mirror of
https://github.com/privacyguides/privacyguides.org.git
synced 2025-07-30 15:21:03 +00:00
New Crowdin Translations (#2088)
Signed-off-by: Daniel Gray <dngray@privacyguides.org>
This commit is contained in:
Crowdin Bot
@@ -16,9 +16,9 @@ ToS adalah peraturan yang Anda setujui untuk diikuti saat menggunakan layanan. P
|
||||
|
||||
Kebijakan Privasi adalah bagaimana layanan mengatakan bahwa mereka akan menggunakan data Anda dan perlu dibaca agar Anda memahami bagaimana data Anda akan digunakan. Perusahaan atau organisasi mungkin tidak diwajibkan secara hukum untuk mengikuti semua yang tercantum dalam kebijakan (tergantung pada yurisdiksi). Kami sarankan Anda mengetahui undang-undang setempat dan apa yang diizinkan oleh penyedia layanan untuk dikumpulkan.
|
||||
|
||||
Sebaiknya cari istilah-istilah tertentu seperti "pengumpulan data", "analisis data", "cookie", "iklan", atau layanan "pihak ketiga". Sometimes you will be able to opt-out from data collection or from sharing your data, but it is best to choose a service that respects your privacy from the start.
|
||||
Sebaiknya cari istilah-istilah tertentu seperti "pengumpulan data", "analisis data", "cookie", "iklan", atau layanan "pihak ketiga". Kadang-kadang Anda dapat memilih untuk tidak ikut serta dalam pengumpulan data atau membagikan data Anda, tetapi yang terbaik adalah memilih layanan yang menghormati privasi Anda sejak awal.
|
||||
|
||||
Keep in mind you're also placing your trust in the company or organization and that they will comply with their own privacy policy.
|
||||
Ingatlah bahwa Anda juga menaruh kepercayaan pada perusahaan atau organisasi tersebut dan bahwa mereka akan mematuhi kebijakan privasi mereka sendiri.
|
||||
|
||||
## Metode autentikasi
|
||||
|
||||
@@ -36,11 +36,11 @@ Anda akan bertanggung jawab untuk mengelola kredensial login Anda. Untuk keamana
|
||||
|
||||
[Pengelola kata sandi yang direkomendasikan](../passwords.md ""){.md-button}
|
||||
|
||||
#### Email aliases
|
||||
#### Alias surel
|
||||
|
||||
Jika Anda tidak ingin memberikan alamat email asli Anda ke layanan, Anda memiliki opsi untuk menggunakan alias. Kami menjelaskannya secara lebih rinci di halaman rekomendasi layanan email kami. Essentially, alias services allow you to generate new email addresses that forward all emails to your main address. Hal ini dapat membantu mencegah pelacakan di seluruh layanan dan membantu Anda mengelola email pemasaran yang terkadang menyertai proses pendaftaran. Semua itu dapat disaring secara otomatis berdasarkan alias yang dikirim.
|
||||
Jika Anda tidak ingin memberikan alamat surel asli Anda ke layanan, Anda memiliki opsi untuk menggunakan alias. Kami menjelaskannya secara lebih rinci di halaman rekomendasi layanan surel kami. Pada dasarnya, layanan alias memungkinkan Anda untuk membuat alamat surel baru yang meneruskan semua surel ke alamat utama Anda. Hal ini dapat membantu mencegah pelacakan di seluruh layanan dan membantu Anda mengelola surel pemasaran yang terkadang menyertai proses pendaftaran. Semua itu dapat disaring secara otomatis berdasarkan alias yang dikirim.
|
||||
|
||||
Jika layanan diretas, Anda mungkin akan mulai menerima email phishing atau spam ke alamat yang Anda gunakan untuk mendaftar. Using unique aliases for each service can assist in identifying exactly what service was hacked.
|
||||
Jika layanan diretas, Anda mungkin akan mulai menerima surel phishing atau spam ke alamat yang Anda gunakan untuk mendaftar. Using unique aliases for each service can assist in identifying exactly what service was hacked.
|
||||
|
||||
[Recommended email aliasing services](../email.md#email-aliasing-services ""){.md-button}
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
title: "Penghapusan Akun"
|
||||
icon: 'material/account-remove'
|
||||
description: It's easy to accumulate a large number of internet accounts, here are some tips on how to prune your collection.
|
||||
description: Sangat mudah untuk mengumpulkan sejumlah besar akun internet, berikut ini beberapa tips tentang cara memangkas koleksi Anda.
|
||||
---
|
||||
|
||||
Seiring waktu, mudah sekali untuk menumpuk sejumlah akun online, yang banyak di antaranya mungkin sudah tidak Anda gunakan lagi. Menghapus akun-akun yang tidak terpakai ini merupakan langkah penting untuk mendapatkan kembali privasi Anda, karena akun-akun yang tidak aktif rentan terhadap pelanggaran data. Pelanggaran data adalah ketika keamanan layanan terganggu dan informasi yang dilindungi dilihat, dikirim, atau dicuri oleh pihak yang tidak berwenang. Data breaches are unfortunately all [too common](https://haveibeenpwned.com/PwnedWebsites) these days, and so practicing good digital hygiene is the best way to minimize the impact they have on your life. The goal of this guide then is to help navigate you through the irksome process of account deletion, often made difficult by [deceptive design](https://www.deceptive.design/), for the betterment of your online presence.
|
||||
@@ -27,36 +27,36 @@ Platform desktop juga sering kali memiliki pengelola kata sandi yang dapat memba
|
||||
|
||||
### Email
|
||||
|
||||
Jika Anda tidak menggunakan pengelola kata sandi di masa lalu atau Anda merasa memiliki akun yang tidak pernah ditambahkan ke pengelola kata sandi Anda, opsi lainnya adalah mencari akun email yang Anda yakini telah Anda daftarkan. On your email client, search for keywords such as "verify" or "welcome." Almost every time you make an online account, the service will send a verification link or an introductory message to your email. This can be a good way to find old, forgotten accounts.
|
||||
Jika Anda tidak menggunakan pengelola kata sandi di masa lalu atau Anda merasa memiliki akun yang tidak pernah ditambahkan ke pengelola kata sandi Anda, opsi lainnya adalah mencari akun email yang Anda yakini telah Anda daftarkan. Pada klien email Anda, cari kata kunci seperti "verifikasi" atau "selamat datang". Hampir setiap kali Anda membuat akun daring, layanan akan mengirim tautan verifikasi atau pesan pengantar ke email Anda. This can be a good way to find old, forgotten accounts.
|
||||
|
||||
## Deleting Old Accounts
|
||||
## Menghapus Akun Lama
|
||||
|
||||
### Log In
|
||||
### Masuk
|
||||
|
||||
In order to delete your old accounts, you'll need to first make sure you can log in to them. Again, if the account was in your password manager, this step is easy. If not, you can try to guess your password. Failing that, there are typically options to regain access to your account, commonly available through a "forgot password" link on the login page. It may also be possible that accounts you've abandoned have already been deleted—sometimes services prune all old accounts.
|
||||
Untuk menghapus akun lama Anda, Anda harus terlebih dahulu memastikan bahwa Anda dapat masuk ke akun tersebut. Sekali lagi, jika akun tersebut ada di dalam pengelola kata sandi Anda, langkah ini mudah dilakukan. Jika tidak, Anda dapat mencoba menebak kata sandi Anda. Jika gagal, biasanya ada opsi untuk mendapatkan kembali akses ke akun Anda, biasanya tersedia melalui tautan "lupa kata sandi" pada halaman login. It may also be possible that accounts you've abandoned have already been deleted—sometimes services prune all old accounts.
|
||||
|
||||
When attempting to regain access, if the site returns an error message saying that email is not associated with an account, or you never receive a reset link after multiple attempts, then you do not have an account under that email address and should try a different one. If you can't figure out which email address you used, or you no longer have access to that email, you can try contacting the service's customer support. Unfortunately, there is no guarantee that you will be able to reclaim access your account.
|
||||
Ketika mencoba untuk mendapatkan kembali akses, jika situs mengembalikan pesan kesalahan yang mengatakan bahwa email tidak terkait dengan akun, atau Anda tidak pernah menerima tautan reset setelah beberapa kali mencoba, maka Anda tidak memiliki akun di bawah alamat email itu dan harus mencoba yang lain. Jika Anda tidak dapat menemukan alamat email yang Anda gunakan, atau Anda tidak lagi memiliki akses ke email tersebut, Anda dapat mencoba menghubungi dukungan pelanggan layanan ini. Sayangnya, tidak ada jaminan bahwa Anda akan dapat memperoleh kembali akses ke akun Anda.
|
||||
|
||||
### GDPR (EEA residents only)
|
||||
### GDPR (hanya untuk penduduk EEA)
|
||||
|
||||
Residents of the EEA have additional rights regarding data erasure specified in [Article 17](https://www.gdpr.org/regulation/article-17.html) of the GDPR. If it's applicable to you, read the privacy policy for any given service to find information on how to exercise your right to erasure. Reading the privacy policy can prove important, as some services have a "Delete Account" option that only disables your account and for real deletion you have to take additional action. Sometimes actual deletion may involve filling out surveys, emailing the data protection officer of the service or even proving your residence in the EEA. If you plan to go this way, do **not** overwrite account information—your identity as an EEA resident may be required. Note that the location of the service does not matter; GDPR applies to anyone serving European users. If the service does not respect your right to erasure, you can contact your national [Data Protection Authority](https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens/redress/what-should-i-do-if-i-think-my-personal-data-protection-rights-havent-been-respected_en) and you may be entitled to monetary compensation.
