관리자를 사용한 적이 없거나 등록하지 않은 계정이 있는 경우, 가입하는 데에 사용했을 법한 이메일 계정에서 검색해보는 방법이 있습니다. 이메일 클라이언트에서 '환영합니다', '인증', '확인' 같은 키워드를 검색해보세요. 거의 모든 서비스는 계정 생성 시에 인증 링크나 소개 메시지를 이메일로 보냅니다. 이를 이용하면 잊어버린 오래된 계정을 찾을 수 있습니다. -## 오래된 계정 삭제 +## 오래된 계정 삭제하기 ### 로그인 @@ -59,4 +59,4 @@ EEA 거주자는 GDPR [제17조](https://www.gdpr.org/regulation/article-17.html ## 계정 새로 생성하지 않기 -"예방이 치료보다 낫다"라는 말도 있습니다. 새 계정을 가입하고 싶은 마음이 생길 때마다 한 번씩 생각해보세요. '이 계정이 정말 필요한가?' '계정 없이도 필요한 작업을 할 수 있나?' 계정 생성보다 삭제가 훨씬 더 어려운 경우가 많습니다. 게다가 계정을 삭제하거나 계정 정보를 변경한 이후에도 [인터넷 아카이브](https://archive.org/) 등 외부에 캐시된 버전이 존재할 수 있습니다. 미래에 후회하지 않기 위해서는 피할 수 있을 때 유혹을 피해야 합니다. +"예방이 치료보다 낫다"라는 말도 있습니다. 새 계정을 가입하고 싶은 마음이 생길 때마다 한 번씩 생각해보세요. '이 계정이 정말 필요한가?' '계정 없이도 내가 원하는 작업을 할 수 있나?' 계정 생성보다 삭제가 훨씬 더 어려운 경우가 많습니다. 게다가 계정을 삭제하거나 계정 정보를 변경한 이후에도 [인터넷 아카이브](https://archive.org/) 등 외부에 캐시된 버전이 존재할 수 있습니다. 미래에 후회하지 않기 위해서는 피할 수 있을 때 유혹을 피해야 합니다. diff --git a/i18n/ko/basics/common-misconceptions.md b/i18n/ko/basics/common-misconceptions.md index 68190307..2565e869 100644 --- a/i18n/ko/basics/common-misconceptions.md +++ b/i18n/ko/basics/common-misconceptions.md @@ -1,7 +1,7 @@ --- title: "일반적인 오해" icon: 'material/robot-confused' -description: 프라이버시는 결코 간단하지 않고, 마케팅성 주장이나 기타 잘못된 정보에 현혹되기 쉽습니다. +description: 프라이버시는 단순한 주제가 아닙니다. 홍보성 문구나 여타 잘못된 정보에 현혹당하지 않도록 조심해야 합니다. schema: - "@context": https://schema.org @@ -9,7 +9,7 @@ schema: mainEntity: - "@type": Question - name: 오픈 소스 소포트웨어는 본질적으로 안전한가요? + name: 오픈 소스 소프트웨어는 본질적으로 안전한가요? acceptedAnswer: "@type": Answer text: | diff --git a/i18n/ko/basics/multi-factor-authentication.md b/i18n/ko/basics/multi-factor-authentication.md index 8b46660a..cc5a5b4a 100644 --- a/i18n/ko/basics/multi-factor-authentication.md +++ b/i18n/ko/basics/multi-factor-authentication.md @@ -1,7 +1,7 @@ --- title: "다중 인증" icon: 'material/two-factor-authentication' -description: MFA is a critical security mechanism for securing your online accounts, but some methods are stronger than others. +description: MFA는 온라인 계정을 보호하는 데에 있어서 중요한 보안 메커니즘이지만, 방식에 따라 보안성은 달라집니다. --- **다중 인증**(**MFA**, Multi-Factor Authentication)은 사용자 이름(혹은 이메일)과 비밀번호 입력 외에도 추가 단계를 거치는 보안 방식입니다. 가장 흔히 볼 수 있는 예시로는 문자 메시지나 앱으로 받는 시간 제한 인증 코드가 대표적입니다. @@ -22,7 +22,7 @@ SMS나 이메일로 OTP 코드를 받는 방식은 MFA를 통한 계정 보호 하지만 사람은 누구나 실수를 할 수 있고, 실수로 로그인을 승인할 위험성이 존재합니다. 일반적으로 푸시 알림 로그인 인증은 여러분의 *모든* 기기로 한꺼번에 전송되므로, 사용하는 기기가 많아질수록 MFA 코드의 철저한 관리는 어려워집니다. -푸시 알림 MFA의 보안성은 앱의 품질, 서버 구성 요소, 앱 개발자의 신뢰도에 따라 달라집니다. Installing an app may also require you to accept invasive privileges that grant access to other data on your device. An individual app also requires that you have a specific app for each service which may not require a password to open, unlike a good TOTP generator app. +푸시 알림 MFA의 보안성은 앱의 품질, 서버 구성 요소, 앱 개발자의 신뢰도에 따라 달라집니다. 