privacyguides/privacyguides.org
1
0
Fork 0
mirror of https://github.com/privacyguides/privacyguides.org.git synced 2025-10-16 04:32:11 +00:00
Code Issues Activity

New Crowdin Translations (#2074)

Browse Source 
Signed-off-by: Daniel Gray <dngray@privacyguides.org>
This commit is contained in:
Crowdin Bot
2023-03-11 14:57:24 +00:00
committed by Daniel Gray
parent 5bad28ff6d
commit 9e35e2ef8a
1509 changed files with 27318 additions and 12041 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
i18n/pt-BR/404.md
View File

@@ -1,6 +1,10 @@
---
hide:
- feedback
meta:
-
property: "robots"
content: "noindex, nofollow"
---
# 404 - Não encontrado
@@ -13,5 +17,3 @@ Não conseguimos encontrar a página que você estava procurando! Talvez você e
- [Melhores serviços de VPN](vpn.md)
- [Fórum do Privacy Guides](https://discuss.privacyguides.net)
- [Nosso Blog](https://blog.privacyguides.org)
--8<-- "includes/abbreviations.pt-BR.txt"

2
i18n/pt-BR/about/criteria.md
View File

@@ -38,5 +38,3 @@ We have these requirements in regard to developers which wish to submit their pr
- Must state what the exact threat model is with their project.
- It should be clear to potential users what the project can provide, and what it cannot.
--8<-- "includes/abbreviations.pt-BR.txt"

2
i18n/pt-BR/about/donate.md
View File

@@ -48,5 +48,3 @@ Nós hospedamos [serviços de internet](https://privacyguides.net) para teste e
Ocasionamente adquirimos produtos e serviços com o propósito de testar as nossas [ferramentas recomendadas](../tools.md).
Ainda estamos a trabalhar com o nosso anfitrião fiscal (a Open Collective Foundation) para receber doações em criptomoeda. No momento a contabilidade não é viável para muitas transações menores, mas isso deve mudar no futuro. Enquanto isso, se você deseja fazer uma doação de criptomoeda considerável (> $100), entre em contato com [jonah@privacyguides.org](mailto:jonah@privacyguides.org).
--8<-- "includes/abbreviations.pt-BR.txt"

38
i18n/pt-BR/about/index.md
View File

@@ -1,10 +1,38 @@
---
template: schema.html
title: "About Privacy Guides"
description: Privacy Guides is a socially motivated website that provides information for protecting your data security and privacy.
---
**Privacy Guides** is a socially motivated website that provides information for protecting your data security and privacy. We are a non-profit collective operated entirely by volunteer [team members](https://discuss.privacyguides.net/g/team) and contributors.
![Privacy Guides logo](../assets/brand/png/square/pg-yellow.png){ align=right }
[:material-hand-coin-outline: Support the project](donate.md ""){.md-button.md-button--primary}
**Privacy Guides** is a socially motivated website that provides [information](/kb) for protecting your data security and privacy. We are a non-profit collective operated entirely by volunteer [team members](https://discuss.privacyguides.net/g/team) and contributors. Our website is free of advertisements and not affiliated with any listed providers.
[:octicons-home-16:](https://www.privacyguides.org/){ .card-link title=Homepage }
[:octicons-code-16:](https://github.com/privacyguides/privacyguides.org){ .card-link title="Source Code" }
[:octicons-heart-16:](donate.md){ .card-link title=Contribute }
The purpose of Privacy Guides is to educate our community on the importance of privacy online and government programs internationally that are designed to monitor all of your online activities.
> To find [privacy-focused alternative] apps, check out sites like Good Reports and **Privacy Guides**, which list privacy-focused apps in a variety of categories, notably including email providers (usually on paid plans) that arent run by the big tech companies.
— [New York Times](https://www.nytimes.com/wirecutter/guides/online-security-social-media-privacy/)
> If you're looking for a new VPN, you can go to the discount code of just about any podcast. If you are looking for a **good** VPN, you need professional help. The same goes for email clients, browsers, operating systems and password managers. How do you know which of these is the best, most privacy-friendly option? For that there is **Privacy Guides**, a platform on which a number of volunteers search day in, day out for the best privacy-friendly tools to use on the internet.
— [Tweakers.net](https://tweakers.net/reviews/10568/op-zoek-naar-privacyvriendelijke-tools-niek-de-wilde-van-privacy-guides.html) [Translated from Dutch]
Also featured on: [Ars Technica](https://arstechnica.com/gadgets/2022/02/is-firefox-ok/), [Wirecutter](https://www.nytimes.com/wirecutter/guides/practical-guide-to-securing-windows-pc/) [[2](https://www.nytimes.com/wirecutter/guides/practical-guide-to-securing-your-mac/)], and [Wired](https://www.wired.com/story/firefox-mozilla-2022/).
## History
Privacy Guides was launched in September 2021 as a continuation of the [defunct](privacytools.md) "PrivacyTools" open-source educational project. We recognized the importance of independent, criteria-focused product recommendations and general knowledge in the privacy space, which is why we needed to preserve the work that had been created by so many contributors since 2015 and make sure that information had a stable home on the web indefinitely.
In 2022, we completed the transition of our main website framework from Jekyll to MkDocs, using the `mkdocs-material` documentation software. This change made open-source contributions to our site significantly easier for outsiders, because instead of needing to know complicated syntax to write posts effectively, contributing is now as easy as writing a standard Markdown document.
We additionally launched our new discussion forum at [discuss.privacyguides.net](https://discuss.privacyguides.net/) as a community platform to share ideas and ask questions about our mission. This augments our existing community on Matrix, and replaced our previous GitHub Discussions platform, decreasing our reliance on proprietary discussion platforms.
So far in 2023 we've launched international translations of our website in [French](/fr/), [Hebrew](/he/), and [Dutch](/nl/), with more languages on the way, made possible by our excellent translation team on [Crowdin](https://crowdin.com/project/privacyguides). We plan to continue carrying forward our mission of outreach and education, and finding ways to more clearly highlight the dangers of a lack of privacy awareness in the modern digital age, and the prevalence and harms of security breaches across the technology industry.
## Our Team
@@ -48,9 +76,9 @@ title: "About Privacy Guides"
- [:simple-github: GitHub](https://github.com/hook9 "@hook9")
- [:simple-mastodon: Mastodon](https://mastodon.neat.computer/@oliviablob "@oliviablob@neat.computer"){rel=me}
Additionally, [many people](https://github.com/privacyguides/privacyguides.org/graphs/contributors) have made contributions to the project. You can too, we're open sourced on GitHub!
Additionally, [many people](https://github.com/privacyguides/privacyguides.org/graphs/contributors) have made contributions to the project. You can too, we're open sourced on GitHub, and accepting translation suggestions on [Crowdin](https://crowdin.com/project/privacyguides).
Our team members review all changes made to the website and handle administrative duties such as web hosting and financials, however they do not personally profit from any contributions made to this site. Our financials are transparently hosted by the Open Collective Foundation 501(c)(3) at [opencollective.com/privacyguides](https://opencollective.com/privacyguides). Donations to Privacy Guides are generally tax deductible in the United States.
Our team members review all changes made to the website and handle administrative duties such as web hosting and financials, however they do not personally profit from any contributions made to this site. Our financials are transparently hosted by the Open Collective Foundation 501(c)(3) at [opencollective.com/privacyguides](https://opencollective.com/privacyguides). Donations to Privacy Guides are generally tax-deductible in the United States.
## Site License
@@ -59,5 +87,3 @@ Our team members review all changes made to the website and handle administrativ
:fontawesome-brands-creative-commons: :fontawesome-brands-creative-commons-by: :fontawesome-brands-creative-commons-nd: Unless otherwise noted, the original content on this website is made available under the [Creative Commons Attribution-NoDerivatives 4.0 International Public License](https://github.com/privacyguides/privacyguides.org/blob/main/LICENSE). This means that you are free to copy and redistribute the material in any medium or format for any purpose, even commercially; as long as you give appropriate credit to `Privacy Guides (www.privacyguides.org)` and provide a link to the license. You may do so in any reasonable manner, but not in any way that suggests Privacy Guides endorses you or your use. If you remix, transform, or build upon the content of this website, you may not distribute the modified material.
This license is in place to prevent people from sharing our work without giving proper credit, and to prevent people from modifying our work in a way that could be used to mislead people. If you find the terms of this license too restrictive for the project you're working on, please reach out to us at `jonah@privacyguides.org`. We are happy to provide alternative licensing options for well-intentioned projects in the privacy space!
--8<-- "includes/abbreviations.pt-BR.txt"

2
i18n/pt-BR/about/notices.md
View File

@@ -41,5 +41,3 @@ You must not conduct any systematic or automated data collection activities on o
* Scraping
* Mineração de dados
* 'Framing' (IFrames)
--8<-- "includes/abbreviations.pt-BR.txt"

14
i18n/pt-BR/about/privacy-policy.md
View File

@@ -1,5 +1,5 @@
---
title: "Privacy Policy"
title: "Política de Privacidade"
---
Privacy Guides is a community project operated by a number of active volunteer contributors. The public list of team members [can be found on GitHub](https://github.com/orgs/privacyguides/people).
@@ -8,12 +8,12 @@ Privacy Guides is a community project operated by a number of active volunteer c
The privacy of our website visitors is important to us, so we do not track any individual people. As a visitor to our website:
- No personal information is collected
- Nenhuma informação pessoal é coletada
- No information such as cookies are stored in the browser
- No information is shared with, sent to or sold to third-parties
- No information is shared with advertising companies
- No information is mined and harvested for personal and behavioral trends
- No information is monetized
- Nenhuma informação é monetizada
You can view the data we collect on our [statistics](statistics.md) page.
@@ -29,7 +29,7 @@ To sign up for most accounts, we will collect a name, username, email, and passw
We use your account data to identify you on the website and to create pages specific to you, such as your profile page. We will also use your account data to publish a public profile for you on our services.
We use your email to:
Nós usamos o seu e-mail para:
- Notify you about posts and other activity on the websites or services.
- Reset your password and help keep your account secure.
@@ -40,7 +40,7 @@ On some websites and services you may provide additional information for your ac
We will store your account data as long as your account remains open. After closing an account, we may retain some or all of your account data in the form of backups or archives for up to 90 days.
## Contacting Us
## Fale Conosco
The Privacy Guides team generally does not have access to personal data outside of limited access granted via some moderation panels. Inquiries regarding your personal information should be sent directly to:
@@ -54,10 +54,8 @@ For all other inquiries, you can contact any member of our team.
Para queixas no âmbito da GDPR em geral, você pode apresentar queixas às suas autoridades supervisoras locais de proteção de dados. Na França, é a Commission Nationale de l'Informatique et des Libertés que cuida e lida com as queixas. Eles fornecem um [modelo de carta de reclamação](https://www.cnil.fr/en/plaintes) para usar.
## About This Policy
## Sobre esta Política
We will post any new versions of this statement [here](privacy-policy.md). We may change how we announce changes in future versions of this document. In the meantime we may update our contact information at any time without announcing a change. Please refer to the [Privacy Policy](privacy-policy.md) for the latest contact information at any time.
A full revision [history](https://github.com/privacyguides/privacyguides.org/commits/main/docs/about/privacy-policy.md) of this page can be found on GitHub.
--8<-- "includes/abbreviations.pt-BR.txt"

2
i18n/pt-BR/about/privacytools.md
View File

@@ -116,5 +116,3 @@ This topic has been discussed extensively within our communities in various loca
- [Apr 2, 2022 response by u/dng99 to PrivacyTools' accusatory blog post](https://www.reddit.com/comments/tuo7mm/comment/i35kw5a/)
- [May 16, 2022 response by @TommyTran732 on Twitter](https://twitter.com/TommyTran732/status/1526153497984618496)
- [Sep 3, 2022 post on Techlore's forum by @dngray](https://discuss.techlore.tech/t/has-anyone-seen-this-video-wondering-your-thoughts/792/20)
--8<-- "includes/abbreviations.pt-BR.txt"