|
||||
Penduduk EEA memiliki hak tambahan terkait penghapusan data yang ditentukan dalam [Pasal 17](https://www.gdpr.org/regulation/article-17.html) GDPR. Jika itu berlaku untuk Anda, baca kebijakan privasi untuk setiap layanan yang diberikan untuk menemukan informasi tentang cara menggunakan hak Anda untuk menghapus. Membaca kebijakan privasi terbukti penting, karena beberapa layanan memiliki opsi "Hapus Akun" yang hanya menonaktifkan akun Anda dan untuk penghapusan yang sebenarnya Anda harus mengambil tindakan tambahan. Terkadang penghapusan yang sebenarnya mungkin melibatkan pengisian survei, mengirim email ke petugas perlindungan data layanan atau bahkan membuktikan tempat tinggal Anda di EEA. Jika Anda berencana untuk menggunakan cara ini,**jangan** menimpa informasi akun - identitas Anda sebagai penduduk EEA mungkin diperlukan. Perhatikan bahwa lokasi layanan tidak masalah; GDPR berlaku untuk siapa pun yang melayani pengguna Eropa. If the service does not respect your right to erasure, you can contact your national [Data Protection Authority](https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens/redress/what-should-i-do-if-i-think-my-personal-data-protection-rights-havent-been-respected_en) and you may be entitled to monetary compensation.
|
||||
|
||||
### Overwriting Account information
|
||||
|
||||
In some situations where you plan to abandon an account, it may make sense to overwrite the account information with fake data. Once you've made sure you can log in, change all the information in your account to falsified information. The reason for this is that many sites will retain information you previously had even after account deletion. The hope is that they will overwrite the previous information with the newest data you entered. However, there is no guarantee that there won't be backups with the prior information.
|
||||
Dalam beberapa situasi di mana Anda berencana untuk meninggalkan sebuah akun, mungkin masuk akal untuk menimpa informasi akun dengan data palsu. Setelah Anda memastikan bahwa Anda dapat masuk, ubah semua informasi di akun Anda menjadi informasi yang dipalsukan. Alasannya adalah karena banyak situs akan menyimpan informasi yang sebelumnya Anda miliki bahkan setelah penghapusan akun. Harapannya adalah mereka akan menimpa informasi sebelumnya dengan data terbaru yang Anda masukkan. Namun, tidak ada jaminan bahwa tidak akan ada backup dengan informasi sebelumnya.
|
||||
|
||||
For the account email, either create a new alternate email account via your provider of choice or create an alias using an [email aliasing service](../email.md#email-aliasing-services). You can then delete your alternate email address once you are done. We recommend against using temporary email providers, as oftentimes it is possible to reactivate temporary emails.
|
||||
For the account email, either create a new alternate email account via your provider of choice or create an alias using an [email aliasing service](../email.md#email-aliasing-services). Anda kemudian dapat menghapus alamat email alternatif Anda setelah Anda selesai. Kami menyarankan agar tidak menggunakan penyedia email sementara, karena seringkali dimungkinkan untuk mengaktifkan kembali email sementara.
|
||||
|
||||
### Delete
|
||||
|
||||
You can check [JustDeleteMe](https://justdeleteme.xyz) for instructions on deleting the account for a specific service. Some sites will graciously have a "Delete Account" option, while others will go as far as to force you to speak with a support agent. The deletion process can vary from site to site, with account deletion being impossible on some.
|
||||
Anda dapat memeriksa [JustDeleteMe](https://justdeleteme.xyz) untuk petunjuk tentang cara menghapus akun untuk layanan tertentu. Beberapa situs akan dengan ramah memiliki opsi "Hapus Akun ", sementara yang lain akan memaksa Anda untuk berbicara dengan agen dukungan. Proses penghapusan dapat bervariasi dari satu situs ke situs lainnya, dan penghapusan akun tidak dapat dilakukan di beberapa situs.
|
||||
|
||||
For services that don't allow account deletion, the best thing to do is falsify all your information as previously mentioned and strengthen account security. To do so, enable [MFA](multi-factor-authentication.md) and any extra security features offered. As well, change the password to a randomly-generated one that is the maximum allowed size (a [password manager](../passwords.md) can be useful for this).
|
||||
Untuk layanan yang tidak mengizinkan penghapusan akun, hal terbaik yang harus dilakukan adalah memalsukan semua informasi Anda seperti yang telah disebutkan sebelumnya dan memperkuat keamanan akun. Untuk melakukannya, aktifkan [MFA](multi-factor-authentication.md) dan fitur keamanan tambahan yang ditawarkan. Selain itu, ubah kata sandi menjadi kata sandi yang dibuat secara acak dengan ukuran maksimum yang diizinkan ([pengelola kata sandi](../passwords.md) dapat berguna untuk ini).
|
||||
|
||||
If you're satisfied that all information you care about is removed, you can safely forget about this account. If not, it might be a good idea to keep the credentials stored with your other passwords and occasionally re-login to reset the password.
|
||||
Jika Anda merasa puas bahwa semua informasi yang Anda pedulikan telah dihapus, Anda dapat melupakan akun ini dengan aman. Jika tidak, sebaiknya simpan kredensial dengan kata sandi Anda yang lain dan sesekali login ulang untuk mengatur ulang kata sandi.
|
||||
|
||||
Even when you are able to delete an account, there is no guarantee that all your information will be removed. In fact, some companies are required by law to keep certain information, particularly when related to financial transactions. It's mostly out of your control what happens to your data when it comes to websites and cloud services.
|
||||
Bahkan ketika Anda dapat menghapus akun, tidak ada jaminan bahwa semua informasi Anda akan dihapus. Bahkan, beberapa perusahaan diwajibkan oleh hukum untuk menyimpan informasi tertentu, terutama yang terkait dengan transaksi keuangan. Sebagian besar di luar kendali Anda atas apa yang terjadi pada data Anda ketika menyangkut situs web dan layanan cloud.
|
||||
|
||||
## Avoid New Accounts
|
||||
## Hindari Akun Baru
|
||||
|
||||
As the old saying goes, "an ounce of prevention is worth a pound of cure." Whenever you feel tempted to sign up for a new account, ask yourself, "Do I really need this? Can I accomplish what I need to without an account?" It can often be much harder to delete an account than to create one. And even after deleting or changing the info on your account, there might be a cached version from a third-party—like the [Internet Archive](https://archive.org/). Avoid the temptation when you're able to—your future self will thank you!
|
||||
Seperti kata pepatah lama, "satu ons pencegahan sebanding dengan satu pon pengobatan." Kapan pun Anda merasa tergoda untuk mendaftar akun baru, tanyakan pada diri sendiri, "Apakah saya benar-benar membutuhkan ini? Dapatkah saya menyelesaikan apa yang saya butuhkan tanpa akun?" Menghapus akun sering kali lebih sulit daripada membuat akun. Dan bahkan setelah menghapus atau mengubah informasi di akun Anda, mungkin ada versi cache dari pihak ketiga-seperti [Internet Archive](https://archive.org/). Avoid the temptation when you're able to—your future self will thank you!
|
||||
|
||||
@@ -1,41 +1,41 @@
|
||||
---
|
||||
title: Email Security
|
||||
title: Keamanan Email
|
||||
icon: material/email
|
||||
description: Email is inherently insecure in many ways, and these are some of the reasons it isn't our top choice for secure communications.
|
||||
description: Email pada dasarnya tidak aman dalam banyak hal, dan ini adalah beberapa alasan mengapa email bukanlah pilihan utama kami untuk komunikasi yang aman.
|
||||
---
|
||||
|
||||
Email is an insecure form of communication by default. You can improve your email security with tools such as OpenPGP, which add End-to-End Encryption to your messages, but OpenPGP still has a number of drawbacks compared to encryption in other messaging applications, and some email data can never be encrypted inherently due to how email is designed.
|
||||
Email adalah bentuk komunikasi yang tidak aman secara default. Anda bisa meningkatkan keamanan email Anda dengan alat seperti OpenPGP, yang menambahkan Enkripsi End-to-End pada pesan Anda, tetapi OpenPGP masih memiliki sejumlah kekurangan dibandingkan dengan enkripsi pada aplikasi perpesanan lainnya, dan beberapa data email tidak pernah bisa dienkripsi secara inheren karena bagaimana email dirancang.
|
||||
|
||||
As a result, email is best used for receiving transactional emails (like notifications, verification emails, password resets, etc.) from the services you sign up for online, not for communicating with others.
|
||||
Akibatnya, email paling baik digunakan untuk menerima email transaksional (seperti pemberitahuan, email verifikasi, pengaturan ulang kata sandi, dll.) dari layanan yang Anda daftarkan secara online, bukan untuk berkomunikasi dengan orang lain.
|
||||
|
||||
## Email Encryption Overview
|
||||
|
||||
The standard way to add E2EE to emails between different email providers is by using OpenPGP. There are different implementations of the OpenPGP standard, the most common being [GnuPG](https://en.wikipedia.org/wiki/GNU_Privacy_Guard) and [OpenPGP.js](https://openpgpjs.org).
|
||||
Cara standar untuk menambahkan E2EE ke email antara penyedia email yang berbeda adalah dengan menggunakan OpenPGP. Ada beberapa implementasi yang berbeda dari standar OpenPGP, yang paling umum adalah [GnuPG](https://en.wikipedia.org/wiki/GNU_Privacy_Guard) dan [OpenPGP.js](https://openpgpjs.org).