어떤 앱은 설치할 때 기기의 다른 데이터에 접근하는 권한 등의 막대한 권한을 부여하도록 강제할 수도 있습니다. An individual app also requires that you have a specific app for each service which may not require a password to open, unlike a good TOTP generator app. ### TOTP(시간 기반 일회용 비밀번호) @@ -108,11 +108,11 @@ TOTP 인증 앱을 사용하는 경우, 복구 키 혹은 앱 자체를 백업 보안 키를 구매했다면, 기본 자격 증명 변경, 보안 키 비밀번호 보호 설정, (지원하는 경우) 터치식 인증 확인 활성화를 진행해야 합니다. Products such as the YubiKey have multiple interfaces with separate credentials for each one of them, so you should go over each interface and set up protection as well. -### Email and SMS +### 이메일, SMS If you have to use email for MFA, make sure that the email account itself is secured with a proper MFA method. -If you use SMS MFA, use a carrier who will not switch your phone number to a new SIM card without account access, or use a dedicated VoIP number from a provider with similar security to avoid a [SIM swap attack](https://en.wikipedia.org/wiki/SIM_swap_scam). +SMS로 MFA를 사용할 경우에는 [SIM 스와핑 사기](https://en.wikipedia.org/wiki/SIM_swap_scam)를 주의해야 합니다. 계정에 접근하지 않고도 휴대폰 번호가 새로운 SIM 카드로 전환되는 통신사는 이용하지 말아야 합니다. 혹은 이런 류의 공격에 대한 보안 기능을 제공하는 제공 업체의 전용 VoIP 번호를 사용해야 합니다. [MFA tools we recommend](../multi-factor-authentication.md ""){.md-button} diff --git a/i18n/ko/cryptocurrency.md b/i18n/ko/cryptocurrency.md index 2f05dd20..2b527136 100644 --- a/i18n/ko/cryptocurrency.md +++ b/i18n/ko/cryptocurrency.md @@ -38,7 +38,7 @@ Monero를 사용할 경우, Monero를 거래하는 주소, 거래 금액, 주소 (비수탁형 지갑을 사용하더라도) 프라이버시를 극대화하려면 자체 Monero 노드를 운용해야 합니다. 다른 사람의 노드를 사용할 경우 해당 노드에 연결할 때 사용한 IP 주소, 지갑을 동기화한 시각, 지갑에서 전송된 트랜잭션(해당 트랜잭션에 대한 자세한 정보는 알 수 없음) 등 일부 정보가 해당 노드에 노출됩니다. 다른 사람의 Monero 노드에 연결할 때에 Tor 혹은 i2p를 사용하는 것이 대안이 될 수 있습니다. -In August 2021, CipherTrace [announced](https://ciphertrace.com/enhanced-monero-tracing/) enhanced Monero tracing capabilities for government agencies. 공개 포스트에 따르면, 미국 재무부의 금융 범죄 단속 네트워크(Financial Crimes Enforcement Network)는 2022년 말 CipherTrace의 'Monero 모듈'에 라이선스 자격을 [부여했습니다](https://sam.gov/opp/d12cbe9afbb94ca68006d0f006d355ac/view). +2021년 8월, CipherTrace는 정부 기관을 위해 향상된 Monero 추적 기능을 [발표했습니다](https://ciphertrace.com/enhanced-monero-tracing/). 공개 포스트에 따르면, 미국 재무부의 금융 범죄 단속 네트워크(Financial Crimes Enforcement Network)는 2022년 말 CipherTrace의 'Monero 모듈'에 라이선스 자격을 [부여했습니다](https://sam.gov/opp/d12cbe9afbb94ca68006d0f006d355ac/view). Monero 트랜잭션 그래프는 프라이버시 면에서 제한적입니다. 상대적으로 작은 링 서명(Ring Signature)으로 인해, 표적 공격에 취약합니다. 이 외에도 Monero의 프라이버시 기능은 일부 보안 연구자들에 의해 [의문이 제기된 바 있으며](https://web.archive.org/web/20180331203053/https://www.wired.com/story/monero-privacy/), 과거에는 여러 심각한 취약점이 발견되어 패치되기도 했습니다. 따라서 CipherTrace 같은 단체의 주장은 충분히 일리가 있습니다. 비트코인이나 다른 암호화폐처럼 대규모 감시 도구가 Monero에도 존재할 가능성은 낮지만, 추적 툴이 표적 수사에 효과가 있을 것은 확실합니다. diff --git a/i18n/ko/multi-factor-authentication.md b/i18n/ko/multi-factor-authentication.md index d6d963b5..e41c250a 100644 --- a/i18n/ko/multi-factor-authentication.md +++ b/i18n/ko/multi-factor-authentication.md @@ -17,9 +17,9 @@ cover: multi-factor-authentication.png One of the benefits of the YubiKey is that one key can do almost everything (YubiKey 5), you could expect from a hardware security key. We do encourage you to take the [quiz](https://www.yubico.com/quiz/) before purchasing in order to make sure you make the right choice. - [:octicons-home-16: Homepage](https://www.yubico.com){ .md-button .md-button--primary } - [:octicons-eye-16:](https://www.yubico.com/support/terms-conditions/privacy-notice){ .card-link title="Privacy Policy" } - [:octicons-info-16:](https://docs.yubico.com/){ .card-link title=Documentation} + [:octicons-home-16: 홈페이지](https://www.yubico.com){ .md-button .md-button--primary } + [:octicons-eye-16:](https://www.yubico.com/support/terms-conditions/privacy-notice){ .card-link title="프라이버시 정책" } + [:octicons-info-16:](https://docs.yubico.com/){ .card-link title=문서} The [comparison table](https://www.yubico.com/store/compare/) shows the features and how the YubiKeys compare. We highly recommend that you select keys from the YubiKey 5 Series. @@ -38,9 +38,9 @@ For models which support HOTP and TOTP, there are 2 slots in the OTP interface w **Nitrokey** has a security key capable of [FIDO2 and WebAuthn](basics/multi-factor-authentication.md#fido-fast-identity-online) called the **Nitrokey FIDO2**. For PGP support, you need to purchase one of their other keys such as the **Nitrokey Start**, **Nitrokey Pro 2** or the **Nitrokey Storage 2**. - [:octicons-home-16: Homepage](https://www.nitrokey.com){ .md-button .md-button--primary } - [:octicons-eye-16:](https://www.nitrokey.com/data-privacy-policy){ .card-link title="Privacy Policy" } - [:octicons-info-16:](https://docs.nitrokey.com/){ .card-link title=Documentation} + [:octicons-home-16: 홈페이지](https://www.nitrokey.com){ .md-button .md-button--primary } + [:octicons-eye-16:](https://www.nitrokey.com/data-privacy-policy){ .card-link title="프라이버시 정책" } + [:octicons-info-16:](https://docs.nitrokey.com/){ .card-link title=문서} The [comparison table](https://www.nitrokey.com/#comparison) shows the features and how the Nitrokey models compare. The **Nitrokey 3** listed will have a combined feature set. @@ -70,21 +70,21 @@ Nitrokey's firmware is open-source, unlike the YubiKey. The firmware on modern N #### 최소 요구 사항 -- Must use high quality, tamper resistant hardware security modules. -- Must support the latest FIDO2 specification. -- Must not allow private key extraction. -- Devices which cost over $35 must support handling OpenPGP and S/MIME. +- 고품질의 변조 방지 하드웨어 보안 모듈을 사용해야 합니다. +- 최신 FIDO2 사양을 지원해야 합니다. +- 개인 키 추출을 허용해서는 안 됩니다. +- 가격이 $35 이상인 기기는 OpenPGP, S/MIME를 지원해야 합니다. #### 우대 사항 평가 기준에서 '우대 사항'은 해당 부문에서 완벽한 프로젝트에 기대하는 바를 나타냅니다. 다음의 우대 사항에 해당하지 않더라도 권장 목록에 포함될 수 있습니다. 단, 우대 사항에 해당할수록 이 페이지의 다른 항목보다 높은 순위를 갖습니다. -- Should be available in USB-C form-factor. -- Should be available with NFC. -- Should support TOTP secret storage. -- Should support secure firmware updates. +- USB-C 단자로 된 버전을 제공해야 합니다. +- NFC를 지원해야 합니다. +- TOTP 비밀 저장소(Secret Storage)를 지원해야 합니다. +- 보안 펌웨어 업데이트를 지원해야 합니다. -## Authenticator Apps +## 인증 앱 Authenticator Apps implement a security standard adopted by the Internet Engineering Task Force (IETF) called **Time-based One-time Passwords**, or **TOTP**. This is a method where websites share a secret with you which is used by your authenticator app to generate a six (usually) digit code based on the current time, which you enter while logging in for the website to check. Typically these codes are regenerated every 30 seconds, and once a new code is generated the old one becomes useless. Even if a hacker gets one six-digit code, there is no way for them to reverse that code to get the original secret or otherwise be able to predict what any future codes might be. @@ -98,13 +98,13 @@ We highly recommend that you use mobile TOTP apps instead of