2
i18n/pt-BR/about/services.md
View File

@@ -36,5 +36,3 @@ We run a number of web services to test out features and promote cool decentrali
- Disponibilidade: Semi-Público
Hospedamos o Invidious principalmente para veicular vídeos incorporados do YouTube em nosso site, esta instância não se destina ao uso geral e pode ser limitada a qualquer momento.
- Fonte: [github.com/iv-org/invidious](https://github.com/iv-org/invidious)
--8<-- "includes/abbreviations.pt-BR.txt"

2
i18n/pt-BR/about/statistics.md
View File

@@ -59,5 +59,3 @@ title: Traffic Statistics
})
})
</script>
--8<-- "includes/abbreviations.pt-BR.txt"

3
i18n/pt-BR/advanced/communication-network-types.md
View File

@@ -1,6 +1,7 @@
---
title: "Tipos de redes de comunicação"
icon: 'material/transit-connection-variant'
description: An overview of several network architectures commonly used by instant messaging applications.
---
Existem várias arquiteturas de rede comumente usadas para retransmitir mensagens entre pessoas. Essas redes podem fornecer diferentes garantias de privacidade, e é por isso que vale a pena considerar seu [modelo de ameaça](../basics/threat-modeling.md) ao decidir qual aplicativo usar.
@@ -100,5 +101,3 @@ A auto-hospedagem de um nó em uma rede de roteamento anônimo não fornece ao h
- Menos confiável se os nós são selecionados por roteamento randomizado, alguns nós podem estar muito longe do remetente e do receptor, adicionando latência ou mesmo não transmitindo mensagens se um dos nós ficar offline.
- Mais complexo para começar, pois é necessária a criação e o backup seguro de uma chave privada criptográfica.
- Assim como outras plataformas descentralizadas, adicionar recursos é mais complexo para os desenvolvedores do que em uma plataforma centralizada. Assim, os recursos podem estar faltando ou incompletamente implementados, como retransmissão de mensagens offline ou exclusão de mensagens.
--8<-- "includes/abbreviations.pt-BR.txt"

3
i18n/pt-BR/advanced/dns-overview.md
View File

@@ -1,6 +1,7 @@
---
title: "Introdução ao DNS"
icon: material/dns
description: The Domain Name System is the "phonebook of the internet," helping your browser find the website it's looking for.
---
The [Domain Name System](https://en.wikipedia.org/wiki/Domain_Name_System) is the 'phonebook of the Internet'. DNS translates domain names to IP addresses so browsers and other services can load Internet resources, through a decentralized network of servers.
@@ -303,5 +304,3 @@ The [EDNS Client Subnet](https://en.wikipedia.org/wiki/EDNS_Client_Subnet) is a
It's intended to "speed up" delivery of data by giving the client an answer that belongs to a server that is close to them such as a [content delivery network](https://en.wikipedia.org/wiki/Content_delivery_network), which are often used in video streaming and serving JavaScript web apps.
This feature does come at a privacy cost, as it tells the DNS server some information about the client's location.
--8<-- "includes/abbreviations.pt-BR.txt"

85
i18n/pt-BR/advanced/payments.md Normal file
View File

@@ -0,0 +1,85 @@
---
title: Private Payments
icon: material/hand-coin
---
There's a reason data about your buying habits is considered the holy grail of ad targeting: your purchases can leak a veritable treasure trove of data about you. Unfortunately, the current financial system is anti-privacy by design, enabling banks, other companies, and governments to easily trace transactions. Nevertheless, you have plenty of options when it comes to making payments privately.
## Cash
For centuries, **cash** has functioned as the primary form of private payment. Cash has excellent privacy properties in most cases, is widely accepted in most countries, and is **fungible**, meaning it is non-unique and completely interchangable.
Cash payment laws vary by country. In the United States, special disclosure is required for cash payments over $10,000 to the IRS on [Form 8300](https://www.irs.gov/businesses/small-businesses-self-employed/form-8300-and-reporting-cash-payments-of-over-10000). The receiving business is required to ID verify the payees name, address, occupation, date of birth, and Social Security Number or other TIN (with some exceptions). Lower limits without ID such as $3,000 or less exist for exchanges and money transmission. Cash also contains serial numbers. These are almost never tracked by merchants, but they can be used by law enforcement in targeted investigations.
Despite this, its typically the best option.
## Prepaid Cards & Gift Cards
Its relatively simple to purchase gift cards and prepaid cards at most grocery stores and convenience stores with cash. Gift cards usually dont have a fee, though prepaid cards often do, so pay close attention to these fees and expiry dates. Some stores may ask to see your ID at checkout to reduce fraud.
Gift cards usually have limits of up to $200 per card, but some offer limits of up to $2,000 per card. Prepaid cards (eg: from Visa or Mastercard) usually have limits of up to $1,000 per card.
Gift cards have the downside of being subject to merchant policies, which can have terrible terms and restrictions. For example, some merchants dont accept payment in gift cards exclusively, or they may cancel the value of the card if they consider you to be a high-risk user. Once you have merchant credit, the merchant has a strong degree of control over this credit.
Prepaid cards dont allow cash withdrawals from ATMs or “peer-to-peer” payments in Venmo and similar apps.
Cash remains the best option for in-person purchases for most people. Gift cards can be useful for the savings they bring. Prepaid cards can be useful for places that dont accept cash. Gift cards and prepaid cards are easier to use online than cash, and they are easier to acquire with cryptocurrencies than cash.
### Online Marketplaces
If you have [cryptocurrency](../cryptocurrency.md), you can purchase gift cards with an online gift card marketplace. Some of these services offer ID verification options for higher limits, but they also allow accounts with just an email address. Basic limits start at $5,000-10,000 a day for basic accounts, and significantly higher limits for ID verified accounts (if offered).
When buying gift cards online, there is usually a slight discount. Prepaid cards are usually sold online at face value or with a fee. If you buy prepaid cards and gift cards with cryptocurrencies, you should strongly prefer to pay with Monero which provides strong privacy, more on this below. Paying for a gift card with a traceable payment method negates the benefits a gift card can provide when purchased with cash or Monero.
- [Online Gift Card Marketplaces :material-arrow-right-drop-circle:](../financial-services.md#gift-card-marketplaces)
## Virtual Cards
Another way to protect your information from merchants online is to use virtual, single-use cards which mask your actual banking or billing information. This is primarily useful for protecting you from merchant data breaches, less sophisticated tracking or purchase correlation by marketing agencies, and online data theft. They do **not** assist you in making a purchase completely anonymously, nor do they hide any information from the banking institution themselves. Regular financial institutions which offer virtual cards are subject to "Know Your Customer" (KYC) laws, meaning they may require your ID or other identifying information.
- [Recommended Payment Masking Services :material-arrow-right-drop-circle:](../financial-services.md#payment-masking-services)
These tend to be good options for recurring/subscription payments online, while prepaid gift cards are preferred for one-time transactions.
## Criptomoedas
Cryptocurrencies are a digital form of currency designed to work without central authorities such as a government or bank. While *some* cryptocurrency projects can allow you to make private transactions online, many use a public blockchain which does not provide any transaction privacy. Cryptocurrencies also tend to be very volatile assets, meaning their value can change rapidly and significantly at any time. As such, we generally don't recommend using cryptocurrency as a long-term store of value. If you decide to use cryptocurrency online, make sure you have a full understanding of its privacy aspects beforehand, and only invest amounts which would not be disastrous to lose.
!!! aviso
Você **nunca** deve instalar quaisquer extensões adicionais no Tor Browser, incluindo as que sugerimos para o Firefox.
The vast majority of cryptocurrencies operate on a **public** blockchain, meaning that every transaction is public knowledge. This includes even most well-known cryptocurrencies like Bitcoin and Ethereum. Transactions with these cryptocurrencies should not be considered private and will not protect your anonymity.
Additionally, many if not most cryptocurrencies are scams. Make transactions carefully with only projects you trust.
### Privacy Coins
There are a number of cryptocurrency projects which purport to provide privacy by making transactions anonymous. We recommend using one which provides transaction anonymity **by default** to avoid operational errors.
- [Recommended Cryptocurrency :material-arrow-right-drop-circle:](../cryptocurrency.md#coins)
Privacy coins have been subject to increasing scrutiny by government agencies. In 2020, [the IRS published a $625,000 bounty](https://www.forbes.com/sites/kellyphillipserb/2020/09/14/irs-will-pay-up-to-625000-if-you-can-crack-monero-other-privacy-coins/?sh=2e9808a085cc) for tools which can break Bitcoin Lightning Network and/or Monero's transaction privacy. They ultimately [paid two companies](https://sam.gov/opp/5ab94eae1a8d422e88945b64181c6018/view) (Chainalysis and Integra Fec) a combined $1.25 million for tools which purport to do so (it is unknown which cryptocurrency network these tools target). Due to the secrecy surrounding tools like these, ==none of these methods of tracing cryptocurrencies have been independently confirmed.== However, it is quite likely that tools which assist targeted investigations into private coin transactions exist, and that privacy coins only succeed in thwarting mass surveillance.
### Other Coins (Bitcoin, Ethereum, etc.)
The vast majority of cryptocurrency projects use a public blockchain, meaning that all transactions are both easily traceable and permanent. As such, we strongly discourage the use of most cryptocurrency for privacy-related reasons.
Anonymous transactions on a public blockchain are *theoretically* possible, and the Bitcoin wiki [gives one example of a "completely anonymous" transaction](https://en.bitcoin.it/wiki/Privacy#Example_-_A_perfectly_private_donation). However, doing so requires a complicated setup involving Tor and "solo-mining" a block to generate completely independent cryptocurrency, a practice which has not been practical for nearly any enthusiast for many years.
==Your best option is to avoid these cryptocurrencies entirely and stick with one which provides privacy by default.== Attempting to use other cryptocurrency is outside the scope of this site and strongly discouraged.
### Wallet Custody
With cryptocurrency there are two forms of wallets: custodial wallets and noncustodial wallets. Custodial wallets are operated by centralized companies/exchanges, where the private key for your wallet is held by that company, and you can access them anywhere typically with a regular username and password. Noncustodial wallets are wallets where you control and manage the private keys to access it. Assuming you keep your wallet's private keys secured and backed up, noncustodial wallets provide greater security and censorship-resistance over custodial wallets, because your cryptocurrency can't be stolen or frozen by a company with custody over your private keys. Key custody is especially important when it comes to privacy coins: Custodial wallets grant the operating company the ability to view your transactions, negating the privacy benefits of those cryptocurrencies.
### Acquisition
Acquiring [cryptocurrencies](../cryptocurrency.md) like Monero privately can be difficult. P2P marketplaces like [LocalMonero](https://localmonero.co/), a platform which facilitates trades between people, are one option that can be used. If using an exchange which requires KYC is an acceptable risk for you as long as subsequent transactions can't be traced, a much easier option is to purchase Monero on an exchange like [Kraken](https://kraken.com/), or purchase Bitcoin/Litecoin from a KYC exchange which can then be swapped for Monero. Then, you can withdraw the purchased Monero to your own noncustodial wallet to use privately from that point forward.
If you go this route, make sure to purchase Monero at different times and in different amounts than where you will spend it. If you purchase $5000 of Monero at an exchange and make a $5000 purchase in Monero an hour later, those actions could potentially be correlated by an outside observer regardless of which path the Monero took. Staggering purchases and purchasing larger amounts of Monero in advance to later spend on multiple smaller transactions can avoid this pitfall.
## Additional Considerations
When you're making a payment in-person with cash, make sure to keep your in-person privacy in mind. Security cameras are ubiquitous. Consider wearing non-distinct clothing and a face mask (such as a surgical mask or N95). Dont sign up for rewards programs or provide any other information about yourself.
When purchasing online, ideally you should do so over [Tor](tor-overview.md). However, many merchants dont allow purchases with Tor. You can consider using a [recommended VPN](../vpn.md) (paid for with cash, gift card, or Monero), or making the purchase from a coffee shop or library with free Wi-Fi. If you are ordering a physical item that needs to be delivered, you will need to provide a delivery address. You should consider using a PO box, private mailbox, or work address.