|
||||
|
||||
There is another standard which is popular with business called [S/MIME](https://en.wikipedia.org/wiki/S/MIME), however, it requires a certificate issued from a [Certificate Authority](https://en.wikipedia.org/wiki/Certificate_authority) (not all of them issue S/MIME certificates). It has support in [Google Workplace](https://support.google.com/a/topic/9061730?hl=en&ref_topic=9061731) and [Outlook for Web or Exchange Server 2016, 2019](https://support.office.com/en-us/article/encrypt-messages-by-using-s-mime-in-outlook-on-the-web-878c79fc-7088-4b39-966f-14512658f480).
|
||||
Ada standar lain yang populer di kalangan bisnis yang disebut [S/MIME](https://en.wikipedia.org/wiki/S/MIME), namun standar ini membutuhkan sertifikat yang dikeluarkan dari [Certificate Authority](https://en.wikipedia.org/wiki/Certificate_authority) (tidak semua dari mereka mengeluarkan sertifikat S/MIME). Ini memiliki dukungan di [Google Workplace](https://support.google.com/a/topic/9061730?hl=en&ref_topic=9061731) dan [Outlook untuk Web atau Exchange Server 2016, 2019](https://support.office.com/en-us/article/encrypt-messages-by-using-s-mime-in-outlook-on-the-web-878c79fc-7088-4b39-966f-14512658f480).
|
||||
|
||||
Even if you use OpenPGP, it does not support [forward secrecy](https://en.wikipedia.org/wiki/Forward_secrecy), which means if either your or the recipient's private key is ever stolen, all previous messages encrypted with it will be exposed. This is why we recommend [instant messengers](../real-time-communication.md) which implement forward secrecy over email for person-to-person communications whenever possible.
|
||||
Bahkan jika Anda menggunakan OpenPGP, ia tidak mendukung kerahasiaan [forward secrecy](https://en.wikipedia.org/wiki/Forward_secrecy), yang berarti jika kunci privat Anda atau penerima dicuri, semua pesan sebelumnya yang dienkripsi dengan kunci tersebut akan terekspos. Inilah sebabnya mengapa kami merekomendasikan [instant messenger](../real-time-communication.md) yang menerapkan kerahasiaan ke depan melalui email untuk komunikasi orang-ke-orang bila memungkinkan.
|
||||
|
||||
### What Email Clients Support E2EE?
|
||||
### Klien Email Apa yang Mendukung E2EE?
|
||||
|
||||
Email providers which allow you to use standard access protocols like IMAP and SMTP can be used with any of the [email clients we recommend](../email-clients.md). Depending on the authentication method, this may lead to the decrease security if either the provider or the email client does not support OATH or a bridge application as [multi-factor authentication](multi-factor-authentication.md) is not possible with plain password authentication.
|
||||
Penyedia email yang memungkinkan Anda menggunakan protokol akses standar seperti IMAP dan SMTP dapat digunakan dengan salah satu klien email [yang kami rekomendasikan](../email-clients.md). Tergantung pada metode otentikasi, ini dapat menyebabkan penurunan keamanan jika baik penyedia atau klien email tidak mendukung SUMPAH atau aplikasi jembatan sebagai [otentikasi multi-faktor](multi-factor-authentication.md) tidak mungkin dengan otentikasi kata sandi biasa.
|
||||
|
||||
### How Do I Protect My Private Keys?
|
||||
### Bagaimana Cara Melindungi Kunci Pribadi Saya?
|
||||
|
||||
A smartcard (such as a [Yubikey](https://support.yubico.com/hc/en-us/articles/360013790259-Using-Your-YubiKey-with-OpenPGP) or [Nitrokey](https://www.nitrokey.com)) works by receiving an encrypted email message from a device (phone, tablet, computer, etc) running an email/webmail client. The message is then decrypted by the smartcard and the decrypted content is sent back to the device.
|
||||
Smartcard (seperti [Yubikey](https://support.yubico.com/hc/en-us/articles/360013790259-Using-Your-YubiKey-with-OpenPGP) atau [Nitrokey](https://www.nitrokey.com)) bekerja dengan menerima pesan email terenkripsi dari perangkat (ponsel, tablet, komputer, dll) yang menjalankan klien email/webmail. Pesan tersebut kemudian didekripsi oleh smartcard dan konten yang telah didekripsi dikirim kembali ke perangkat.
|
||||
|
||||
It is advantageous for the decryption to occur on the smartcard so as to avoid possibly exposing your private key to a compromised device.
|
||||
Hal ini menguntungkan untuk dekripsi terjadi pada smartcard sehingga untuk menghindari kemungkinan mengekspos kunci pribadi Anda ke perangkat dikompromikan.
|
||||
|
||||
## Email Metadata Overview
|
||||
|
||||
Email metadata is stored in the [message header](https://en.wikipedia.org/wiki/Email#Message_header) of the email message and includes some visible headers that you may have seen such as: `To`, `From`, `Cc`, `Date`, `Subject`. There are also a number of hidden headers included by many email clients and providers that can reveal information about your account.
|
||||
Email metadata is stored in the [message header](https://en.wikipedia.org/wiki/Email#Message_header) of the email message and includes some visible headers that you may have seen such as: `To`, `From`, `Cc`, `Date`, `Subject`. Ada juga sejumlah header tersembunyi yang disertakan oleh banyak klien dan penyedia email yang dapat mengungkapkan informasi tentang akun Anda.
|
||||
|
||||
Client software may use email metadata to show who a message is from and what time it was received. Servers may use it to determine where an email message must be sent, among [other purposes](https://en.wikipedia.org/wiki/Email#Message_header) which are not always transparent.
|
||||
Perangkat lunak klien dapat menggunakan metadata email untuk menunjukkan dari siapa pesan itu berasal dan jam berapa diterima. Servers may use it to determine where an email message must be sent, among [other purposes](https://en.wikipedia.org/wiki/Email#Message_header) which are not always transparent.
|
||||
|
||||
### Who Can View Email Metadata?
|
||||
### Siapa yang Dapat Melihat Metadata Email?
|
||||
|
||||
Email metadata is protected from outside observers with [Opportunistic TLS](https://en.wikipedia.org/wiki/Opportunistic_TLS) protecting it from outside observers, but it is still able to be seen by your email client software (or webmail) and any servers relaying the message from you to any recipients including your email provider. Sometimes email servers will also use third-party services to protect against spam, which generally also have access to your messages.
|
||||
Metadata email dilindungi dari pengamat luar dengan [Opportunistic TLS](https://en.wikipedia.org/wiki/Opportunistic_TLS) melindunginya dari pengamat luar, tetapi masih dapat dilihat oleh perangkat lunak klien email Anda (atau webmail) dan server mana pun yang meneruskan pesan dari Anda ke penerima mana pun, termasuk penyedia email Anda. Terkadang server email juga akan menggunakan layanan pihak ketiga untuk melindungi dari spam, yang umumnya juga memiliki akses ke pesan Anda.
|
||||
|
||||
### Why Can't Metadata be E2EE?
|
||||
### Mengapa Metadata tidak bisa menjadi E2EE?
|
||||
|
||||
Email metadata is crucial to the most basic functionality of email (where it came from, and where it has to go). E2EE was not built into the email protocols originally, instead requiring add-on software like OpenPGP. Because OpenPGP messages still have to work with traditional email providers, it cannot encrypt email metadata, only the message body itself. That means that even when using OpenPGP, outside observers can see lots of information about your messages, such as who you're emailing, the subject lines, when you're emailing, etc.
|
||||
Email metadata is crucial to the most basic functionality of email (where it came from, and where it has to go). E2EE pada awalnya tidak dibangun ke dalam protokol email, melainkan membutuhkan perangkat lunak tambahan seperti OpenPGP. Karena pesan OpenPGP masih harus bekerja dengan penyedia email tradisional, ia tidak dapat mengenkripsi metadata email, hanya isi pesan itu sendiri. Itu berarti bahwa bahkan ketika menggunakan OpenPGP, pengamat luar dapat melihat banyak informasi tentang pesan Anda, seperti siapa yang Anda kirimi email, baris subjek, ketika Anda mengirim email, dll.
|
||||
|
||||
@@ -1,12 +1,12 @@
|
||||
---
|
||||
title: "Autentikasi Multifaktor"
|
||||
icon: 'material/two-factor-authentication'
|
||||
description: MFA is a critical security mechanism for securing your online accounts, but some methods are stronger than others.
|
||||
description: MFA adalah mekanisme keamanan penting untuk mengamankan akun online Anda, tetapi beberapa metode lebih kuat daripada yang lain.
|
||||
---
|
||||
|
||||
**Multi-Factor Authentication** (**MFA**) is a security mechanism that requires additional steps beyond entering your username (or email) and password. The most common method is time limited codes you might receive from SMS or an app.
|
||||
**Multi-Factor Authentication** (**MFA**) is a security mechanism that requires additional steps beyond entering your username (or email) and password. Metode yang paling umum adalah kode terbatas waktu yang mungkin Anda terima dari SMS atau aplikasi.
|
||||
|
||||
Normally, if a hacker (or adversary) is able to figure out your password then they’d gain access to the account that password belongs to. An account with MFA forces the hacker to have both the password (something you *know*) and a device that you own (something you *have*), like your phone.
|
||||
Biasanya, jika seorang peretas (atau musuh) dapat mengetahui kata sandi Anda, maka mereka akan mendapatkan akses ke akun milik kata sandi tersebut. An account with MFA forces the hacker to have both the password (something you *know*) and a device that you own (something you *have*), like your phone.