desktop alternative **Aegis Authenticator** is a free, secure and open-source app to manage your 2-step verification tokens for your online services. - [:octicons-home-16: Homepage](https://getaegis.app){ .md-button .md-button--primary } - [:octicons-eye-16:](https://getaegis.app/aegis/privacy.html){ .card-link title="Privacy Policy" } - [:octicons-info-16:](https://github.com/beemdevelopment/Aegis/wiki){ .card-link title=Documentation} - [:octicons-code-16:](https://github.com/beemdevelopment/Aegis){ .card-link title="Source Code" } - [:octicons-heart-16:](https://www.buymeacoffee.com/beemdevelopment){ .card-link title=Contribute } + [:octicons-home-16: 홈페이지](https://getaegis.app){ .md-button .md-button--primary } + [:octicons-eye-16:](https://getaegis.app/aegis/privacy.html){ .card-link title="프라이버시 정책" } + [:octicons-info-16:](https://github.com/beemdevelopment/Aegis/wiki){ .card-link title=문서} + [:octicons-code-16:](https://github.com/beemdevelopment/Aegis){ .card-link title="소스 코드" } + [:octicons-heart-16:](https://www.buymeacoffee.com/beemdevelopment){ .card-link title=기부 } - ??? downloads + ??? downloads "다운로드" - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=com.beemdevelopment.aegis) - [:simple-github: GitHub](https://github.com/beemdevelopment/Aegis/releases) @@ -117,12 +117,12 @@ We highly recommend that you use mobile TOTP apps instead of desktop alternative **Raivo OTP** is a native, lightweight and secure time-based (TOTP) & counter-based (HOTP) password client for iOS. Raivo OTP offers optional iCloud backup & sync. Raivo OTP is also available for macOS in the form of a status bar application, however the Mac app does not work independently of the iOS app. - [:octicons-home-16: Homepage](https://raivo-otp.com){ .md-button .md-button--primary } - [:octicons-eye-16:](https://raivo-otp.com/privacy-policy){ .card-link title="Privacy Policy" } - [:octicons-code-16:](https://github.com/raivo-otp/ios-application){ .card-link title="Source Code" } - [:octicons-heart-16:](https://raivo-otp.com/donate){ .card-link title=Contribute } + [:octicons-home-16: 홈페이지](https://raivo-otp.com){ .md-button .md-button--primary } + [:octicons-eye-16:](https://raivo-otp.com/privacy-policy){ .card-link title="프라이버시 정책" } + [:octicons-code-16:](https://github.com/raivo-otp/ios-application){ .card-link title="소스 코드" } + [:octicons-heart-16:](https://raivo-otp.com/donate){ .card-link title=기부 } - ??? downloads + ??? downloads "다운로드" - [:simple-appstore: App Store](https://apps.apple.com/us/app/raivo-otp/id1459042137) @@ -134,7 +134,7 @@ We highly recommend that you use mobile TOTP apps instead of desktop alternative Privacy Guides 팀은 사이트의 모든 항목마다 명확한 평가 기준을 정립하는 중이며, 따라서 세부 내용은 변경될 수 있습니다. 평가 기준에 대해서 질문이 있다면 [포럼에서 문의](https://discuss.privacyguides.net/latest)하시기 바랍니다. (무언가가 목록에 존재하지 않다고 해서 권장 목록을 작성할 때 고려한 적이 없을 것으로 단정 짓지 마세요.) 권장 목록에 어떤 프로젝트를 추가할 때 고려하고 논의해야 할 요소는 매우 많으며, 모든 요소를 문서화하는 것은 현재 진행 중인 작업입니다. -- Source code must be publicly available. -- Must not require internet connectivity. -- Must not sync to a third-party cloud sync/backup service. - - **Optional** E2EE sync support with OS-native tools is acceptable, e.g. encrypted sync via iCloud. +- 소스 코드는 공개적으로 이용 가능해야 합니다. +- 인터넷 연결 없이도 작동해야 합니다. +- 제3자 클라우드 동기화/백업 서비스와 동기화하는 식으로 작동해서는 안 됩니다. + - **선택적인** (운영 체제 네이티브 툴을 이용한) E2EE 동기화 지원은 허용됩니다. 