3
i18n/pt-BR/advanced/tor-overview.md
View File

@@ -1,6 +1,7 @@
---
title: "Tor Overview"
icon: 'simple/torproject'
description: Tor is a free to use, decentralized network designed for using the internet with as much privacy as possible.
---
Tor is a free to use, decentralized network designed for using the internet with as much privacy as possible. If used properly, the network enables private and anonymous browsing and communications.
@@ -74,8 +75,6 @@ If you wish to use Tor for browsing the web, we only recommend the **official**
- [Como funciona o Tor - Computerphile](https://invidious.privacyguides.net/embed/QRYzre4bf7I?local=true) <small>(YouTube)</small>
- [Serviços Tor Onion - Computerphile](https://invidious.privacyguides.net/embed/lVcbq_a5N9I?local=true) <small>(YouTube)</small>
--8<-- "includes/abbreviations.pt-BR.txt"
[^1]: The first relay in your circuit is called an "entry guard" or "guard". It is a fast and stable relay that remains the first one in your circuit for 2-3 months in order to protect against a known anonymity-breaking attack. The rest of your circuit changes with every new website you visit, and all together these relays provide the full privacy protections of Tor. For more information on how guard relays work, see this [blog post](https://blog.torproject.org/improving-tors-anonymity-changing-guard-parameters) and [paper](https://www-users.cs.umn.edu/~hoppernj/single_guard.pdf) on entry guards. ([https://support.torproject.org/tbb/tbb-2/](https://support.torproject.org/tbb/tbb-2/))
[^2]: Relay flag: a special (dis-)qualification of relays for circuit positions (for example, "Guard", "Exit", "BadExit"), circuit properties (for example, "Fast", "Stable"), or roles (for example, "Authority", "HSDir"), as assigned by the directory authorities and further defined in the directory protocol specification. ([https://metrics.torproject.org/glossary.html](https://metrics.torproject.org/glossary.html))

30
i18n/pt-BR/android.md
View File

@@ -1,6 +1,7 @@
---
title: "Android"
icon: 'simple/android'
description: You can replace the operating system on your Android phone with these secure and privacy-respecting alternatives.
---
![Android logo](assets/img/android/android.svg){ align=right }
@@ -13,20 +14,21 @@ O **Android Open Source Project** é um sistema operacional de código aberto li
Estes são os sistemas operacionais, dispositivos e aplicações Android que recomendamos para maximizar a segurança e privacidade do seu dispositivo móvel. Para saber mais sobre o Android:
- [Visão geral do Android :material-arrow-right-drop-circle:](os/android-overview.md)
- [Por que recomendamos o GrapheneOS em vez do CalyxOS :material-arrow-right-drop-circle:](https://blog.privacyguides.org/2022/04/21/grapheneos-or-calyxos/)
[Visão Geral do Android :material-arrow-right-drop-circle:](os/android-overview.md ""){.md-button}
[Por que recomendamos o GrapheneOS em vez do CalyxOS :material-arrow-right-drop-circle:](https://blog.privacyguides.org/2022/04/21/grapheneos-or-calyxos/ ""){.md-button}
## Derivados do AOSP
Recomendamos instalar um desses sistemas operacionais Android personalizados em seu dispositivo, listados em ordem de preferência, dependendo da compatibilidade do seu dispositivo com esses sistemas operacionais.
!!! note
!!! nota
Os dispositivos em fim de vida útil (como os dispositivos GrapheneOS ou "suporte estendido" da CalyxOS) não possuem patches de segurança completos (atualizações de firmware) devido à interrupção do suporte do OEM. Estes dispositivos não podem ser considerados completamente seguros, independentemente do software instalado.
### GrapheneOS
!!! recommendation
!!! recomendação
![GrapheneOS logo](assets/img/android/grapheneos.svg#only-light){ align=right }
![GrapheneOS logo](assets/img/android/grapheneos-dark.svg#only-dark){ align=right }
@@ -41,13 +43,13 @@ Recomendamos instalar um desses sistemas operacionais Android personalizados em
[:octicons-code-16:](https://grapheneos.org/source){ .card-link title="Source Code" }
[:octicons-heart-16:](https://grapheneos.org/donate){ .card-link title=Contribute }
GrapheneOS supports [Sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play), which runs [Google Play Services](https://en.wikipedia.org/wiki/Google_Play_Services) fully sandboxed like any other regular app. This means you can take advantage of most Google Play Services, such as [push notifications](https://firebase.google.com/docs/cloud-messaging/), while giving you full control over their permissions and access, and while containing them to a specific [work profile](os/android-overview.md#work-profile) or [user profile](os/android-overview.md#user-profiles) of your choice.
GrapheneOS supports [Sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play), which runs [Google Play Services](https://en.wikipedia.org/wiki/Google_Play_Services) fully sandboxed like any other regular app. Isso significa que você pode tirar proveito da maioria dos Google Play Services, como [notificações push](https://firebase.google.com/docs/cloud-messaging/), enquanto lhe dá controle total sobre suas permissões e acesso, e ao mesmo tempo contê-los para um perfil de trabalho [específico](os/android-overview.md#work-profile) ou [perfil de usuário](os/android-overview.md#user-profiles) de sua escolha.
Google Pixel phones are the only devices that currently meet GrapheneOS's [hardware security requirements](https://grapheneos.org/faq#device-support).
Os telefones Google Pixel são os únicos dispositivos que atualmente atendem aos [requisitos de segurança de hardware do GrapheneOS](https://grapheneos.org/faq#device-support).
### DivestOS
!!! recommendation
!!! recomendação
![DivestOS logo](assets/img/android/divestos.svg){ align=right }
@@ -63,11 +65,11 @@ Google Pixel phones are the only devices that currently meet GrapheneOS's [hardw
DivestOS has automated kernel vulnerability ([CVE](https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures)) [patching](https://gitlab.com/divested-mobile/cve_checker), fewer proprietary blobs, and a custom [hosts](https://divested.dev/index.php?page=dnsbl) file. Its hardened WebView, [Mulch](https://gitlab.com/divested-mobile/mulch), enables [CFI](https://en.wikipedia.org/wiki/Control-flow_integrity) for all architectures and [network state partitioning](https://developer.mozilla.org/en-US/docs/Web/Privacy/State_Partitioning), and receives out-of-band updates. DivestOS also includes kernel patches from GrapheneOS and enables all available kernel security features via [defconfig hardening](https://github.com/Divested-Mobile/DivestOS-Build/blob/master/Scripts/Common/Functions.sh#L758). All kernels newer than version 3.4 include full page [sanitization](https://lwn.net/Articles/334747/) and all ~22 Clang-compiled kernels have [`-ftrivial-auto-var-init=zero`](https://reviews.llvm.org/D54604?id=174471) enabled.
DivestOS implements some system hardening patches originally developed for GrapheneOS. DivestOS 16.0 and higher implements GrapheneOS's [`INTERNET`](https://developer.android.com/training/basics/network-ops/connecting) and SENSORS permission toggle, [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc), [exec-spawning](https://blog.privacyguides.org/2022/04/21/grapheneos-or-calyxos/#additional-hardening), [JNI](https://en.wikipedia.org/wiki/Java_Native_Interface) [constification](https://en.wikipedia.org/wiki/Const_(computer_programming)), and partial [bionic](https://en.wikipedia.org/wiki/Bionic_(software)) hardening patchsets. 17.1 and higher features GrapheneOS's per-network full [MAC randomization](https://en.wikipedia.org/wiki/MAC_address#Randomization) option, [`ptrace_scope`](https://www.kernel.org/doc/html/latest/admin-guide/LSM/Yama.html) control, and automatic reboot/Wi-Fi/Bluetooth [timeout options](https://grapheneos.org/features).
O DivestOS implementa alguns patches de fortalecimento desenvolvidos originalmente para o GrapheneOS. DivestOS 16.0 and higher implements GrapheneOS's [`INTERNET`](https://developer.android.com/training/basics/network-ops/connecting) and SENSORS permission toggle, [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc), [exec-spawning](https://blog.privacyguides.org/2022/04/21/grapheneos-or-calyxos/#additional-hardening), [JNI](https://en.wikipedia.org/wiki/Java_Native_Interface) [constification](https://en.wikipedia.org/wiki/Const_(computer_programming)), and partial [bionic](https://en.wikipedia.org/wiki/Bionic_(software)) hardening patchsets. 17.1 e superior apresenta a opção de [ randomização do MAC](https://en.wikipedia.org/wiki/MAC_address#Randomization) completa por rede do GrapheneOS, controle [`ptrace_scope`](https://www.kernel.org/doc/html/latest/admin-guide/LSM/Yama.html) e [opções de tempo limite](https://grapheneos.org/features) de reinicialização automática/Wi-Fi/Bluetooth.
DivestOS uses F-Droid as its default app store. Normally, we would recommend avoiding F-Droid due to its numerous [security issues](#f-droid). However, doing so on DivestOS isn't viable; the developers update their apps via their own F-Droid repositories ([DivestOS Official](https://divestos.org/fdroid/official/?fingerprint=E4BE8D6ABFA4D9D4FEEF03CDDA7FF62A73FD64B75566F6DD4E5E577550BE8467) and [DivestOS WebView](https://divestos.org/fdroid/webview/?fingerprint=FB426DA1750A53D7724C8A582B4D34174E64A84B38940E5D5A802E1DFF9A40D2)). We recommend disabling the official F-Droid app and using [Neo Store](https://github.com/NeoApplications/Neo-Store/) with the DivestOS repositories enabled to keep those components up to date. For other apps, our recommended methods of obtaining them still apply.
!!! warning
!!! aviso
DivestOS firmware update [status](https://gitlab.com/divested-mobile/firmware-empty/-/blob/master/STATUS) and quality control varies across the devices it supports. We still recommend GrapheneOS depending on your device's compatibility. For other devices, DivestOS is a good alternative.
@@ -75,7 +77,7 @@ DivestOS uses F-Droid as its default app store. Normally, we would recommend avo
## Android Devices
When purchasing a device, we recommend getting one as new as possible. The software and firmware of mobile devices are only supported for a limited time, so buying new extends that lifespan as much as possible.
Ao adquirir um dispositivo, recomendamos que o adquira o mais novo possível. The software and firmware of mobile devices are only supported for a limited time, so buying new extends that lifespan as much as possible.
Avoid buying phones from mobile network operators. These often have a **locked bootloader** and do not support [OEM unlocking](https://source.android.com/devices/bootloader/locking_unlocking). These phone variants will prevent you from installing any kind of alternative Android distribution.
@@ -310,9 +312,9 @@ If you download APK files to install manually, you can verify their signature wi
Due to their process of building apps, apps in the official F-Droid repository often fall behind on updates. F-Droid maintainers also reuse package IDs while signing apps with their own keys, which is not ideal as it gives the F-Droid team ultimate trust.
Other popular third-party repositories such as [IzzyOnDroid](https://apt.izzysoft.de/fdroid/) alleviate some of these concerns. The IzzyOnDroid repository pulls builds directly from GitHub and is the next best thing to the developers' own repositories. No entanto, não é algo que podemos recomendar, já que normalmente os aplicativos são [removidos](https://github.com/vfsfitvnm/ViMusic/issues/240#issuecomment-1225564446) desse repositório quando vão para o repositório oficial do F-Droid. While that makes sense (since the goal of that particular repository is to host apps before they're accepted into the main F-Droid repository), it can leave you with installed apps which no longer receive updates.
Other popular third-party repositories such as [IzzyOnDroid](https://apt.izzysoft.de/fdroid/) alleviate some of these concerns. The IzzyOnDroid repository pulls builds directly from GitHub and is the next best thing to the developers' own repositories. However, it is not something that we can recommend, as apps are typically [removed](https://github.com/vfsfitvnm/ViMusic/issues/240#issuecomment-1225564446) from that respository when they make it to the main F-Droid repository. While that makes sense (since the goal of that particular repository is to host apps before they're accepted into the main F-Droid repository), it can leave you with installed apps which no longer receive updates.
Com isso em mente, os repositórios do [F-Droid](https://f-droid.org/en/packages/) e [IzzyOnDroid](https://apt.izzysoft.de/fdroid/) hospedam milhares de projetos, então eles podem ser boas ferramentas para pesquisar e descobrir aplicativos open-source que você pode, então, obter pela Play Store, Aurora Store ou baixando o APK disponibilizado pelo desenvolvedor. It is important to keep in mind that some apps in these repositories have not been updated in years and may rely on unsupported libraries, among other things, posing a potential security risk. You should use your best judgement when looking for new apps via this method.
That said, the [F-Droid](https://f-droid.org/en/packages/) and [IzzyOnDroid](https://apt.izzysoft.de/fdroid/) repositories are home to countless apps, so they can be a useful tool to search for and discover open-source apps that you can then download through Play Store, Aurora Store, or by getting the APK directly from the developer. It is important to keep in mind that some apps in these repositories have not been updated in years and may rely on unsupported libraries, among other things, posing a potential security risk. You should use your best judgement when looking for new apps via this method.
!!! note
@@ -337,7 +339,7 @@ Com isso em mente, os repositórios do [F-Droid](https://f-droid.org/en/packages
- Must **not** enable Google Play Services by default.
- Must **not** require system modification to support Google Play Services.
### Devices
### Dispositivos
- Must support at least one of our recommended custom operating systems.
- Must be currently sold new in stores.
@@ -349,5 +351,3 @@ Com isso em mente, os repositórios do [F-Droid](https://f-droid.org/en/packages
- Applications on this page must not be applicable to any other software category on the site.
- General applications should extend or replace core system functionality.
- Applications should receive regular updates and maintenance.
--8<-- "includes/abbreviations.pt-BR.txt"