|
||||
|
||||
MFA methods vary in security, but are based on the premise that the more difficult it is for an attacker to gain access to your MFA method, the better. Examples of MFA methods (from weakest to strongest) include SMS, Email codes, app push notifications, TOTP, Yubico OTP and FIDO.
|
||||
|
||||
@@ -14,7 +14,7 @@ MFA methods vary in security, but are based on the premise that the more difficu
|
||||
|
||||
### SMS or Email MFA
|
||||
|
||||
Receiving OTP codes via SMS or email are one of the weaker ways to secure your accounts with MFA. Obtaining a code by email or SMS takes away from the "something you *have*" idea, because there are a variety of ways a hacker could [take over your phone number](https://en.wikipedia.org/wiki/SIM_swap_scam) or gain access to your email without having physical access to any of your devices at all. If an unauthorized person gained access to your email, they would be able to use that access to both reset your password and receive the authentication code, giving them full access to your account.
|
||||
Receiving OTP codes via SMS or email are one of the weaker ways to secure your accounts with MFA. Obtaining a code by email or SMS takes away from the "something you *have*" idea, because there are a variety of ways a hacker could [take over your phone number](https://en.wikipedia.org/wiki/SIM_swap_scam) or gain access to your email without having physical access to any of your devices at all. Jika orang yang tidak berwenang mendapatkan akses ke email Anda, mereka akan dapat menggunakan akses tersebut untuk mengatur ulang kata sandi dan menerima kode autentikasi, sehingga memberikan akses penuh ke akun Anda.
|
||||
|
||||
### Push Notifications
|
||||
|
||||
@@ -22,7 +22,7 @@ Push notification MFA takes the form of a message being sent to an app on your p
|
||||
|
||||
We all make mistakes, and there is the risk that you might accept the login attempt by accident. Push notification login authorizations are typically sent to *all* your devices at once, widening the availability of the MFA code if you have many devices.
|
||||
|
||||
The security of push notification MFA is dependent on both the quality of the app, the server component and the trust of the developer who produces it. Installing an app may also require you to accept invasive privileges that grant access to other data on your device. An individual app also requires that you have a specific app for each service which may not require a password to open, unlike a good TOTP generator app.
|
||||
The security of push notification MFA is dependent on both the quality of the app, the server component and the trust of the developer who produces it. Menginstal aplikasi mungkin juga mengharuskan Anda untuk menerima hak istimewa invasif yang memberikan akses ke data lain pada perangkat Anda. An individual app also requires that you have a specific app for each service which may not require a password to open, unlike a good TOTP generator app.
|
||||
|
||||
### Time-based One-time Password (TOTP)
|
||||
|
||||
|
||||
@@ -1,46 +1,46 @@
|
||||
---
|
||||
title: "Introduction to Passwords"
|
||||
title: "Pengantar Kata Sandi"
|
||||
icon: 'material/form-textbox-password'
|
||||
description: These are some tips and tricks on how to create the strongest passwords and keep your accounts secure.
|
||||
description: Berikut ini adalah beberapa tips dan trik tentang cara membuat kata sandi terkuat dan menjaga akun Anda tetap aman.
|
||||
---
|
||||
|
||||
Passwords are an essential part of our everyday digital lives. We use them to protect our accounts, our devices and our secrets. Despite often being the only thing between us and an adversary who's after our private information, not a lot of thought is put into them, which often leads to people using passwords that can be easily guessed or brute-forced.
|
||||
Kata sandi adalah bagian penting dari kehidupan digital kita sehari-hari. Kami menggunakannya untuk melindungi akun, perangkat, dan rahasia kami. Meskipun sering kali menjadi satu-satunya hal antara kita dan musuh yang mengincar informasi pribadi kita, tidak banyak yang memikirkannya, yang sering kali membuat orang menggunakan kata sandi yang dapat dengan mudah ditebak atau dipaksakan.
|
||||
|
||||
## Best Practices
|
||||
## Praktik Terbaik
|
||||
|
||||
### Use unique passwords for every service
|
||||
### Gunakan kata sandi yang unik untuk setiap layanan
|
||||
|
||||
Imagine this; you sign up for an account with the same e-mail and password on multiple online services. If one of those service providers is malicious, or their service has a data breach that exposes your password in an unencrypted format, all a bad actor would have to do is try that e-mail and password combination across multiple popular services until they get a hit. It doesn't matter how strong that one password is, because they already have it.
|
||||
Bayangkan ini; Anda mendaftar untuk akun dengan email dan kata sandi yang sama pada beberapa layanan daring. Jika salah satu dari penyedia layanan tersebut jahat, atau layanan mereka mengalami pembobolan data yang mengekspos kata sandi Anda dalam format yang tidak terenkripsi, maka yang harus dilakukan oleh pelaku kejahatan adalah mencoba kombinasi email dan kata sandi tersebut pada beberapa layanan populer hingga berhasil. Tidak masalah seberapa kuat satu kata sandi itu, karena mereka sudah memilikinya.
|
||||
|
||||
This is called [credential stuffing](https://en.wikipedia.org/wiki/Credential_stuffing), and it is one of the most common ways that your accounts can be compromised by bad actors. To avoid this, make sure that you never re-use your passwords.
|
||||
Ini disebut [credential stuffing](https://en.wikipedia.org/wiki/Credential_stuffing), dan merupakan salah satu cara paling umum akun Anda dapat disusupi oleh pihak-pihak yang tidak bertanggung jawab. To avoid this, make sure that you never re-use your passwords.
|
||||
|
||||
### Use randomly generated passwords
|
||||
### Gunakan kata sandi yang dibuat secara acak
|
||||
|
||||
==You should **never** rely on yourself to come up with a good password.== We recommend using [randomly generated passwords](#passwords) or [diceware passphrases](#diceware-passphrases) with sufficient entropy to protect your accounts and devices.
|
||||
|
||||
All of our [recommended password managers](../passwords.md) include a built-in password generator that you can use.
|
||||
Semua [pengelola kata sandi yang kami rekomendasikan](../passwords.md) menyertakan pembuat kata sandi bawaan yang dapat Anda gunakan.
|
||||
|
||||
### Rotating Passwords
|
||||
### Memutar Kata Sandi
|
||||
|
||||
You should avoid changing passwords that you have to remember (such as your password manager's master password) too often unless you have reason to believe it has been compromised, as changing it too often exposes you to the risk of forgetting it.
|
||||
|
||||
When it comes to passwords that you don't have to remember (such as passwords stored inside your password manager), if your [threat model](threat-modeling.md) calls for it, we recommend going through important accounts (especially accounts that don't use multi-factor authentication) and changing their password every couple of months, in case they have been compromised in a data breach that hasn't become public yet. Most password managers allow you to set an expiry date for your password to make this easier to manage.
|
||||
When it comes to passwords that you don't have to remember (such as passwords stored inside your password manager), if your [threat model](threat-modeling.md) calls for it, we recommend going through important accounts (especially accounts that don't use multi-factor authentication) and changing their password every couple of months, in case they have been compromised in a data breach that hasn't become public yet. Sebagian besar pengelola kata sandi memungkinkan Anda untuk mengatur tanggal kedaluwarsa untuk kata sandi Anda agar lebih mudah dikelola.
|
||||
|
||||
!!! tip "Checking for data breaches"
|
||||
!!! tip "Memeriksa pelanggaran data"
|
||||
|
||||
If your password manager lets you check for compromised passwords, make sure to do so and promptly change any password that may have been exposed in a data breach. Alternatively, you could follow [Have I Been Pwned's Latest Breaches feed](https://feeds.feedburner.com/HaveIBeenPwnedLatestBreaches) with the help of a [news aggregator](../news-aggregators.md).
|
||||
If your password manager lets you check for compromised passwords, make sure to do so and promptly change any password that may have been exposed in a data breach. Sebagai alternatif, Anda dapat mengikuti [Have I Been Pwned's Latest Breaches feed](https://feeds.feedburner.com/HaveIBeenPwnedLatestBreaches) dengan bantuan [news aggregator](../news-aggregators.md).
|
||||
|
||||
## Creating strong passwords
|
||||
## Membuat kata sandi yang kuat
|
||||
|
||||
### Passwords
|
||||
### Kata sandi
|
||||
|
||||
A lot of services impose certain criteria when it comes to passwords, including a minimum or maximum length, as well as which special characters, if any, can be used. You should use your password manager's built-in password generator to create passwords that are as long and complex as the service will allow by including capitalized and lowercase letters, numbers and special characters.
|
||||
Banyak layanan yang memberlakukan kriteria tertentu dalam hal kata sandi, termasuk panjang minimum atau maksimum, serta karakter khusus apa saja, jika ada, yang dapat digunakan. You should use your password manager's built-in password generator to create passwords that are as long and complex as the service will allow by including capitalized and lowercase letters, numbers and special characters.
|
||||
|
||||
If you need a password you can memorize, we recommend a [diceware passphrase](#diceware-passphrases).
|
||||
Jika Anda memerlukan kata sandi yang dapat Anda hafal, kami merekomendasikan [kata sandi diceware](#diceware-passphrases).
|
||||
|
||||
### Diceware Passphrases
|
||||
|
||||
Diceware is a method for creating passphrases which are easy to remember, but hard to guess.
|
||||
Diceware adalah sebuah metode untuk membuat kata sandi yang mudah diingat, tetapi sulit ditebak.
|
||||
|
||||
Diceware passphrases are a great option when you need to memorize or manually input your credentials, such as for your password manager's master password or your device's encryption password.