예시: 'iCloud를 통한 암호화 동기화' diff --git a/i18n/ko/news-aggregators.md b/i18n/ko/news-aggregators.md index 02ee4d8e..efd99167 100644 --- a/i18n/ko/news-aggregators.md +++ b/i18n/ko/news-aggregators.md @@ -101,10 +101,10 @@ cover: news-aggregators.png **NetNewsWire**는 네이티브 디자인 및 기능에 중점을 둔 macOS, iOS용 무료 오픈소스 피드 리더입니다. 일반적인 피드 형식과 함께 Reddit 피드를 기본 지원합니다. - [:octicons-home-16: Homepage](https://netnewswire.com/){ .md-button .md-button--primary } - [:octicons-eye-16:](https://netnewswire.com/privacypolicy.html){ .card-link title="Privacy Policy" } - [:octicons-info-16:](https://netnewswire.com/help/){ .card-link title=Documentation} - [:octicons-code-16:](https://github.com/Ranchero-Software/NetNewsWire){ .card-link title="Source Code" } + [:octicons-home-16: 홈페이지](https://netnewswire.com/){ .md-button .md-button--primary } + [:octicons-eye-16:](https://netnewswire.com/privacypolicy.html){ .card-link title="프라이버시 정책" } + [:octicons-info-16:](https://netnewswire.com/help/){ .card-link title=문서} + [:octicons-code-16:](https://github.com/Ranchero-Software/NetNewsWire){ .card-link title="소스 코드" } ??? downloads "다운로드" diff --git a/i18n/ko/os/android-overview.md b/i18n/ko/os/android-overview.md index 50a377e1..29c6aec4 100644 --- a/i18n/ko/os/android-overview.md +++ b/i18n/ko/os/android-overview.md @@ -107,7 +107,7 @@ Android 13: [직장 프로필](https://support.google.com/work/android/answer/6191949)은 개별 앱을 격리하는 방식 중 하나로, 경우에 따라서 별도 사용자 프로필을 사용하는 것보다 편리합니다. -여러분이 별도로 해당 기능을 탑재한 커스텀 Android 운영 체제를 사용하는 것이 아닌 한, 엔터프라이즈 MDM 없이 직장 프로필을 생성하려면 [Shelter](#recommended-apps) 등의 **기기 컨트롤러** 앱을 사용해야 합니다. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. 직장 프로필은 기기 컨트롤러에 따라 작동 방식이 달라집니다. *File Shuttle*, *연락처 검색 차단*을 비롯한 모든 격리 기능은 컨트롤러에서 구현됩니다. 기기 컨트롤러는 직장 프로필 내부 데이터의 전체 접근 권한을 가지고 있으므로, 믿을 수 있는 기기 컨트롤러 앱을 사용해야 합니다. diff --git a/i18n/ko/video-streaming.md b/i18n/ko/video-streaming.md index 2dbdfd94..a71e6980 100644 --- a/i18n/ko/video-streaming.md +++ b/i18n/ko/video-streaming.md @@ -1,5 +1,5 @@ --- -title: "Video Streaming" +title: "동영상 스트리밍" icon: material/video-wireless description: These networks allow you to stream internet content without building an advertising profile based on your interests. cover: video-streaming.png diff --git a/i18n/ku-IQ/os/android-overview.md b/i18n/ku-IQ/os/android-overview.md index a78631a2..d0c88ecb 100644 --- a/i18n/ku-IQ/os/android-overview.md +++ b/i18n/ku-IQ/os/android-overview.md @@ -107,7 +107,7 @@ With user profiles, you can impose restrictions on a specific profile, such as: [Work Profiles](https://support.google.com/work/android/answer/6191949) are another way to isolate individual apps and may be more convenient than separate user profiles. -A **device controller** app such as [Shelter](#recommended-apps) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. The work profile is dependent on a device controller to function. Features such as *File Shuttle* and *contact search blocking* or any kind of isolation features must be implemented by the controller. You must also