3
i18n/pt-BR/basics/account-creation.md
View File

@@ -1,6 +1,7 @@
---
title: "Account Creation"
icon: 'material/account-plus'
description: Creating accounts online is practically an internet necessity, take these steps to make sure you stay private.
---
Often people sign up for services without thinking. Maybe it's a streaming service so you can watch that new show everyone's talking about, or an account that gives you a discount for your favorite fast food place. Whatever the case may be, you should consider the implications for your data now and later on down the line.
@@ -78,5 +79,3 @@ In many cases you will need to provide a number that you can receive SMS or call
### Username and password
Some services allow you to register without using an email address and only require you to set a username and password. These services may provide increased anonymity when combined with a VPN or Tor. Keep in mind that for these accounts there will most likely be **no way to recover your account** in the event you forget your username or password.
--8<-- "includes/abbreviations.pt-BR.txt"

3
i18n/pt-BR/basics/account-deletion.md
View File

@@ -1,6 +1,7 @@
---
title: "Exclusão de Conta"
icon: 'material/account-remove'
description: It's easy to accumulate a large number of internet accounts, here are some tips on how to prune your collection.
---
Com o tempo, pode ser fácil acumular várias contas online, muitas das quais você pode não mais usar. Excluir essas contas não utilizadas é um passo importante para recuperar sua privacidade, pois contas inativas são vulneráveis a violações de dados. A data breach is when a service's security is compromised and protected information is viewed, transmitted, or stolen by unauthorized actors. Data breaches are unfortunately all [too common](https://haveibeenpwned.com/PwnedWebsites) these days, and so practicing good digital hygiene is the best way to minimize the impact they have on your life. The goal of this guide then is to help navigate you through the irksome process of account deletion, often made difficult by [deceptive design](https://www.deceptive.design/), for the betterment of your online presence.
@@ -59,5 +60,3 @@ Even when you are able to delete an account, there is no guarantee that all your
## Evite Novas Contas
As the old saying goes, "an ounce of prevention is worth a pound of cure." Whenever you feel tempted to sign up for a new account, ask yourself, "Do I really need this? Can I accomplish what I need to without an account?" It can often be much harder to delete an account than to create one. And even after deleting or changing the info on your account, there might be a cached version from a third-party—like the [Internet Archive](https://archive.org/). Avoid the temptation when you're able to—your future self will thank you!
--8<-- "includes/abbreviations.pt-BR.txt"

3
i18n/pt-BR/basics/common-misconceptions.md
View File

@@ -1,6 +1,7 @@
---
title: "Equívocos Comuns"
icon: 'material/robot-confused'
description: Privacy isn't a straightforward topic, and it's easy to get caught up in marketing claims and other disinformation.
---
## "Software de código aberto é sempre seguro" ou "Software proprietário é mais seguro"
@@ -56,6 +57,4 @@ One of the clearest threat models is one where people *know who you are* and one
Using Tor can help with this. It is also worth noting that greater anonymity is possible through asynchronous communication: Real-time communication is vulnerable to analysis of typing patterns (i.e. more than a paragraph of text, distributed on a forum, via email, etc.)
--8<-- "includes/abbreviations.pt-BR.txt"
[^1]: One notable example of this is the [2021 incident in which University of Minnesota researchers introduced three vulnerabilities into the Linux kernel development project](https://cse.umn.edu/cs/linux-incident).

3
i18n/pt-BR/basics/common-threats.md
View File

@@ -1,6 +1,7 @@
---
title: "Ameaças Comuns"
icon: 'material/eye-outline'
description: Your threat model is personal to you, but these are some of the things many visitors to this site care about.
---
Broadly speaking, we categorize our recommendations into the [threats](threat-modeling.md) or goals that apply to most people. ==You may be concerned with none, one, a few, or all of these possibilities==, and the tools and services you use depend on what your goals are. You may have specific threats outside of these categories as well, which is perfectly fine! The important part is developing an understanding of the benefits and shortcomings of the tools you choose to use, because virtually none of them will protect you from every threat.
@@ -140,8 +141,6 @@ People concerned with the threat of censorship can use technologies like [Tor](.
You must always consider the risks of trying to bypass censorship, the potential consequences, and how sophisticated your adversary may be. You should be cautious with your software selection, and have a backup plan in case you are caught.
--8<-- "includes/abbreviations.pt-BR.txt"
[^1]: Wikipedia: [*Mass Surveillance*](https://en.wikipedia.org/wiki/Mass_surveillance) and [*Surveillance*](https://en.wikipedia.org/wiki/Surveillance).
[^2]: United States Privacy and Civil Liberties Oversight Board: [*Report on the Telephone Records Program Conducted under Section 215*](https://documents.pclob.gov/prod/Documents/OversightReport/ec542143-1079-424a-84b3-acc354698560/215-Report_on_the_Telephone_Records_Program.pdf)
[^3]: Wikipedia: [*Surveillance capitalism*](https://en.wikipedia.org/wiki/Surveillance_capitalism)

3
i18n/pt-BR/basics/email-security.md
View File

@@ -1,6 +1,7 @@
---
title: Segurança de Email
icon: material/email
description: Email is inherently insecure in many ways, and these are some of the reasons it isn't our top choice for secure communications.
---
Email is an insecure form of communication by default. You can improve your email security with tools such as OpenPGP, which add End-to-End Encryption to your messages, but OpenPGP still has a number of drawbacks compared to encryption in other messaging applications, and some email data can never be encrypted inherently due to how email is designed.
@@ -38,5 +39,3 @@ Email metadata is protected from outside observers with [Opportunistic TLS](http
### Por Que os Metadados Não Podem Ser E2EE?
Email metadata is crucial to the most basic functionality of email (where it came from, and where it has to go). E2EE was not built into the email protocols originally, instead requiring add-on software like OpenPGP. Because OpenPGP messages still have to work with traditional email providers, it cannot encrypt email metadata, only the message body itself. That means that even when using OpenPGP, outside observers can see lots of information about your messages, such as who you're emailing, the subject lines, when you're emailing, etc.
--8<-- "includes/abbreviations.pt-BR.txt"

3
i18n/pt-BR/basics/multi-factor-authentication.md
View File

@@ -1,6 +1,7 @@
---
title: "Autenticação de Múltiplos Fatores"
icon: 'material/two-factor-authentication'
description: MFA is a critical security mechanism for securing your online accounts, but some methods are stronger than others.
---
**Multi-Factor Authentication** (**MFA**) is a security mechanism that requires additional steps beyond entering your username (or email) and password. The most common method is time limited codes you might receive from SMS or an app.
@@ -162,5 +163,3 @@ SSH MFA can also be set up using TOTP. DigitalOcean has provided a tutorial [How
### KeePass (and KeePassXC)
KeePass and KeePassXC databases can be secured using Challenge-Response or HOTP as a second-factor authentication. Yubico has provided a document for KeePass [Using Your YubiKey with KeePass](https://support.yubico.com/hc/en-us/articles/360013779759-Using-Your-YubiKey-with-KeePass) and there is also one on the [KeePassXC](https://keepassxc.org/docs/#faq-yubikey-2fa) website.
--8<-- "includes/abbreviations.pt-BR.txt"

3
i18n/pt-BR/basics/passwords-overview.md
View File

@@ -1,6 +1,7 @@
---
title: "Introduction to Passwords"
icon: 'material/form-textbox-password'
description: These are some tips and tricks on how to create the strongest passwords and keep your accounts secure.
---
Passwords are an essential part of our everyday digital lives. We use them to protect our accounts, our devices and our secrets. Despite often being the only thing between us and an adversary who's after our private information, not a lot of thought is put into them, which often leads to people using passwords that can be easily guessed or brute-forced.
@@ -108,5 +109,3 @@ There are many good options to choose from, both cloud-based and local. Choose o
### Backups
You should store an [encrypted](../encryption.md) backup of your passwords on multiple storage devices or a cloud storage provider. This can help you access your passwords if something happens to your primary device or the service you are using.
--8<-- "includes/abbreviations.pt-BR.txt"

3
i18n/pt-BR/basics/threat-modeling.md
View File

@@ -1,6 +1,7 @@
---
title: "Modelagem de Ameaças"
icon: 'material/target-account'
description: Balancing security, privacy, and usability is one of the first and most difficult tasks you'll face on your privacy journey.
---
Balancing security, privacy, and usability is one of the first and most difficult tasks you'll face on your privacy journey. Everything is a trade-off: The more secure something is, the more restricting or inconvenient it generally is, etc. Often, people find that the problem with the tools they see recommended is that they're just too hard to start using!
@@ -107,5 +108,3 @@ For people looking to increase their privacy and security online, we've compiled
## Fontes
- [EFF Surveillance Self Defense: Your Security Plan](https://ssd.eff.org/en/module/your-security-plan)
--8<-- "includes/abbreviations.pt-BR.txt"