|
||||
|
||||
@@ -48,19 +48,19 @@ An example of a diceware passphrase is `viewable fastness reluctant squishy seve
|
||||
|
||||
To generate a diceware passphrase using real dice, follow these steps:
|
||||
|
||||
!!! note
|
||||
!!! catatan
|
||||
|
||||
These instructions assume that you are using [EFF's large wordlist](https://www.eff.org/files/2016/07/18/eff_large_wordlist.txt) to generate the passphrase, which requires five dice rolls per word. Other wordlists may require more or less rolls per word, and may require a different amount of words to achieve the same entropy.
|
||||
|
||||
1. Roll a six-sided die five times, noting down the number after each roll.
|
||||
1. Lempar dadu enam sisi sebanyak lima kali, catat nomornya setelah setiap lemparan.
|
||||
|
||||
2. As an example, let's say you rolled `2-5-2-6-6`. Look through the [EFF's large wordlist](https://www.eff.org/files/2016/07/18/eff_large_wordlist.txt) for the word that corresponds to `25266`.
|
||||
|
||||
3. You will find the word `encrypt`. Write that word down.
|
||||
3. Anda akan menemukan kata `mengenkripsi`. Tuliskan kata itu.
|
||||
|
||||
4. Repeat this process until your passphrase has as many words as you need, which you should separate with a space.
|
||||
4. Ulangi proses ini hingga kata sandi Anda memiliki kata sebanyak yang Anda butuhkan, yang harus Anda pisahkan dengan spasi.
|
||||
|
||||
!!! warning "Important"
|
||||
!!! peringatan "Penting"
|
||||
|
||||
You should **not** re-roll words until you get a combination of words that appeal to you. The process should be completely random.
|
||||
|
||||
@@ -68,7 +68,7 @@ If you don't have access to or would prefer to not use real dice, you can use yo
|
||||
|
||||
We recommend using [EFF's large wordlist](https://www.eff.org/files/2016/07/18/eff_large_wordlist.txt) to generate your diceware passphrases, as it offers the exact same security as the original list, while containing words that are easier to memorize. There are also [other wordlists in different languages](https://theworld.com/~reinhold/diceware.html#Diceware%20in%20Other%20Languages|outline), if you do not want your passphrase to be in English.
|
||||
|
||||
??? note "Explanation of entropy and strength of diceware passphrases"
|
||||
??? catatan "Penjelasan tentang entropi dan kekuatan frasa sandi diceware"
|
||||
|
||||
To demonstrate how strong diceware passphrases are, we'll use the aforementioned seven word passphrase (`viewable fastness reluctant squishy seventeen shown pencil`) and [EFF's large wordlist](https://www.eff.org/files/2016/07/18/eff_large_wordlist.txt) as an example.
|
||||
|
||||
@@ -82,30 +82,30 @@ We recommend using [EFF's large wordlist](https://www.eff.org/files/2016/07/18/e
|
||||
|
||||
On average, it takes trying 50% of all the possible combinations to guess your phrase. With that in mind, even if your adversary is capable of ~1,000,000,000,000 guesses per second, it would still take them ~27,255,689 years to guess your passphrase. That is the case even if the following things are true:
|
||||
|
||||
- Your adversary knows that you used the diceware method.
|
||||
- Your adversary knows the specific wordlist that you used.
|
||||
- Your adversary knows how many words your passphrase contains.
|
||||
- Musuh Anda tahu bahwa Anda menggunakan metode diceware.
|
||||
- Musuh Anda mengetahui daftar kata tertentu yang Anda gunakan.
|
||||
- Musuh Anda mengetahui berapa banyak kata yang terkandung dalam kata sandi Anda.
|
||||
|
||||
To sum it up, diceware passphrases are your best option when you need something that is both easy to remember *and* exceptionally strong.
|
||||
Singkatnya, kata sandi diceware adalah pilihan terbaik Anda ketika Anda membutuhkan sesuatu yang mudah diingat *dan* sangat kuat.
|
||||
|
||||
## Storing Passwords
|
||||
## Menyimpan Kata Sandi
|
||||
|
||||
### Password Managers
|
||||
### Pengelola Kata Sandi
|
||||
|
||||
The best way to store your passwords is by using a password manager. They allow you to store your passwords in a file or in the cloud and protect them with a single master password. That way, you will only have to remember one strong password, which lets you access the rest of them.
|
||||
Cara terbaik untuk menyimpan kata sandi Anda adalah dengan menggunakan pengelola kata sandi. They allow you to store your passwords in a file or in the cloud and protect them with a single master password. Dengan begitu, Anda hanya perlu mengingat satu kata sandi yang kuat, yang memungkinkan Anda mengakses kata sandi lainnya.
|
||||
|
||||
There are many good options to choose from, both cloud-based and local. Choose one of our recommended password managers and use it to establish strong passwords across all of your accounts. We recommend securing your password manager with a [diceware passphrase](#diceware-passphrases) comprised of at least seven words.
|
||||
There are many good options to choose from, both cloud-based and local. Pilih salah satu pengelola kata sandi yang kami rekomendasikan dan gunakan untuk membuat kata sandi yang kuat di semua akun Anda. We recommend securing your password manager with a [diceware passphrase](#diceware-passphrases) comprised of at least seven words.
|
||||
|
||||
[List of recommended password managers](../passwords.md ""){.md-button}
|
||||
[Daftar pengelola kata sandi yang direkomendasikan](../passwords.md ""){.md-button}
|
||||
|
||||
!!! warning "Don't place your passwords and TOTP tokens inside the same password manager"
|
||||
!!! peringatan "Jangan letakkan kata sandi dan token TOTP Anda di dalam pengelola kata sandi yang sama"
|
||||
|
||||
When using TOTP codes as [multi-factor authentication](../multi-factor-authentication.md), the best security practice is to keep your TOTP codes in a [separate app](../multi-factor-authentication.md#authenticator-apps).
|
||||
|
||||
Storing your TOTP tokens in the same place as your passwords, while convenient, reduces the accounts to a single factor in the event that an adversary gains access to your password manager.
|
||||
|
||||
Furthermore, we do not recommend storing single-use recovery codes in your password manager. Those should be stored separately such as in an encrypted container on an offline storage device.
|
||||
Selain itu, kami tidak menyarankan untuk menyimpan kode pemulihan sekali pakai di pengelola kata sandi Anda. Data tersebut harus disimpan secara terpisah, misalnya dalam wadah terenkripsi pada perangkat penyimpanan offline.
|
||||
|
||||
### Backups
|
||||
### Cadangan
|
||||
|
||||
You should store an [encrypted](../encryption.md) backup of your passwords on multiple storage devices or a cloud storage provider. This can help you access your passwords if something happens to your primary device or the service you are using.
|
||||
You should store an [encrypted](../encryption.md) backup of your passwords on multiple storage devices or a cloud storage provider. Hal ini dapat membantu Anda mengakses kata sandi jika terjadi sesuatu pada perangkat utama atau layanan yang Anda gunakan.
|
||||
|
||||
@@ -1,110 +1,110 @@
|
||||
---
|
||||
title: "Threat Modeling"
|
||||
icon: 'material/target-account'
|
||||
description: Balancing security, privacy, and usability is one of the first and most difficult tasks you'll face on your privacy journey.
|
||||
description: Menyeimbangkan keamanan, privasi, dan kegunaan adalah salah satu tugas pertama dan paling sulit yang akan Anda hadapi dalam perjalanan privasi Anda.
|
||||
---
|
||||
|
||||
Balancing security, privacy, and usability is one of the first and most difficult tasks you'll face on your privacy journey. Everything is a trade-off: The more secure something is, the more restricting or inconvenient it generally is, etc. Often, people find that the problem with the tools they see recommended is that they're just too hard to start using!
|
||||
Menyeimbangkan keamanan, privasi, dan kegunaan adalah salah satu tugas pertama dan paling sulit yang akan Anda hadapi dalam perjalanan privasi Anda. Everything is a trade-off: The more secure something is, the more restricting or inconvenient it generally is, etc. Sering kali, orang menemukan bahwa masalah dengan alat yang mereka lihat direkomendasikan adalah bahwa alat tersebut terlalu sulit untuk mulai digunakan!
|
||||
|
||||
If you wanted to use the **most** secure tools available, you'd have to sacrifice *a lot* of usability. And, even then, ==nothing is ever fully secure.== There's **high** security, but never **full** security. That's why threat models are important.
|
||||
Jika Anda ingin menggunakan **sebagian besar** alat aman yang tersedia, Anda harus mengorbankan *banyak* kegunaan. And, even then, ==nothing is ever fully secure.== There's **high** security, but never **full** security. Itulah mengapa model ancaman itu penting.
|
||||
|
||||
**So, what are these threat models, anyway?**
|
||||
**Jadi, apa saja model ancaman ini?**
|
||||
|
||||
==A threat model is a list of the most probable threats to your security and privacy endeavors.== Since it's impossible to protect yourself against **every** attack(er), you should focus on the **most probable** threats. In computer security, a threat is an event that could undermine your efforts to stay private and secure.
|
||||
==A threat model is a list of the most probable threats to your security and privacy endeavors.== Since it's impossible to protect yourself against **every** attack(er), you should focus on the **most probable** threats. Dalam keamanan komputer, ancaman adalah peristiwa yang dapat merusak upaya Anda untuk tetap pribadi dan aman.
|
||||
|
||||
Focusing on the threats that matter to you narrows down your thinking about the protection you need, so you can choose the tools that are right for the job.