fully trust the device controller app, as it has full access to your data inside of the work profile. diff --git a/i18n/nl/os/android-overview.md b/i18n/nl/os/android-overview.md index 171bee14..d34a667f 100644 --- a/i18n/nl/os/android-overview.md +++ b/i18n/nl/os/android-overview.md @@ -107,7 +107,7 @@ Met gebruikersprofielen kun je beperkingen opleggen aan een specifiek profiel, z [Werkprofielen](https://support.google.com/work/android/answer/6191949) zijn een andere manier om afzonderlijke apps te isoleren en kunnen handiger zijn dan afzonderlijke gebruikersprofielen. -Een **apparaatcontroller** zoals [Shelter](#recommended-apps) is vereist, tenzij je CalyxOS gebruikt die er een bevat. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. Het werkprofiel is afhankelijk van een apparaatcontroller om te kunnen functioneren. Functies zoals *File Shuttle* en *contact zoeken blokkeren* of enige vorm van isolatiefuncties moeten door de controller worden geïmplementeerd. Je moet de apparaatcontroller-app ook volledig vertrouwen, aangezien deze volledige toegang heeft tot jouw gegevens binnen het werkprofiel. diff --git a/i18n/pl/os/android-overview.md b/i18n/pl/os/android-overview.md index 7787caaf..dc944c7c 100644 --- a/i18n/pl/os/android-overview.md +++ b/i18n/pl/os/android-overview.md @@ -107,7 +107,7 @@ With user profiles, you can impose restrictions on a specific profile, such as: [Work Profiles](https://support.google.com/work/android/answer/6191949) are another way to isolate individual apps and may be more convenient than separate user profiles. -A **device controller** app such as [Shelter](#recommended-apps) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. The work profile is dependent on a device controller to function. Features such as *File Shuttle* and *contact search blocking* or any kind of isolation features must be implemented by the controller. Jeśli w danej chwili z nich nie korzystasz, zalecamy wyłączenie tych funkcji. diff --git a/i18n/pt-BR/os/android-overview.md b/i18n/pt-BR/os/android-overview.md index d6eeef27..b4661d45 100644 --- a/i18n/pt-BR/os/android-overview.md +++ b/i18n/pt-BR/os/android-overview.md @@ -107,7 +107,7 @@ With user profiles, you can impose restrictions on a specific profile, such as: Os [Perfis de Trabalho](https://support.google.com/work/android/answer/6191949) são outra forma de isolar aplicações individuais e podem ser mais convenientes do que perfis de usuário separados. -A **device controller** app such as [Shelter](#recommended-apps) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. The work profile is dependent on a device controller to function. Features such as *File Shuttle* and *contact search blocking* or any kind of isolation features must be implemented by the controller. You must also fully trust the device controller app, as it has full access to your data inside of the work profile. diff --git a/i18n/pt/os/android-overview.md b/i18n/pt/os/android-overview.md index 941d7b81..89a7f9bd 100644 --- a/i18n/pt/os/android-overview.md +++ b/i18n/pt/os/android-overview.md @@ -107,7 +107,7 @@ With user profiles, you can impose restrictions on a specific profile, such as: [Work