11
i18n/pt-BR/basics/vpn-overview.md
View File

@@ -1,11 +1,12 @@
---
title: VPN Overview
icon: material/vpn
description: Virtual Private Networks shift risk away from your ISP to a third-party you trust. You should keep these things in mind.
---
Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world. An ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem).
Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns).
A VPN can help as it can shift trust to a server somewhere else in the world. As a result, the ISP then only sees that you are connected to a VPN and nothing about the activity that you're passing into it.
@@ -17,7 +18,7 @@ VPNs cannot encrypt data outside of the connection between your device and the V
However, they do hide your actual IP from a third-party service, provided that there are no IP leaks. They help you blend in with others and mitigate IP based tracking.
## When shouldn't I use a VPN?
## Quando não deveria usar uma VPN?
Using a VPN in cases where you're using your [known identity](common-threats.md#common-misconceptions) is unlikely be useful.
@@ -43,11 +44,11 @@ By using a VPN with Tor, you're creating essentially a permanent entry node, oft
## E se eu precisar de anonimato?
VPNs cannot provide anonymity. Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data. Use [Tor](https://www.torproject.org/) instead.
As VPNs não podem fornecer anonimato. Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data. Use [Tor](https://www.torproject.org/) em vez disso.
## E os provedores de VPN que fornecem nós Tor?
Do not use that feature. The point of using Tor is that you do not trust your VPN provider. Currently Tor only supports the [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
Não use esse recurso. The point of using Tor is that you do not trust your VPN provider. Currently Tor only supports the [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) protocol. [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) (used in [WebRTC](https://en.wikipedia.org/wiki/WebRTC) for voice and video sharing, the new [HTTP3/QUIC](https://en.wikipedia.org/wiki/HTTP/3) protocol, etc), [ICMP](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) and other packets will be dropped. To compensate for this, VPN providers typically will route all non-TCP packets through their VPN server (your first hop). This is the case with [ProtonVPN](https://protonvpn.com/support/tor-vpn/). Additionally, when using this Tor over VPN setup, you do not have control over other important Tor features such as [Isolated Destination Address](https://www.whonix.org/wiki/Stream_Isolation) (using a different Tor circuit for every domain you visit).
The feature should be viewed as a convenient way to access the Tor Network, not to stay anonymous. For proper anonymity, use the Tor Browser, TorSocks, or a Tor gateway.
@@ -74,5 +75,3 @@ For situations like these, or if you have another compelling reason, the VPN pro
- [Free VPN App Investigation](https://www.top10vpn.com/free-vpn-app-investigation/)
- [Hidden VPN owners unveiled: 101 VPN products run by just 23 companies](https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/)
- [This Chinese company is secretly behind 24 popular apps seeking dangerous permissions](https://vpnpro.com/blog/chinese-company-secretly-behind-popular-apps-seeking-dangerous-permissions/)
--8<-- "includes/abbreviations.pt-BR.txt"

3
i18n/pt-BR/calendar.md
View File

@@ -1,6 +1,7 @@
---
title: "Calendar Sync"
icon: material/calendar
description: Calendars contain some of your most sensitive data; use products that implement encryption at rest.
---
Calendars contain some of your most sensitive data; use products that implement E2EE at rest to prevent a provider from reading them.
@@ -67,5 +68,3 @@ Calendars contain some of your most sensitive data; use products that implement
Our best-case criteria represents what we would like to see from the perfect project in this category. Our recommendations may not include any or all of this functionality, but those which do may rank higher than others on this page.
- Should integrate with native OS calendar and contact management apps if applicable.
--8<-- "includes/abbreviations.pt-BR.txt"

4
i18n/pt-BR/cloud.md
View File

@@ -1,6 +1,7 @@
---
title: "Cloud Storage"
icon: material/file-cloud
description: Many cloud storage providers require your trust that they will not look at your files. These are private alternatives!
---
Many cloud storage providers require your full trust that they will not look at your files. The alternatives listed below eliminate the need for trust by either putting you in control of your data or by implementing E2EE.
@@ -29,7 +30,6 @@ If these alternatives do not fit your needs, we suggest you look into [Encryptio
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=me.proton.android.drive)
- [:simple-appstore: App Store](https://apps.apple.com/app/id1509667851)
Proton Drive's mobile clients were released in December 2022 and are not yet open-source. Proton has historically delayed their source code releases until after initial product releases, and [plans to](https://www.reddit.com/r/ProtonDrive/comments/zf14i8/comment/izdwmme/?utm_source=share&utm_medium=web2x&context=3) release the source code by the end of 2023. Proton Drive desktop clients are still in development.
## Criteria
@@ -58,5 +58,3 @@ Our best-case criteria represents what we would like to see from the perfect pro
- These clients should integrate with native OS tools for cloud storage providers, such as Files app integration on iOS, or DocumentsProvider functionality on Android.
- Should support easy file-sharing with other users.
- Should offer at least basic file preview and editing functionality on the web interface.
--8<-- "includes/abbreviations.pt-BR.txt"

54
i18n/pt-BR/cryptocurrency.md Normal file
View File

@@ -0,0 +1,54 @@
---
title: Criptomoedas
icon: material/bank-circle
---
Making payments online is one of the biggest challenges to privacy. These cryptocurrencies provide transaction privacy by default (something which is **not** guaranteed by the majority of cryptocurrencies), provided you have a strong understanding of how to make private payments effectively. We strongly encourage you first read our payments overview article before making any purchases:
[Making Private Payments :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
!!! aviso
Você **nunca** deve instalar quaisquer extensões adicionais no Tor Browser, incluindo as que sugerimos para o Firefox.
Many if not most cryptocurrency projects are scams. Make transactions carefully with only projects you trust.
## Monero
!!! recommendation
![Monero logo](assets/img/cryptocurrency/monero.svg){ align=right }
**Monero** uses a blockchain with privacy-enhancing technologies that obfuscate transactions to achieve anonymity. Every Monero transaction hides the transaction amount, sending and receiving addresses, and source of funds without any hoops to jump through, making it an ideal choice for cryptocurrency novices.
[:octicons-home-16: Homepage](https://www.getmonero.org/){ .md-button .md-button--primary }
[:octicons-info-16:](https://www.getmonero.org/resources/user-guides/){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/monero-project/monero){ .card-link title="Source Code" }
[:octicons-heart-16:](https://www.getmonero.org/get-started/contributing/){ .card-link title=Contribute }
With Monero, outside observers cannot decipher addresses trading Monero, transaction amounts, address balances, or transaction histories.
For optimal privacy, make sure to use a noncustodial wallet where the view key stays on the device. This means that only you will have the ability to spend your funds and see incoming and outgoing transactions. If you use a custodial wallet, the provider can see **everything** you do; if you use a “lightweight” wallet where the provider retains your private view key, the provider can see almost everything you do. Some noncustodial wallets include:
- [Official Monero client](https://getmonero.org/downloads) (Desktop)
- [Cake Wallet](https://cakewallet.com/) (iOS, Android)
- Cake Wallet supports multiple cryptocurrencies. A Monero-only version of Cake Wallet is available at [Monero.com](https://monero.com/).
- [Feather Wallet](https://featherwallet.org/) (Desktop)
- [Monerujo](https://www.monerujo.io/) (Android)
For maximum privacy (even with a noncustodial wallet), you should run your own Monero node. Using another persons node will expose some information to them, such as the IP address that you connect to it from, the timestamps that you sync your wallet, and the transactions that you send from your wallet (though no other details about those transactions). Alternatively, you can connect to someone elses Monero node over Tor or i2p.
In August 2021, CipherTrace [announced](https://finance.yahoo.com/news/ciphertrace-announces-enhanced-monero-tracing-160000275.html) enhanced Monero tracing capabilities for government agencies. Public postings show that the US Department of the Treasury's Financial Crimes Enforcement Network [licensed](https://sam.gov/opp/d12cbe9afbb94ca68006d0f006d355ac/view) CipherTrace's "Monero Module" in late 2022.
Monero transaction graph privacy is limited by its relatively small ring signatures, especially against targeted attacks. Monero's privacy features have also been [called into question](https://web.archive.org/web/20180331203053/https://www.wired.com/story/monero-privacy/) by some security researchers, and a number of severe vulnerabilities have been found and patched in the past, so the claims made by organizations like CipherTrace are not out of the question. While it's unlikely that Monero mass surveillance tools exist like they do for Bitcoin and others, it's certain that tracing tools assist with targeted investigations.
Ultimately, Monero is the strongest contender for a privacy-friendly cryptocurrency, but its privacy claims have **not** been definitively proven one way or the other. More time and research is needed to assess whether Monero is resilient enough to attacks to always provide adequate privacy.
## Criteria
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
!!! example "This section is new"
We are working on establishing defined criteria for every section of our site, and this may be subject to change. If you have any questions about our criteria, please [ask on our forum](https://discuss.privacyguides.net/latest) and don't assume we didn't consider something when making our recommendations if it is not listed here. There are many factors considered and discussed when we recommend a project, and documenting every single one is a work-in-progress.
- Cryptocurrency must provide private/untraceable transactions by default.

3
i18n/pt-BR/data-redaction.md
View File

@@ -1,6 +1,7 @@
---
title: "Data and Metadata Redaction"
icon: material/tag-remove
description: Use these tools to remove metadata like GPS location and other identifying information from photos and files you share.
---
When sharing files, be sure to remove associated metadata. Image files commonly include [Exif](https://en.wikipedia.org/wiki/Exif) data. Photos sometimes even include GPS coordinates in the file metadata.
@@ -142,5 +143,3 @@ The app offers multiple ways to erase metadata from images. Namely:
- Apps developed for open-source operating systems must be open-source.
- Apps must be free and should not include ads or other limitations.
--8<-- "includes/abbreviations.pt-BR.txt"

3
i18n/pt-BR/desktop-browsers.md
View File

@@ -1,6 +1,7 @@
---
title: "Navegadores Desktop"
icon: material/laptop
description: Firefox and Brave are our recommendations for standard/non-anonymous browsing.
---
These are our currently recommended desktop web browsers and configurations for standard/non-anonymous browsing. If you need to browse the internet anonymously, you should use [Tor](tor.md) instead. In general, we recommend keeping your browser extensions to a minimum; they have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
@@ -258,6 +259,4 @@ Our best-case criteria represents what we would like to see from the perfect pro
- Must not replicate built-in browser or OS functionality.
- Must directly impact user privacy, i.e. must not simply provide information.
--8<-- "includes/abbreviations.pt-BR.txt"
[^1]: Brave's implementation is detailed at [Brave Privacy Updates: Partitioning network-state for privacy](https://brave.com/privacy-updates/14-partitioning-network-state/).

3
i18n/pt-BR/desktop.md
View File

@@ -1,6 +1,7 @@
---
title: "Desktop/PC"
icon: simple/linux
description: Linux distributions are commonly recommended for privacy protection and software freedom.
---
Linux distributions are commonly recommended for privacy protection and software freedom. If you don't already use Linux, below are some distributions we suggest trying out, as well as some general privacy and security improvement tips that are applicable to many Linux distributions.
@@ -180,5 +181,3 @@ Our recommended operating systems:
- Must support full-disk encryption during installation.
- Must not freeze regular releases for more than 1 year. We [do not recommend](os/linux-overview.md#release-cycle) "Long Term Support" or "stable" distro releases for desktop usage.
- Must support a wide variety of hardware.
--8<-- "includes/abbreviations.pt-BR.txt"