|
||||
|
||||
## Creating Your Threat Model
|
||||
|
||||
To identify what could happen to the things you value and determine from whom you need to protect them, you should answer these five questions:
|
||||
Untuk mengidentifikasi apa yang dapat terjadi pada hal-hal yang Anda hargai dan menentukan siapa yang perlu Anda lindungi, Anda harus menjawab lima pertanyaan berikut:
|
||||
|
||||
1. What do I want to protect?
|
||||
2. Who do I want to protect it from?
|
||||
3. How likely is it that I will need to protect it?
|
||||
4. How bad are the consequences if I fail?
|
||||
5. How much trouble am I willing to go through to try to prevent potential consequences?
|
||||
1. Apa yang ingin saya lindungi?
|
||||
2. Dari siapa saya ingin melindunginya?
|
||||
3. Seberapa besar kemungkinan saya perlu melindunginya?
|
||||
4. Seberapa buruk konsekuensinya jika saya gagal?
|
||||
5. Seberapa besar masalah yang ingin saya hadapi untuk mencoba mencegah konsekuensi yang mungkin terjadi?
|
||||
|
||||
### What do I want to protect?
|
||||
### Apa yang ingin saya lindungi?
|
||||
|
||||
An “asset” is something you value and want to protect. In the context of digital security, ==an asset is usually some kind of information.== For example, your emails, contact lists, instant messages, location, and files are all possible assets. Your devices themselves may also be assets.
|
||||
"Aset" adalah sesuatu yang Anda hargai dan ingin Anda lindungi. Dalam konteks keamanan digital, ==aset biasanya berupa beberapa jenis informasi.== Misalnya, email, daftar kontak, pesan instan, lokasi, dan file Anda adalah aset yang mungkin. Perangkat Anda sendiri juga bisa menjadi aset.
|
||||
|
||||
*Make a list of your assets: data that you keep, where it's kept, who has access to it, and what stops others from accessing it.*
|
||||
*Buatlah daftar aset Anda: data yang Anda simpan, di mana data tersebut disimpan, siapa yang memiliki akses ke data tersebut, dan apa yang mencegah orang lain untuk mengaksesnya.*
|
||||
|
||||
### Who do I want to protect it from?
|
||||
### Dari siapa saya ingin melindunginya?
|
||||
|
||||
To answer this question, it's important to identify who might want to target you or your information. ==A person or entity that poses a threat to your assets is an “adversary”.== Examples of potential adversaries are your boss, your former partner, your business competition, your government, or a hacker on a public network.
|
||||
Untuk menjawab pertanyaan ini, penting untuk mengidentifikasi siapa yang mungkin ingin menargetkan Anda atau informasi Anda. ==Seseorang atau entitas yang menjadi ancaman bagi aset Anda adalah "musuh".== Contoh musuh potensial adalah atasan Anda, mantan mitra Anda, pesaing bisnis Anda, pemerintah Anda, atau peretas di jaringan publik.
|
||||
|
||||
*Make a list of your adversaries or those who might want to get ahold of your assets. Your list may include individuals, a government agency, or corporations.*
|
||||
*Buatlah daftar musuh Anda atau mereka yang mungkin ingin mendapatkan aset Anda. Daftar Anda dapat mencakup individu, lembaga pemerintah, atau perusahaan.*
|
||||
|
||||
Depending on who your adversaries are, under some circumstances, this list might be something you want to destroy after you're done security planning.
|
||||
Tergantung pada siapa musuh Anda, dalam beberapa keadaan, daftar ini mungkin sesuatu yang ingin Anda hancurkan setelah Anda selesai merencanakan keamanan.
|
||||
|
||||
### How likely is it that I will need to protect it?
|
||||
### Seberapa besar kemungkinan saya perlu melindunginya?
|
||||
|
||||
==Risk is the likelihood that a particular threat against a particular asset will actually occur.== It goes hand-in-hand with capability. While your mobile phone provider has the capability to access all of your data, the risk of them posting your private data online to harm your reputation is low.
|
||||
==Risiko adalah kemungkinan bahwa ancaman tertentu terhadap aset tertentu akan benar-benar terjadi.== Hal ini sejalan dengan kemampuan. Meskipun penyedia ponsel Anda memiliki kemampuan untuk mengakses semua data Anda, risiko mereka memposting data pribadi Anda secara online untuk merusak reputasi Anda adalah rendah.
|
||||
|
||||
It is important to distinguish between what might happen and the probability it may happen. For instance, there is a threat that your building might collapse, but the risk of this happening is far greater in San Francisco (where earthquakes are common) than in Stockholm (where they are not).
|
||||
Penting untuk membedakan antara apa yang mungkin terjadi dan probabilitas yang mungkin terjadi. Misalnya, ada ancaman bahwa bangunan Anda mungkin runtuh, tetapi risiko ini terjadi jauh lebih besar di San Francisco (di mana gempa bumi biasa terjadi) daripada di Stockholm (di mana mereka tidak).
|
||||
|
||||
Assessing risks is both a personal and subjective process. Many people find certain threats unacceptable, no matter the likelihood they will occur, because the mere presence of the threat is not worth the cost. In other cases, people disregard high risks because they don't view the threat as a problem.
|
||||
Menilai risiko adalah proses pribadi dan subjektif. Banyak orang yang menganggap ancaman tertentu tidak dapat diterima, tidak peduli seberapa besar kemungkinannya, karena keberadaan ancaman tersebut tidak sebanding dengan biayanya. Dalam kasus lain, orang mengabaikan risiko tinggi karena mereka tidak melihat ancaman tersebut sebagai masalah.
|
||||
|
||||
*Write down which threats you are going to take seriously, and which may be too rare or too harmless (or too difficult to combat) to worry about.*
|
||||
*Tuliskan ancaman mana yang akan Anda anggap serius, dan mana yang mungkin terlalu jarang atau tidak berbahaya (atau terlalu sulit untuk dilawan) untuk dikhawatirkan.*
|
||||
|
||||
### How bad are the consequences if I fail?
|
||||
### Seberapa buruk konsekuensinya jika saya gagal?
|
||||
|
||||
There are many ways that an adversary could gain access to your data. For example, an adversary can read your private communications as they pass through the network, or they can delete or corrupt your data.
|
||||
Ada banyak cara yang dapat dilakukan oleh musuh untuk mendapatkan akses ke data Anda. Misalnya, musuh dapat membaca komunikasi pribadi Anda saat mereka melewati jaringan, atau mereka dapat menghapus atau merusak data Anda.
|
||||
|
||||
==The motives of adversaries differ widely, as do their tactics.== A government trying to prevent the spread of a video showing police violence may be content to simply delete or reduce the availability of that video. In contrast, a political opponent may wish to gain access to secret content and publish that content without you knowing.
|
||||
==Motif pihak-pihak yang berseteru sangat beragam, begitu pula taktik mereka.== Pemerintah yang berusaha mencegah penyebaran video yang menunjukkan kekerasan polisi mungkin akan puas dengan menghapus atau mengurangi ketersediaan video tersebut. Sebaliknya, lawan politik mungkin ingin mendapatkan akses ke konten rahasia dan mempublikasikan konten itu tanpa Anda sadari.
|
||||
|
||||
Security planning involves understanding how bad the consequences could be if an adversary successfully gains access to one of your assets. To determine this, you should consider the capability of your adversary. For example, your mobile phone provider has access to all of your phone records. A hacker on an open Wi-Fi network can access your unencrypted communications. Your government might have stronger capabilities.
|
||||
Perencanaan keamanan melibatkan pemahaman tentang seberapa buruk konsekuensi yang bisa terjadi jika musuh berhasil mendapatkan akses ke salah satu aset Anda. Untuk menentukan ini, Anda harus mempertimbangkan kemampuan lawan Anda. Misalnya, penyedia ponsel Anda memiliki akses ke semua catatan telepon Anda. Peretas di jaringan Wi-Fi terbuka dapat mengakses komunikasi Anda yang tidak terenkripsi. Pemerintah Anda mungkin memiliki kemampuan yang lebih kuat.
|
||||
|
||||
*Write down what your adversary might want to do with your private data.*
|
||||
*Tuliskan apa yang mungkin ingin dilakukan lawan Anda dengan data pribadi Anda.*
|
||||
|
||||
### How much trouble am I willing to go through to try to prevent potential consequences?
|
||||
### Seberapa besar masalah yang ingin saya hadapi untuk mencoba mencegah konsekuensi yang mungkin terjadi?
|
||||
|
||||
==There is no perfect option for security.== Not everyone has the same priorities, concerns, or access to resources. Your risk assessment will allow you to plan the right strategy for you, balancing convenience, cost, and privacy.
|
||||
==Tidak ada pilihan yang sempurna untuk keamanan.== Tidak semua orang memiliki prioritas, kekhawatiran, atau akses yang sama ke sumber daya. Penilaian risiko Anda akan memungkinkan Anda untuk merencanakan strategi yang tepat untuk Anda, dengan menyeimbangkan kenyamanan, biaya, dan privasi.
|
||||
|
||||
For example, an attorney representing a client in a national security case may be willing to go to greater lengths to protect communications about that case, such as using encrypted email, than a mother who regularly emails her daughter funny cat videos.
|
||||
|
||||
*Write down what options you have available to you to help mitigate your unique threats. Note if you have any financial constraints, technical constraints, or social constraints.*
|
||||
*Tuliskan pilihan apa saja yang tersedia bagi Anda untuk membantu mengurangi ancaman unik Anda. Perhatikan jika Anda memiliki kendala keuangan, kendala teknis, atau kendala sosial.*
|
||||
|
||||
### Try it yourself: Protecting Your Belongings
|
||||
### Cobalah sendiri: Melindungi Barang Milik Anda
|
||||
|
||||
These questions can apply to a wide variety of situations, online and offline. As a generic demonstration of how these questions work, let's build a plan to keep your house and possessions safe.