Profiles](https://support.google.com/work/android/answer/6191949) are another way to isolate individual apps and may be more convenient than separate user profiles. -A **device controller** app such as [Shelter](#recommended-apps) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. The work profile is dependent on a device controller to function. Features such as *File Shuttle* and *contact search blocking* or any kind of isolation features must be implemented by the controller. You must also fully trust the device controller app, as it has full access to your data inside of the work profile. diff --git a/i18n/ru/os/android-overview.md b/i18n/ru/os/android-overview.md index 97b44e98..2cd60d5e 100644 --- a/i18n/ru/os/android-overview.md +++ b/i18n/ru/os/android-overview.md @@ -107,7 +107,7 @@ With user profiles, you can impose restrictions on a specific profile, such as: [Work Profiles](https://support.google.com/work/android/answer/6191949) are another way to isolate individual apps and may be more convenient than separate user profiles. -A **device controller** app such as [Shelter](#recommended-apps) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. The work profile is dependent on a device controller to function. Features such as *File Shuttle* and *contact search blocking* or any kind of isolation features must be implemented by the controller. You must also fully trust the device controller app, as it has full access to your data inside of the work profile. diff --git a/i18n/sv/os/android-overview.md b/i18n/sv/os/android-overview.md index c334d55e..06c28fcb 100644 --- a/i18n/sv/os/android-overview.md +++ b/i18n/sv/os/android-overview.md @@ -107,7 +107,7 @@ With user profiles, you can impose restrictions on a specific profile, such as: [Work Profiles](https://support.google.com/work/android/answer/6191949) are another way to isolate individual apps and may be more convenient than separate user profiles. -A **device controller** app such as [Shelter](#recommended-apps) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. The work profile is dependent on a device controller to function. Features such as *File Shuttle* and *contact search blocking* or any kind of isolation features must be implemented by the controller. You must also fully trust the device controller app, as it has full access to your data inside of the work profile. diff --git a/i18n/tr/os/android-overview.md b/i18n/tr/os/android-overview.md index a78631a2..d0c88ecb 100644 --- a/i18n/tr/os/android-overview.md +++ b/i18n/tr/os/android-overview.md @@ -107,7 +107,7 @@ With user profiles, you can impose restrictions on a specific profile, such as: [Work Profiles](https://support.google.com/work/android/answer/6191949) are another way to isolate individual apps and may be more convenient than separate user profiles. -A **device controller** app such as [Shelter](#recommended-apps) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. The work profile is dependent on a device controller to function. Features such as *File Shuttle* and *contact search blocking* or any kind of isolation features must be implemented by the controller. You must also fully trust the device