25
i18n/pt-BR/dns.md
View File

@@ -1,24 +1,23 @@
---
title: "Introdução ao DNS"
icon: material/dns
description: These are some encrypted DNS providers we recommend switching to, to replace your ISP's default configuration.
---
!!! Devo usar DNS criptografado?
DNS criptografado com servidores de terceiros só deve ser usado para contornar o [bloqueio básico de DNS](https://en.wikipedia.org/wiki/DNS_blocking) quando você pode ter certeza de que não haverá nenhuma consequência. DNS encriptada não irá te ajudar a esconder qualquer uma das suas atividades de navegação.
Encrypted DNS with a 3rd party should only be used to get around redirects and basic <a href="https://en.wikipedia.org/wiki/DNS_blocking">DNS blocking</a> when you can be sure there won't be any consequences or you're interested in a provider that does some rudimentary filtering. Encrypted DNS will not help you hide any of your browsing activity.
[Learn more about DNS](advanced/dns-overview.md){ .md-button }
[Saiba mais sobre DNS :material-arrow-right-drop-circle:](advanced/dns-overview.md ""){.md-button}
## Provedores Recomendados
| DNS | Privacy Policy | Protocol | Logging | ECS | Filtering |
| ------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------- | ------------------------------------------------------------- | ------------ | -------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| [**AdGuard**](https://adguard.com/en/adguard-dns/overview.html) | [:octicons-link-external-24:](https://adguard.com/en/privacy/dns.html) | Cleartext <br> DoH/3 <br> DoT <br> DNSCrypt | Some[^1] | 2 | Based on server choice. Filter list being used can be found here. [**DNS over HTTPS**](https://en.wikipedia.org/wiki/DNS_over_HTTPS) as defined in [RFC 8484](https://datatracker.ietf.org/doc/html/rfc8484) packages queries in the [HTTP/2](https://en.wikipedia.org/wiki/HTTP/2) protocol and provides security with HTTPS. Support was first added in web browsers such as Firefox 60 and Chrome 83. |
| [**Cloudflare**](https://developers.cloudflare.com/1.1.1.1/setting-up-1.1.1.1/) | [:octicons-link-external-24:](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/) | Cleartext <br> DoH/3 <br> DoT | Some[^2] | 2 | Based on server choice. |
| [**Control D**](https://controld.com/free-dns) | [:octicons-link-external-24:](https://controld.com/privacy) | Cleartext <br> DoH/3 <br> DoT <br> DoQ | Optional[^3] | 2 | Based on server choice. |
| [**Mullvad**](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) | [:octicons-link-external-24:](https://mullvad.net/en/help/no-logging-data-policy/) | DoH <br> DoT | No[^4] | 2 | Based on server choice. Filter list being used can be found here. [:octicons-link-external-24:](https://github.com/mullvad/dns-adblock) |
| [**NextDNS**](https://www.nextdns.io) | [:octicons-link-external-24:](https://www.nextdns.io/privacy) | Cleartext <br> DoH/3 <br> DoT | Optional[^5] | Optional | Based on server choice. |
| [**Quad9**](https://quad9.net) | [:octicons-link-external-24:](https://quad9.net/privacy/policy/) | Cleartext <br> DoH <br> DoT <br> DNSCrypt | Some[^6] | Optional | Based on server choice, Malware blocking by default. |
| Provedor de DNS | Política de Privacidade | Protocolos | Registro | ECS | Filtragem |
| ------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------- | ------------------------------------------------------------- | ------------ | -------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| [**AdGuard**](https://adguard.com/en/adguard-dns/overview.html) | [:octicons-link-external-24:](https://adguard.com/en/privacy/dns.html) | Cleartext <br> DoH/3 <br> DoT <br> DNSCrypt | Some[^1] | Não | Baseado na escolha do servidor. As listas de filtragem usadas podem ser encontradas aqui. [**DNS over HTTPS**](https://en.wikipedia.org/wiki/DNS_over_HTTPS) as defined in [RFC 8484](https://datatracker.ietf.org/doc/html/rfc8484) packages queries in the [HTTP/2](https://en.wikipedia.org/wiki/HTTP/2) protocol and provides security with HTTPS. Support was first added in web browsers such as Firefox 60 and Chrome 83. |
| [**Cloudflare**](https://developers.cloudflare.com/1.1.1.1/setting-up-1.1.1.1/) | [:octicons-link-external-24:](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/) | Cleartext <br> DoH/3 <br> DoT | Some[^2] | Não | Baseado na escolha do servidor. |
| [**Control D**](https://controld.com/free-dns) | [:octicons-link-external-24:](https://controld.com/privacy) | Cleartext <br> DoH/3 <br> DoT <br> DoQ | Optional[^3] | Não | Baseado na escolha do servidor. |
| [**Mullvad**](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) | [:octicons-link-external-24:](https://mullvad.net/en/help/no-logging-data-policy/) | DoH <br> DoT | No[^4] | Não | Baseado na escolha do servidor. As listas de filtragem usadas podem ser encontradas aqui. [:octicons-link-external-24:](https://github.com/mullvad/dns-adblock) |
| [**NextDNS**](https://www.nextdns.io) | [:octicons-link-external-24:](https://www.nextdns.io/privacy) | Cleartext <br> DoH/3 <br> DoT | Optional[^5] | Optional | Baseado na escolha do servidor. |
| [**Quad9**](https://quad9.net) | [:octicons-link-external-24:](https://quad9.net/privacy/policy/) | Cleartext <br> DoH <br> DoT <br> DNSCrypt | Some[^6] | Optional | Based on server choice, Malware blocking by default. |
## Criteria
@@ -131,8 +130,6 @@ A self-hosted DNS solution is useful for providing filtering on controlled platf
[:octicons-code-16:](https://github.com/pi-hole/pi-hole){ .card-link title="Source Code" }
[:octicons-heart-16:](https://pi-hole.net/donate){ .card-link title=Contribute }
--8<-- "includes/abbreviations.pt-BR.txt"
[^1]: AdGuard stores aggregated performance metrics of their DNS servers, namely the number of complete requests to a particular server, the number of blocked requests, and the speed of processing requests. They also keep and store the database of domains requested in within last 24 hours. "We need this information to identify and block new trackers and threats." "We also log how many times this or that tracker has been blocked. We need this information to remove outdated rules from our filters." [https://adguard.com/en/privacy/dns.html](https://adguard.com/en/privacy/dns.html)
[^2]: Cloudflare collects and stores only the limited DNS query data that is sent to the 1.1.1.1 resolver. The 1.1.1.1 resolver service does not log personal data, and the bulk of the limited non-personally identifiable query data is stored only for 25 hours. [https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/)
[^3]: Control D only logs for Premium resolvers with custom DNS profiles. Free resolvers do not log data. [https://controld.com/privacy](https://controld.com/privacy)

3
i18n/pt-BR/email-clients.md
View File

@@ -1,6 +1,7 @@
---
title: "Email Clients"
icon: material/email-open
description: These email clients are privacy-respecting and support OpenPGP email encryption.
---
Our recommendation list contains email clients that support both [OpenPGP](encryption.md#openpgp) and strong authentication such as [Open Authorization (OAuth)](https://en.wikipedia.org/wiki/OAuth). OAuth allows you to use [Multi-Factor Authentication](basics/multi-factor-authentication.md) and prevent account theft.
@@ -235,5 +236,3 @@ Our best-case criteria represents what we would like to see from the perfect pro
- Should not collect any telemetry by default.
- Should support OpenPGP natively, i.e. without extensions.
- Should support storing OpenPGP encrypted emails locally.
--8<-- "includes/abbreviations.pt-BR.txt"