|
||||
Pertanyaan-pertanyaan ini dapat diterapkan pada berbagai situasi, baik online maupun offline. Sebagai demonstrasi umum tentang bagaimana pertanyaan-pertanyaan ini bekerja, mari kita buat rencana untuk menjaga rumah dan harta benda Anda tetap aman.
|
||||
|
||||
**What do you want to protect? (Or, *what do you have that is worth protecting?*)**
|
||||
**Apa yang ingin Anda lindungi? (Atau, *apa yang Anda miliki yang layak dilindungi?*)**
|
||||
:
|
||||
|
||||
Your assets might include jewelry, electronics, important documents, or photos.
|
||||
Aset Anda mungkin termasuk perhiasan, barang elektronik, dokumen penting, atau foto.
|
||||
|
||||
**Who do you want to protect it from?**
|
||||
**Anda ingin melindunginya dari siapa?**
|
||||
:
|
||||
|
||||
Your adversaries might include burglars, roommates, or guests.
|
||||
Musuh Anda mungkin termasuk pencuri, teman sekamar, atau tamu.
|
||||
|
||||
**How likely is it that you will need to protect it?**
|
||||
**Seberapa besar kemungkinan Anda perlu melindunginya?**
|
||||
:
|
||||
|
||||
Does your neighborhood have a history of burglaries? How trustworthy are your roommates or guests? What are the capabilities of your adversaries? What are the risks you should consider?
|
||||
Apakah lingkungan Anda memiliki riwayat pencurian? Seberapa tepercaya teman sekamar atau tamu Anda? Apa saja kemampuan musuh Anda? Apa saja risiko yang harus Anda pertimbangkan?
|
||||
|
||||
**How bad are the consequences if you fail?**
|
||||
**Seberapa buruk konsekuensinya jika Anda gagal?**
|
||||
:
|
||||
|
||||
Do you have anything in your house that you cannot replace? Do you have the time or money to replace those things? Do you have insurance that covers goods stolen from your home?
|
||||
Apakah Anda memiliki sesuatu di rumah Anda yang tidak dapat Anda ganti? Apakah Anda punya waktu atau uang untuk mengganti barang-barang tersebut? Apakah Anda memiliki asuransi yang menanggung barang yang dicuri dari rumah Anda?
|
||||
|
||||
**How much trouble are you willing to go through to prevent these consequences?**
|
||||
**Seberapa besar masalah yang ingin Anda hadapi untuk mencegah konsekuensi ini?**
|
||||
:
|
||||
|
||||
Are you willing to buy a safe for sensitive documents? Can you afford to buy a high-quality lock? Do you have time to open a security box at your local bank and keep your valuables there?
|
||||
Apakah Anda bersedia membeli brankas untuk dokumen sensitif? Apakah Anda mampu membeli kunci berkualitas tinggi? Apakah Anda memiliki waktu untuk membuka kotak penyimpanan di bank setempat dan menyimpan barang berharga Anda di sana?
|
||||
|
||||
Only once you have asked yourself these questions will you be in a position to assess what measures to take. If your possessions are valuable, but the probability of a break-in is low, then you may not want to invest too much money in a lock. But, if the probability of a break-in is high, you'll want to get the best lock on the market and consider adding a security system.
|
||||
Hanya setelah Anda mengajukan pertanyaan-pertanyaan ini kepada diri Anda sendiri, Anda akan dapat menilai tindakan apa yang harus diambil. Jika harta benda Anda berharga, tetapi kemungkinan pembobolan rendah, maka Anda mungkin tidak ingin menginvestasikan terlalu banyak uang untuk sebuah kunci. Namun, jika kemungkinan terjadinya pembobolan cukup besar, Anda sebaiknya membeli kunci terbaik di pasaran dan mempertimbangkan untuk menambahkan sistem keamanan.
|
||||
|
||||
Making a security plan will help you to understand the threats that are unique to you and to evaluate your assets, your adversaries, and your adversaries' capabilities, along with the likelihood of risks you face.
|
||||
Membuat rencana keamanan akan membantu Anda memahami ancaman yang unik bagi Anda dan mengevaluasi aset Anda, musuh Anda, dan kemampuan musuh Anda, serta kemungkinan risiko yang Anda hadapi.
|
||||
|
||||
## Bacaan Lebih Lanjut
|
||||
|
||||
For people looking to increase their privacy and security online, we've compiled a list of common threats our visitors face or goals our visitors have, to give you some inspiration and demonstrate the basis of our recommendations.
|
||||
Bagi orang-orang yang ingin meningkatkan privasi dan keamanan daring mereka, kami telah menyusun daftar ancaman umum yang dihadapi pengunjung kami atau tujuan yang dimiliki pengunjung kami, untuk memberi Anda beberapa inspirasi dan menunjukkan dasar rekomendasi kami.
|
||||
|
||||
- [Common Goals and Threats :material-arrow-right-drop-circle:](common-threats.md)
|
||||
- [Tujuan dan Ancaman Umum :material-arrow-right-drop-circle:](common-threats.md)
|
||||
|
||||
## Sources
|
||||
## Sumber
|
||||
|
||||
- [EFF Surveillance Self Defense: Your Security Plan](https://ssd.eff.org/en/module/your-security-plan)
|
||||
- [Ef Surveillance Self Defense: Rencana Keamanan Anda](https://ssd.eff.org/en/module/your-security-plan)
|
||||
|
||||
@@ -6,72 +6,72 @@ description: Virtual Private Networks mengalihkan risiko dari ISP Anda ke pihak
|
||||
|
||||
Virtual Private Networks adalah cara untuk memperluas ujung jaringan Anda untuk keluar ke tempat lain di dunia. ISP dapat melihat arus lalu lintas internet yang masuk dan keluar dari perangkat terminasi jaringan Anda (misalnya modem).
|
||||
|
||||
Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
|
||||
Protokol enkripsi seperti HTTPS umumnya digunakan di internet, jadi mereka mungkin tidak dapat melihat dengan tepat apa yang Anda posting atau baca, tetapi mereka dapat mengetahui [domain yang Anda minta](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
|
||||
|
||||
A VPN can help as it can shift trust to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing into it.
|
||||
VPN dapat membantu karena dapat mengalihkan kepercayaan ke server di tempat lain di dunia. Akibatnya, ISP kemudian hanya melihat bahwa Anda tersambung ke VPN dan tidak ada aktivitas apa pun yang Anda kirimkan ke VPN tersebut.
|
||||
|
||||
## Should I use a VPN?
|
||||
## Haruskah saya menggunakan VPN?
|
||||
|
||||
**Yes**, unless you are already using Tor. A VPN does two things: shifting the risks from your Internet Service Provider to itself and hiding your IP from a third-party service.
|
||||
**Ya**, kecuali Anda sudah menggunakan Tor. VPN melakukan dua hal: mengalihkan risiko dari Penyedia Layanan Internet Anda ke dirinya sendiri dan menyembunyikan IP Anda dari layanan pihak ketiga.
|
||||
|
||||
VPNs cannot encrypt data outside of the connection between your device and the VPN server. VPN providers can see and modify your traffic the same way your ISP could. And there is no way to verify a VPN provider's "no logging" policies in any way.
|
||||
VPN tidak dapat mengenkripsi data di luar koneksi antara perangkat Anda dan server VPN. Penyedia VPN dapat melihat dan memodifikasi lalu lintas Anda dengan cara yang sama seperti yang dilakukan ISP Anda. Dan tidak ada cara untuk memverifikasi kebijakan "tanpa pencatatan" dari penyedia VPN dengan cara apa pun.
|
||||
|
||||
However, they do hide your actual IP from a third-party service, provided that there are no IP leaks. They help you blend in with others and mitigate IP based tracking.
|
||||
Namun, mereka menyembunyikan IP Anda yang sebenarnya dari layanan pihak ketiga, asalkan tidak ada kebocoran IP. Mereka membantu Anda berbaur dengan orang lain dan mengurangi pelacakan berbasis IP.
|
||||
|
||||
## When shouldn't I use a VPN?
|
||||
## Kapan sebaiknya saya tidak menggunakan VPN?
|
||||
|
||||
Using a VPN in cases where you're using your [known identity](common-threats.md#common-misconceptions) is unlikely be useful.
|
||||
Menggunakan VPN jika Anda menggunakan [identitas yang diketahui](common-threats.md#common-misconceptions) kemungkinan tidak akan berguna.
|
||||
|
||||
Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
|
||||
Melakukan hal itu dapat memicu sistem deteksi spam dan penipuan, seperti jika Anda masuk ke situs web bank Anda.
|
||||
|
||||
## What about encryption?
|
||||
## Bagaimana dengan enkripsi?
|
||||
|
||||
Encryption offered by VPN providers are between your devices and their servers. It guarantees that this specific link is secure. This is a step up from using unencrypted proxies where an adversary on the network can intercept the communications between your devices and said proxies and modify them. However, encryption between your apps or browsers with the service providers are not handled by this encryption.
|
||||
Enkripsi yang ditawarkan oleh penyedia VPN berada di antara perangkat Anda dan server mereka. Ini menjamin bahwa tautan khusus ini aman. Ini merupakan langkah maju dari penggunaan proxy yang tidak terenkripsi, di mana pihak yang tidak bertanggung jawab dalam jaringan dapat mencegat komunikasi antara perangkat Anda dan proxy tersebut dan memodifikasinya. Namun, enkripsi antara aplikasi atau browser Anda dengan penyedia layanan tidak ditangani oleh enkripsi ini.