controller app, as it has full access to your data inside of the work profile. diff --git a/i18n/uk/os/android-overview.md b/i18n/uk/os/android-overview.md index f96281e1..8115242f 100644 --- a/i18n/uk/os/android-overview.md +++ b/i18n/uk/os/android-overview.md @@ -107,7 +107,7 @@ Quite a few applications allows you to "share" a file with them for media upload [Робочі профілі](https://support.google.com/work/android/answer/6191949) - це ще один спосіб ізоляції програм, який може бути зручнішим, ніж окремі профілі користувачів. -A **device controller** app such as [Shelter](#recommended-apps) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. Робочий профіль залежить від функціонування контролера пристрою. Такі функції як *Файловий шатл* та *блокування пошуку контактів* або будь-які інші функції ізоляції повинні бути реалізовані контролером. Коли вони не використовуються, ми рекомендуємо вимкнути їх. diff --git a/i18n/vi/os/android-overview.md b/i18n/vi/os/android-overview.md index 984df1e0..b33dea6d 100644 --- a/i18n/vi/os/android-overview.md +++ b/i18n/vi/os/android-overview.md @@ -107,7 +107,7 @@ With user profiles, you can impose restrictions on a specific profile, such as: [Work Profiles](https://support.google.com/work/android/answer/6191949) are another way to isolate individual apps and may be more convenient than separate user profiles. -A **device controller** app such as [Shelter](#recommended-apps) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. The work profile is dependent on a device controller to function. Features such as *File Shuttle* and *contact search blocking* or any kind of isolation features must be implemented by the controller. You must also fully trust the device controller app, as it has full access to your data inside of the work profile. diff --git a/i18n/zh-Hant/os/android-overview.md b/i18n/zh-Hant/os/android-overview.md index 5162a18b..8a0ee1cc 100644 --- a/i18n/zh-Hant/os/android-overview.md +++ b/i18n/zh-Hant/os/android-overview.md @@ -118,7 +118,7 @@ Android 13: [工作用設定檔](https://support.google.com/work/android/answer/6191949) 是另一個隔離個別應用的方法,也比單獨的用戶設定檔更為方便。 -**個裝置控制器** 個應用程式(例如 [Shelter](#recommended-apps) )需要在沒有企業MDM的情況下建立工作檔案,除非您使用自訂Android作業系統,其中包含一個。 +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. 工作配置檔需靠裝置控制器才能運作。 控制器必須實現 *File Shuttle* 和 *Contact Search Blocking* 等功能或任何類型的隔離功能。 您還必須完全信任設備控制器應用程序,因為它可以完全訪問工作配置文件中的數據。 diff --git a/i18n/zh/os/android-overview.md b/i18n/zh/os/android-overview.md index 58225369..bd389353 100644 --- a/i18n/zh/os/android-overview.md +++ b/i18n/zh/os/android-overview.md @@ -107,7 +107,7 @@ An app may request a permission for a specific feature it has. For example, any [工作配置文件](https://support.google.com/work/android/answer/6191949) 是隔离单个应用程序的另一种方式,可能比单独的用户配置文件更方便。 -在没有企业MDM的情况下,需要一个 **设备控制器** 应用程序,如 [Shelter](#recommended-apps) ,以创建一个工作档案,除非你使用的是包括一个自定义的Android操作系统。 +A **device controller** app such as [Shelter](../android.md#shelter) is required to create a Work Profile without an enterprise MDM, unless you're using a custom Android OS which includes one. 该工作档案依赖于设备控制器来运作。 诸如 *文件穿梭* 和 *接触搜索封锁* 或任何种类的隔离功能必须由控制器实现。 你还必须完全信任设备控制器应用程序,因为它可以完全访问你在工作档案中的数据。