235
i18n/pt-BR/email.md
View File

@@ -1,41 +1,52 @@
---
title: "Email Services"
icon: material/email
description: These email providers offer a great place to store your emails securely, and many offer interoperable OpenPGP encryption with other providers.
---
Email is practically a necessity for using any online service, however we do not recommend it for person-to-person conversations. Rather than using email to contact other people, consider using an instant messaging medium that supports forward secrecy.
Email é praticamente uma necessidade para utilizar qualquer serviço online, contudo não recomendamos ele para conversas pessoas pessoa-a-pessoa. Ao invés de utilizar email para falar com outras pessoas, considere utilizar um meio de mensagens instantâneas que suporte sigilo encaminhado.
[Recommended Instant Messengers](real-time-communication.md ""){.md-button}
[Mensageiros Instantâneos Recomendados](real-time-communication.md ""){.md-button}
For everything else, we recommend a variety of email providers based on sustainable business models and built-in security and privacy features.
Para qualquer outra coisa, recomendamos uma variedade de provedores de email baseados em modelos de negócio sustentáveis e recursos de segurança e privacidade incorporados.
## OpenPGP Compatible Services
- [OpenPGP-Compatible Email Providers :material-arrow-right-drop-circle:](#openpgp-compatible-services)
- [Other Encrypted Providers :material-arrow-right-drop-circle:](#more-providers)
- [Email Aliasing Services :material-arrow-right-drop-circle:](#email-aliasing-services)
- [Self-Hosted Options :material-arrow-right-drop-circle:](#self-hosting-email)
These providers natively support OpenPGP encryption/decryption, allowing for provider-agnostic E2EE emails. For example, a Proton Mail user could send an E2EE message to a Mailbox.org user, or you could receive OpenPGP-encrypted notifications from internet services which support it.
## Serviços Compatíveis com OpenPGP
!!! warning
These providers natively support OpenPGP encryption/decryption and the Web Key Directory (WKD) standard, allowing for provider-agnostic E2EE emails. Por exemplo, um usuário do Proton Mail pode mandar uma mensagem E2EE para um usuário de Mailbox.org, ou você pode receber notificações OpenPGP-encriptadas de serviços de internet que suportam isso.
When using E2EE technology like OpenPGP, email will still have some metadata that is not encrypted in the header of the email. Read more about [email metadata](basics/email-security.md#email-metadata-overview).
<div class="grid cards" markdown>
- ![Proton Mail logo](assets/img/email/protonmail.svg){ .twemoji } [Proton Mail](email.md#proton-mail)
- ![Mailbox.org logo](assets/img/email/mailboxorg.svg){ .twemoji } [Mailbox.org](email.md#mailboxorg)
</div>
!!! aviso
Quando usada tecnologia E2EE como OpenPGP, o email ainda terá alguns metadados que não são encriptados no cabeçalho do email. Leia mais sobre [metadados de email](basics/email-security.md#email-metadata-overview).
OpenPGP also does not support Forward secrecy, which means if either your or the recipient's private key is ever stolen, all previous messages encrypted with it will be exposed. [How do I protect my private keys?](basics/email-security.md#how-do-i-protect-my-private-keys)
OpenPGP também não suporta Sigilo Encaminhado, isso significa que se a sua chave ou a do destinatário é alguma vez roubada, todas as mensagens anteriores encriptadas com essa chave serão expostas. [Como eu protejo minhas chaves privadas?](basics/email-security.md#how-do-i-protect-my-private-keys)
### Proton Mail
!!! recommendation
![Proton Mail logo](assets/img/email/protonmail.svg){ align=right }
![logo do Proton Mail](assets/img/email/protonmail.svg){ align=right }
**Proton Mail** is an email service with a focus on privacy, encryption, security, and ease of use. They have been in operation since **2013**. Proton AG is based in Genève, Switzerland. Accounts start with 500 MB storage with their free plan.
**Proton Mail** é um serviço de email com foco na privacidade, criptografia, segurança, e facilidade de uso. Eles estão operando desde **2013**. Proton AG é localizado em Genève, Suíça. As contas começam com 500 MB de armazenamento com seu plano grátis.
[:octicons-home-16: Homepage](https://proton.me/mail){ .md-button .md-button--primary }
[:simple-torbrowser:](https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion){ .card-link title="Onion Service" }
[:octicons-eye-16:](https://proton.me/legal/privacy){ .card-link title="Privacy Policy" }
[:octicons-info-16:](https://proton.me/support/mail){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/ProtonMail){ .card-link title="Source Code" }
[:octicons-home-16: Página Inicial](https://proton.me/mail){ .md-button .md-button--primary }
[:simple-torbrowser:](https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion){ .card-link title="Serviço Onion" }
[:octicons-eye-16:](https://proton.me/legal/privacy){ .card-link title="Política de Privacidade" }
[:octicons-info-16:](https://proton.me/support/mail){ .card-link title=Documentação}
[:octicons-code-16:](https://github.com/ProtonMail){ .card-link title="Código-Fonte" }
??? downloads
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=ch.protonmail.android)
??? - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=ch.protonmail.android)
- [:simple-appstore: App Store](https://apps.apple.com/app/apple-store/id979659905)
- [:simple-github: GitHub](https://github.com/ProtonMail/proton-mail-android/releases)
- [:simple-windows11: Windows](https://proton.me/mail/bridge#download)
@@ -43,47 +54,47 @@ These providers natively support OpenPGP encryption/decryption, allowing for pro
- [:simple-linux: Linux](https://proton.me/mail/bridge#download)
- [:octicons-browser-16: Web](https://mail.proton.me)
Free accounts have some limitations, such as not being able to search body text and not having access to [Proton Mail Bridge](https://proton.me/mail/bridge), which is required to use a [recommended desktop email client](email-clients.md) (e.g. Thunderbird). Paid accounts include features like Proton Mail Bridge, additional storage, and custom domain support. A [letter of attestation](https://proton.me/blog/security-audit-all-proton-apps) was provided for Proton Mail's apps on 9th November 2021 by [Securitum](https://research.securitum.com).
Contas gratuitas têm algumas limitações, como não poderem pesquisar no corpo de texto e não ter acesso à [Ponte Proton Mail](https://proton.me/mail/bridge), o que é requerido para usar um [cliente de email desktop recomendado](email-clients.md) (ex. Thunderbird). Contas pagas incluem funcionalidades como a Ponte Proton Mail, mais armazenamento, e suporte para domínios customizados. Uma [carta de atestação](https://proton.me/blog/security-audit-all-proton-apps) foi fornecida para os apps do Proton Mail em 9 de Novembro de 2021 pela [Securitium](https://research.securitum.com).
If you have the Proton Unlimited, Business, or Visionary Plan, you also get [SimpleLogin](#simplelogin) Premium for free.
Se você tem o Proton Unlimited, Bussiness, ou Visionary Plan, você também ganha o [SimpleLogin](#simplelogin) Premium de graça.
Proton Mail has internal crash reports that they **do not** share with third parties. This can be disabled in: **Settings** > **Go to Settings** > **Account** > **Security and privacy** > **Send crash reports**.
??? success "Custom Domains and Aliases"
#### :material-check:{ .pg-green } Custom Domains and Aliases
Paid Proton Mail subscribers can use their own domain with the service or a [catch-all](https://proton.me/support/catch-all) address. Proton Mail also supports [subaddressing](https://proton.me/support/creating-aliases), which is useful for people who don't want to purchase a domain.
Paid Proton Mail subscribers can use their own domain with the service or a [catch-all](https://proton.me/support/catch-all) address. Proton Mail also supports [subaddressing](https://proton.me/support/creating-aliases), which is useful for people who don't want to purchase a domain.
??? success "Private Payment Methods"
#### :material-check:{ .pg-green } Private Payment Methods
Proton Mail [accepts](https://proton.me/support/payment-options) Bitcoin and cash by mail in addition to standard credit/debit card and PayPal payments.
Proton Mail [accepts](https://proton.me/support/payment-options) cash by mail in addition to standard credit/debit card, [Bitcoin](advanced/payments.md#other-coins-bitcoin-ethereum-etc), and PayPal payments.
??? success "Account Security"
#### :material-check:{ .pg-green } Account Security
Proton Mail supports TOTP [two factor authentication](https://proton.me/support/two-factor-authentication-2fa) only. The use of a U2F security key is not yet supported. Proton Mail is planning to implement U2F upon completion of their [Single Sign On (SSO)](https://reddit.com/comments/cheoy6/comment/feh2lw0/) code.
Proton Mail supports TOTP [two factor authentication](https://proton.me/support/two-factor-authentication-2fa) only. The use of a U2F security key is not yet supported. Proton Mail is planning to implement U2F upon completion of their [Single Sign On (SSO)](https://reddit.com/comments/cheoy6/comment/feh2lw0/) code.
??? success "Data Security"
#### :material-check:{ .pg-green } Data Security
Proton Mail has [zero-access encryption](https://proton.me/blog/zero-access-encryption) at rest for your emails and [calendars](https://proton.me/news/protoncalendar-security-model). Data secured with zero-access encryption is only accessible by you.
Certain information stored in [Proton Contacts](https://proton.me/support/proton-contacts), such as display names and email addresses, are not secured with zero-access encryption. Contact fields that support zero-access encryption, such as phone numbers, are indicated with a padlock icon.
Proton Mail has [zero-access encryption](https://proton.me/blog/zero-access-encryption) at rest for your emails and [calendars](https://proton.me/news/protoncalendar-security-model). Data secured with zero-access encryption is only accessible by you.
??? success "Email Encryption"
Certain information stored in [Proton Contacts](https://proton.me/support/proton-contacts), such as display names and email addresses, are not secured with zero-access encryption. Contact fields that support zero-access encryption, such as phone numbers, are indicated with a padlock icon.
Proton Mail has [integrated OpenPGP encryption](https://proton.me/support/how-to-use-pgp) in their webmail. Emails to other Proton Mail accounts are encrypted automatically, and encryption to non-Proton Mail addresses with an OpenPGP key can be enabled easily in your account settings. They also allow you to [encrypt messages to non-Proton Mail addresses](https://proton.me/support/password-protected-emails) without the need for them to sign up for a Proton Mail account or use software like OpenPGP.
Proton Mail also supports the discovery of public keys via HTTP from their [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). This allows people who don't use Proton Mail to find the OpenPGP keys of Proton Mail accounts easily, for cross-provider E2EE.
#### :material-check:{ .pg-green } Email Encryption
??? warning "Digital Legacy"
Proton Mail has [integrated OpenPGP encryption](https://proton.me/support/how-to-use-pgp) in their webmail. Emails to other Proton Mail accounts are encrypted automatically, and encryption to non-Proton Mail addresses with an OpenPGP key can be enabled easily in your account settings. They also allow you to [encrypt messages to non-Proton Mail addresses](https://proton.me/support/password-protected-emails) without the need for them to sign up for a Proton Mail account or use software like OpenPGP.
Proton Mail doesn't offer a digital legacy feature.
Proton Mail also supports the discovery of public keys via HTTP from their [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). This allows people who don't use Proton Mail to find the OpenPGP keys of Proton Mail accounts easily, for cross-provider E2EE.
??? info "Account Termination"
#### :material-alert-outline:{ .pg-orange } Digital Legacy
If you have a paid account and your [bill is unpaid](https://proton.me/support/delinquency) after 14 days, you won't be able to access your data. After 30 days, your account will become delinquent and won't receive incoming mail. You will continue to be billed during this period.
Proton Mail doesn't offer a digital legacy feature.
??? info "Additional Functionality"
#### :material-information-outline:{ .pg-blue } Account Termination
Proton Mail offers an "Unlimited" account for €9.99/Month, which also enables access to Proton VPN in addition to providing multiple accounts, domains, aliases, and 500GB of storage.
If you have a paid account and your [bill is unpaid](https://proton.me/support/delinquency) after 14 days, you won't be able to access your data. After 30 days, your account will become delinquent and won't receive incoming mail. You will continue to be billed during this period.
#### :material-information-outline:{ .pg-blue } Additional Functionality
Proton Mail offers an "Unlimited" account for €9.99/Month, which also enables access to Proton VPN in addition to providing multiple accounts, domains, aliases, and 500GB of storage.
### Mailbox.org
@@ -101,43 +112,54 @@ Proton Mail has internal crash reports that they **do not** share with third par
- [:octicons-browser-16: Web](https://login.mailbox.org)
??? success "Custom Domains and Aliases"
#### :material-check:{ .pg-green } Custom Domains and Aliases
Mailbox.org lets you use your own domain, and they support [catch-all](https://kb.mailbox.org/display/MBOKBEN/Using+catch-all+alias+with+own+domain) addresses. Mailbox.org also supports [subaddressing](https://kb.mailbox.org/display/BMBOKBEN/What+is+an+alias+and+how+do+I+use+it), which is useful if you don't want to purchase a domain.
Mailbox.org lets you use your own domain, and they support [catch-all](https://kb.mailbox.org/display/MBOKBEN/Using+catch-all+alias+with+own+domain) addresses. Mailbox.org also supports [subaddressing](https://kb.mailbox.org/display/BMBOKBEN/What+is+an+alias+and+how+do+I+use+it), which is useful if you don't want to purchase a domain.
??? info "Private Payment Methods"
#### :material-check:{ .pg-green } Private Payment Methods
Mailbox.org doesn't accept Bitcoin or any other cryptocurrencies as a result of their payment processor BitPay suspending operations in Germany. However, they do accept Cash by mail, cash payment to bank account, bank transfer, credit card, PayPal and couple of German-specific processors: paydirekt and Sofortüberweisung.
Mailbox.org doesn't accept any cryptocurrencies as a result of their payment processor BitPay suspending operations in Germany. However, they do accept Cash by mail, cash payment to bank account, bank transfer, credit card, PayPal and couple of German-specific processors: paydirekt and Sofortüberweisung.
??? success "Account Security"
#### :material-check:{ .pg-green } Account Security
Mailbox.org supports [two factor authentication](https://kb.mailbox.org/display/MBOKBEN/How+to+use+two-factor+authentication+-+2FA) for their webmail only. You can use either TOTP or a [Yubikey](https://en.wikipedia.org/wiki/YubiKey) via the [Yubicloud](https://www.yubico.com/products/services-software/yubicloud). Web standards such as [WebAuthn](https://en.wikipedia.org/wiki/WebAuthn) are not yet supported.