|
||||
|
||||
In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider. Consider enabling "HTTPS everywhere" in your browser to mitigate downgrade attacks like [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
|
||||
Untuk menjaga agar apa yang Anda lakukan di situs web yang Anda kunjungi tetap privat dan aman, Anda harus menggunakan HTTPS. Ini akan menjaga kata sandi, token sesi, dan kueri Anda aman dari penyedia VPN. Pertimbangkan untuk mengaktifkan "HTTPS di mana saja" di peramban Anda untuk mengurangi serangan downgrade seperti [SSL Strip](https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf).
|
||||
|
||||
## Should I use encrypted DNS with a VPN?
|
||||
## Haruskah saya menggunakan DNS terenkripsi dengan VPN?
|
||||
|
||||
Unless your VPN provider hosts the encrypted DNS servers, **no**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust and does **absolutely nothing** to improve your privacy/security. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. Instead of just trusting your VPN provider, you are now trusting both the VPN provider and the DNS provider.
|
||||
Unless your VPN provider hosts the encrypted DNS servers, **no**. Menggunakan DOH/DOT (atau bentuk lain dari DNS terenkripsi) dengan server pihak ketiga hanya akan menambah lebih banyak entitas untuk dipercaya dan sama sekali **tidak** meningkatkan privasi/keamanan Anda. Penyedia VPN Anda masih dapat melihat situs web mana yang Anda kunjungi berdasarkan alamat IP dan metode lainnya. Alih-alih hanya mempercayai penyedia VPN Anda, Anda sekarang mempercayai penyedia VPN dan penyedia DNS.
|
||||
|
||||
A common reason to recommend encrypted DNS is that it helps against DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
|
||||
A common reason to recommend encrypted DNS is that it helps against DNS spoofing. Namun, peramban Anda seharusnya sudah memeriksa [sertifikat TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) dengan **HTTPS** dan memperingatkan Anda tentang hal itu. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
|
||||
|
||||
Needless to say, **you shouldn't use encrypted DNS with Tor**. This would direct all of your DNS requests through a single circuit and would allow the encrypted DNS provider to deanonymize you.
|
||||
Tidak perlu dikatakan lagi, **Anda tidak boleh menggunakan DNS terenkripsi dengan Tor**. Ini akan mengarahkan semua permintaan DNS Anda melalui satu sirkuit dan memungkinkan penyedia DNS terenkripsi untuk mendeanonimkan Anda.
|
||||
|
||||
## Should I use Tor *and* a VPN?
|
||||
## Haruskah saya menggunakan Tor *dan* VPN?
|
||||
|
||||
By using a VPN with Tor, you're creating essentially a permanent entry node, often with a money trail attached. This provides zero additional benefits to you, while increasing the attack surface of your connection dramatically. If you wish to hide your Tor usage from your ISP or your government, Tor has a built-in solution for that: Tor bridges. [Read more about Tor bridges and why using a VPN is not necessary](../advanced/tor-overview.md).
|
||||
Dengan menggunakan VPN dengan Tor, Anda pada dasarnya menciptakan simpul masuk permanen, sering kali dengan jejak uang yang melekat. Ini tidak memberikan manfaat tambahan apa pun bagi Anda, sekaligus meningkatkan permukaan serangan koneksi Anda secara dramatis. Jika Anda ingin menyembunyikan penggunaan Tor Anda dari ISP atau pemerintah Anda, Tor memiliki solusi bawaan untuk itu: Jembatan Tor. [Baca lebih lanjut tentang jembatan Tor dan mengapa menggunakan VPN tidak diperlukan](../advanced/tor-overview.md).
|
||||
|
||||
## What if I need anonymity?
|
||||
## Bagaimana jika saya membutuhkan anonimitas?
|
||||
|
||||
VPNs cannot provide anonymity. Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data. Use [Tor](https://www.torproject.org/) instead.
|
||||
VPN tidak dapat memberikan anonimitas. Penyedia VPN Anda masih akan melihat alamat IP asli Anda, dan sering memiliki jejak uang yang dapat dihubungkan langsung kembali kepada Anda. Anda tidak dapat mengandalkan kebijakan "tanpa pencatatan" untuk melindungi data Anda. Gunakan [Tor](https://www.torproject.org/) sebagai gantinya.
|
||||
|
||||
## What about VPN providers that provide Tor nodes?
|
||||
|
||||
Do not use that feature. The point of using Tor is that you do not trust your VPN provider. Currently Tor only supports the [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
|
||||
Jangan gunakan fitur tersebut. Inti dari penggunaan Tor adalah Anda tidak mempercayai penyedia VPN Anda. Saat ini Tor hanya mendukung protokol [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol). [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (digunakan di [WebRTC](https://en.wikipedia.org/wiki/WebRTC) untuk berbagi suara dan video, protokol [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) yang baru, dll), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) dan paket-paket lainnya akan dibatalkan. Untuk mengimbangi hal ini, penyedia VPN biasanya akan merutekan semua paket non-TCP melalui server VPN mereka (loncatan pertama Anda). Ini adalah kasus pada [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Selain itu, ketika menggunakan pengaturan Tor melalui VPN ini, Anda tidak memiliki kendali atas fitur Tor penting lainnya seperti [Alamat Tujuan Terisolasi](https://www.whonix.org/wiki/Stream_Isolation) (menggunakan sirkuit Tor yang berbeda untuk setiap domain yang Anda kunjungi).
|
||||
|
||||
The feature should be viewed as a convenient way to access the Tor Network, not to stay anonymous. For proper anonymity, use the Tor Browser, TorSocks, or a Tor gateway.
|
||||
Fitur ini harus dilihat sebagai cara yang nyaman untuk mengakses Jaringan Tor, bukan untuk tetap anonim. Untuk anonimitas yang tepat, gunakan Tor Browser, TorSocks, atau gateway Tor.
|
||||
|
||||
## When are VPNs useful?
|
||||
## Kapan VPN berguna?
|
||||
|
||||
A VPN may still be useful to you in a variety of scenarios, such as:
|
||||
VPN mungkin masih berguna bagi Anda dalam berbagai skenario, seperti:
|
||||
|
||||
1. Hiding your traffic from **only** your Internet Service Provider.
|
||||
1. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
|
||||
1. Hiding your IP from third-party websites and services, preventing IP based tracking.
|
||||
1. Menyembunyikan lalu lintas Anda dari **hanya** Penyedia Layanan Internet Anda.
|
||||
1. Menyembunyikan unduhan Anda (seperti torrent) dari ISP dan organisasi anti-pembajakan.
|
||||
1. Menyembunyikan IP Anda dari situs web dan layanan pihak ketiga, mencegah pelacakan berbasis IP.
|
||||
|
||||
For situations like these, or if you have another compelling reason, the VPN providers we listed above are who we think are the most trustworthy. However, using a VPN provider still means you're *trusting* the provider. In pretty much any other scenario you should be using a secure**-by-design** tool such as Tor.
|
||||
Untuk situasi seperti ini, atau jika Anda memiliki alasan kuat lainnya, penyedia VPN yang kami sebutkan di atas adalah yang menurut kami paling dapat dipercaya. Namun, menggunakan penyedia VPN masih berarti Anda *mempercayai* penyedia. Dalam hampir semua skenario lain, Anda sebaiknya menggunakan alat**-by-design** yang aman seperti Tor.
|
||||
|
||||
## Sources and Further Reading
|
||||
## Sumber dan Bacaan Lebih Lanjut
|
||||
|
||||
1. [VPN - a Very Precarious Narrative](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) by Dennis Schubert
|
||||
1. [VPN - Narasi yang Sangat Genting](https://schub.io/blog/2019/04/08/very-precarious-narrative.html) oleh Dennis Schubert
|
||||
1. [Tor Network Overview](../advanced/tor-overview.md)
|
||||
1. [IVPN Privacy Guides](https://www.ivpn.net/privacy-guides)
|
||||
1. ["Do I need a VPN?"](https://www.doineedavpn.com), a tool developed by IVPN to challenge aggressive VPN marketing by helping individuals decide if a VPN is right for them.
|
||||
1. ["Apakah saya memerlukan VPN?"](https://www.doineedavpn.com)sebuah alat yang dikembangkan oleh IVPN untuk menantang pemasaran VPN yang agresif dengan membantu individu memutuskan apakah VPN tepat untuk mereka.
|
||||
|
||||
## Related VPN Information
|
||||
## Informasi VPN Terkait
|
||||
|
||||
- [The Trouble with VPN and Privacy Review Sites](https://blog.privacyguides.org/2019/11/20/the-trouble-with-vpn-and-privacy-review-sites/)
|
||||
- [Free VPN App Investigation](https://www.top10vpn.com/free-vpn-app-investigation/)
|
||||
- [Masalah dengan VPN dan Situs Ulasan Privasi](https://blog.privacyguides.org/2019/11/20/the-trouble-with-vpn-and-privacy-review-sites/)
|
||||
- [Investigasi Aplikasi VPN Gratis](https://www.top10vpn.com/free-vpn-app-investigation/)
|
||||
- [Hidden VPN owners unveiled: 101 VPN products run by just 23 companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
|
||||
- [This Chinese company is secretly behind 24 popular apps seeking dangerous permissions](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
|
||||
- [Perusahaan Tiongkok ini diam-diam berada di balik 24 aplikasi populer yang meminta izin berbahaya](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
|
||||
|
||||
Reference in New Issue
Block a user