Mailbox.org supports [two factor authentication](https://kb.mailbox.org/display/MBOKBEN/How+to+use+two-factor+authentication+-+2FA) for their webmail only. You can use either TOTP or a [Yubikey](https://en.wikipedia.org/wiki/YubiKey) via the [Yubicloud](https://www.yubico.com/products/services-software/yubicloud). Web standards such as [WebAuthn](https://en.wikipedia.org/wiki/WebAuthn) are not yet supported.
??? info "Data Security"
#### :material-information-outline:{ .pg-blue } Data Security
Mailbox.org allows for encryption of incoming mail using their [encrypted mailbox](https://kb.mailbox.org/display/MBOKBEN/The+Encrypted+Mailbox). New messages that you receive will then be immediately encrypted with your public key.
However, [Open-Exchange](https://en.wikipedia.org/wiki/Open-Xchange), the software platform used by Mailbox.org, [does not support](https://kb.mailbox.org/display/BMBOKBEN/Encryption+of+calendar+and+address+book) the encryption of your address book and calendar. A [standalone option](calendar.md) may be more appropriate for that information.
Mailbox.org allows for encryption of incoming mail using their [encrypted mailbox](https://kb.mailbox.org/display/MBOKBEN/The+Encrypted+Mailbox). New messages that you receive will then be immediately encrypted with your public key.
??? success "Email Encryption"
However, [Open-Exchange](https://en.wikipedia.org/wiki/Open-Xchange), the software platform used by Mailbox.org, [does not support](https://kb.mailbox.org/display/BMBOKBEN/Encryption+of+calendar+and+address+book) the encryption of your address book and calendar. A [standalone option](calendar.md) may be more appropriate for that information.
Mailbox.org has [integrated encryption](https://kb.mailbox.org/display/MBOKBEN/Send+encrypted+e-mails+with+Guard) in their webmail, which simplifies sending messages to people with public OpenPGP keys. They also allow [remote recipients to decrypt an email](https://kb.mailbox.org/display/MBOKBEN/My+recipient+does+not+use+PGP) on Mailbox.org's servers. This feature is useful when the remote recipient does not have OpenPGP and cannot decrypt a copy of the email in their own mailbox.
Mailbox.org also supports the discovery of public keys via HTTP from their [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). This allows people outside of Mailbox.org to find the OpenPGP keys of Mailbox.org accounts easily, for cross-provider E2EE.
#### :material-check:{ .pg-green } Email Encryption
??? success "Digital Legacy"
Mailbox.org has [integrated encryption](https://kb.mailbox.org/display/MBOKBEN/Send+encrypted+e-mails+with+Guard) in their webmail, which simplifies sending messages to people with public OpenPGP keys. They also allow [remote recipients to decrypt an email](https://kb.mailbox.org/display/MBOKBEN/My+recipient+does+not+use+PGP) on Mailbox.org's servers. This feature is useful when the remote recipient does not have OpenPGP and cannot decrypt a copy of the email in their own mailbox.
Mailbox.org has a digital legacy feature for all plans. You can choose whether you want any of your data to be passed to heirs providing that they apply and provide your testament. Alternatively, you can nominate a person by name and address.
Mailbox.org also supports the discovery of public keys via HTTP from their [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). This allows people outside of Mailbox.org to find the OpenPGP keys of Mailbox.org accounts easily, for cross-provider E2EE.
??? info "Account Termination"
#### :material-check:{ .pg-green } Digital Legacy
Your account will be set to a restricted user account when your contract ends, after [30 days it will be irrevocably deleted](https://kb.mailbox.org/en/private/payment-article/what-happens-at-the-end-of-my-contract).
Mailbox.org has a digital legacy feature for all plans. You can choose whether you want any of your data to be passed to heirs providing that they apply and provide your testament. Alternatively, you can nominate a person by name and address.
??? info "Additional Functionality"
#### :material-information-outline:{ .pg-blue } Account Termination
You can access your Mailbox.org account via IMAP/SMTP using their [.onion service](https://kb.mailbox.org/display/MBOKBEN/The+Tor+exit+node+of+mailbox.org). However, their webmail interface cannot be accessed via their .onion service and you may experience TLS certificate errors.
All accounts come with limited cloud storage that [can be encrypted](https://kb.mailbox.org/display/MBOKBEN/Encrypt+files+on+your+Drive). Mailbox.org also offers the alias [@secure.mailbox.org](https://kb.mailbox.org/display/MBOKBEN/Ensuring+E-Mails+are+Sent+Securely), which enforces the TLS encryption on the connection between mail servers, otherwise the message will not be sent at all. Mailbox.org also supports [Exchange ActiveSync](https://en.wikipedia.org/wiki/Exchange_ActiveSync) in addition to standard access protocols like IMAP and POP3.
Your account will be set to a restricted user account when your contract ends, after [30 days it will be irrevocably deleted](https://kb.mailbox.org/en/private/payment-article/what-happens-at-the-end-of-my-contract).
#### :material-information-outline:{ .pg-blue } Additional Functionality
You can access your Mailbox.org account via IMAP/SMTP using their [.onion service](https://kb.mailbox.org/display/MBOKBEN/The+Tor+exit+node+of+mailbox.org). However, their webmail interface cannot be accessed via their .onion service and you may experience TLS certificate errors.
All accounts come with limited cloud storage that [can be encrypted](https://kb.mailbox.org/display/MBOKBEN/Encrypt+files+on+your+Drive). Mailbox.org also offers the alias [@secure.mailbox.org](https://kb.mailbox.org/display/MBOKBEN/Ensuring+E-Mails+are+Sent+Securely), which enforces the TLS encryption on the connection between mail servers, otherwise the message will not be sent at all. Mailbox.org also supports [Exchange ActiveSync](https://en.wikipedia.org/wiki/Exchange_ActiveSync) in addition to standard access protocols like IMAP and POP3.
## More Providers
These providers store your emails with zero-knowledge encryption, making them great options for keeping your stored emails secure. However, they don't support interoperable encryption standards for E2EE communications between providers.
<div class="grid cards" markdown>
- ![StartMail logo](assets/img/email/startmail.svg#only-light){ .twemoji }![StartMail logo](assets/img/email/startmail-dark.svg#only-dark){ .twemoji } [StartMail](email.md#startmail)
- ![Tutanota logo](assets/img/email/tutanota.svg){ .twemoji } [Tutanota](email.md#tutanota)
</div>
### StartMail
@@ -156,43 +178,39 @@ Proton Mail has internal crash reports that they **do not** share with third par
- [:octicons-browser-16: Web](https://mail.startmail.com/login)
??? success "Custom Domains and Aliases"
#### :material-check:{ .pg-green } Custom Domains and Aliases
Personal accounts can use [Custom or Quick](https://support.startmail.com/hc/en-us/articles/360007297457-Aliases) aliases. [Custom domains](https://support.startmail.com/hc/en-us/articles/4403911432209-Setup-a-custom-domain) are also available.
Personal accounts can use [Custom or Quick](https://support.startmail.com/hc/en-us/articles/360007297457-Aliases) aliases. [Custom domains](https://support.startmail.com/hc/en-us/articles/4403911432209-Setup-a-custom-domain) are also available.
??? warning "Private Payment Methods"
#### :material-alert-outline:{ .pg-orange } Private Payment Methods
StartMail accepts Visa, MasterCard, American Express and Paypal. StartMail also has other [payment options](https://support.startmail.com/hc/en-us/articles/360006620637-Payment-methods) such as Bitcoin (currently only for Personal accounts) and SEPA Direct Debit for accounts older than a year.
StartMail accepts Visa, MasterCard, American Express and Paypal. StartMail also has other [payment options](https://support.startmail.com/hc/en-us/articles/360006620637-Payment-methods) such as [Bitcoin](advanced/payments.md#other-coins-bitcoin-ethereum-etc) (currently only for Personal accounts) and SEPA Direct Debit for accounts older than a year.
??? success "Account Security"
#### :material-check:{ .pg-green } Account Security
StartMail supports TOTP two factor authentication [for webmail only](https://support.startmail.com/hc/en-us/articles/360006682158-Two-factor-authentication-2FA). They do not allow U2F security key authentication.
StartMail supports TOTP two factor authentication [for webmail only](https://support.startmail.com/hc/en-us/articles/360006682158-Two-factor-authentication-2FA). They do not allow U2F security key authentication.
??? info "Data Security"
#### :material-information-outline:{ .pg-blue } Data Security
StartMail has [zero access encryption at rest](https://www.startmail.com/en/whitepaper/#_Toc458527835), using their "user vault" system. When you log in, the vault is opened, and the email is then moved to the vault out of the queue where it is decrypted by the corresponding private key.
StartMail supports importing [contacts](https://support.startmail.com/hc/en-us/articles/360006495557-Import-contacts) however, they are only accessible in the webmail and not through protocols such as [CalDAV](https://en.wikipedia.org/wiki/CalDAV). Contacts are also not stored using zero knowledge encryption.
StartMail has [zero access encryption at rest](https://www.startmail.com/en/whitepaper/#_Toc458527835), using their "user vault" system. When you log in, the vault is opened, and the email is then moved to the vault out of the queue where it is decrypted by the corresponding private key.
??? success "Email Encryption"
StartMail supports importing [contacts](https://support.startmail.com/hc/en-us/articles/360006495557-Import-contacts) however, they are only accessible in the webmail and not through protocols such as [CalDAV](https://en.wikipedia.org/wiki/CalDAV). Contacts are also not stored using zero knowledge encryption.
StartMail has [integrated encryption](https://support.startmail.com/hc/en-us/sections/360001889078-Encryption) in their webmail, which simplifies sending encrypted messages with public OpenPGP keys.
#### :material-check:{ .pg-green } Email Encryption
??? warning "Digital Legacy"
StartMail has [integrated encryption](https://support.startmail.com/hc/en-us/sections/360001889078-Encryption) in their webmail, which simplifies sending encrypted messages with public OpenPGP keys. However, they do not support the Web Key Directory standard, making the discovery of a Startmail mailbox's public key more challenging for other email providers or clients.
StartMail does not offer a digital legacy feature.
#### :material-alert-outline:{ .pg-orange } Digital Legacy
??? info "Account Termination"
StartMail does not offer a digital legacy feature.
On account expiration, StartMail will permanently delete your account after [6 months in 3 phases](https://support.startmail.com/hc/en-us/articles/360006794398-Account-expiration).
#### :material-information-outline:{ .pg-blue } Account Termination
??? info "Additional Functionality"
On account expiration, StartMail will permanently delete your account after [6 months in 3 phases](https://support.startmail.com/hc/en-us/articles/360006794398-Account-expiration).
StartMail allows for proxying of images within emails. If you allow the remote image to be loaded, the sender won't know what your IP address is.
#### :material-information-outline:{ .pg-blue } Additional Functionality
## More Providers
These providers store your emails with zero-knowledge encryption, making them great options for keeping your stored emails secure. However, they don't support interoperable encryption standards for E2EE communications between providers.
StartMail allows for proxying of images within emails. If you allow the remote image to be loaded, the sender won't know what your IP address is.
### Tutanota
@@ -220,44 +238,51 @@ These providers store your emails with zero-knowledge encryption, making them gr
Tutanota doesn't support the [IMAP protocol](https://tutanota.com/faq/#imap) or the use of third-party [email clients](email-clients.md), and you also won't be able to add [external email accounts](https://github.com/tutao/tutanota/issues/544#issuecomment-670473647) to the Tutanota app. Neither [Email import](https://github.com/tutao/tutanota/issues/630) or [subfolders](https://github.com/tutao/tutanota/issues/927) are currently supported, though this is [due to be changed](https://tutanota.com/blog/posts/kickoff-import). Emails can be exported [individually or by bulk selection](https://tutanota.com/howto#generalMail) per folder, which may be inconvenient if you have many folders.
??? success "Custom Domains and Aliases"
#### :material-check:{ .pg-green } Custom Domains and Aliases
Paid Tutanota accounts can use up to 5 [aliases](https://tutanota.com/faq#alias) and [custom domains](https://tutanota.com/faq#custom-domain). Tutanota doesn't allow for [subaddressing (plus addresses)](https://tutanota.com/faq#plus), but you can use a [catch-all](https://tutanota.com/howto#settings-global) with a custom domain.
Paid Tutanota accounts can use up to 5 [aliases](https://tutanota.com/faq#alias) and [custom domains](https://tutanota.com/faq#custom-domain). Tutanota doesn't allow for [subaddressing (plus addresses)](https://tutanota.com/faq#plus), but you can use a [catch-all](https://tutanota.com/howto#settings-global) with a custom domain.
??? warning "Private Payment Methods"
#### :material-information-outline:{ .pg-blue } Private Payment Methods
Tutanota only directly accepts credit cards and PayPal, however Bitcoin and Monero can be used to purchase gift cards via their [partnership](https://tutanota.com/faq/#cryptocurrency) with Proxystore.
Tutanota only directly accepts credit cards and PayPal, however [cryptocurrency](cryptocurrency.md) can be used to purchase gift cards via their [partnership](https://tutanota.com/faq/#cryptocurrency) with Proxystore.
??? success "Account Security"
#### :material-check:{ .pg-green } Account Security
Tutanota supports [two factor authentication](https://tutanota.com/faq#2fa) with either TOTP or U2F.
Tutanota supports [two factor authentication](https://tutanota.com/faq#2fa) with either TOTP or U2F.
??? success "Data Security"
#### :material-check:{ .pg-green } Data Security
Tutanota has [zero access encryption at rest](https://tutanota.com/faq#what-encrypted) for your emails, [address book contacts](https://tutanota.com/faq#encrypted-address-book), and [calendars](https://tutanota.com/faq#calendar). This means the messages and other data stored in your account are only readable by you.
Tutanota has [zero access encryption at rest](https://tutanota.com/faq#what-encrypted) for your emails, [address book contacts](https://tutanota.com/faq#encrypted-address-book), and [calendars](https://tutanota.com/faq#calendar). This means the messages and other data stored in your account are only readable by you.
??? warning "Email Encryption"
#### :material-information-outline:{ .pg-blue } Email Encryption
Tutanota [does not use OpenPGP](https://www.tutanota.com/faq/#pgp). Tutanota accounts can only receive encrypted emails from non-Tutanota email accounts when sent via a [temporary Tutanota mailbox](https://www.tutanota.com/howto/#encrypted-email-external).
Tutanota [does not use OpenPGP](https://www.tutanota.com/faq/#pgp). Tutanota accounts can only receive encrypted emails from non-Tutanota email accounts when sent via a [temporary Tutanota mailbox](https://www.tutanota.com/howto/#encrypted-email-external).
??? warning "Digital Legacy"
#### :material-alert-outline:{ .pg-orange } Digital Legacy
Tutanota doesn't offer a digital legacy feature.
Tutanota doesn't offer a digital legacy feature.
??? info "Account Termination"
#### :material-information-outline:{ .pg-blue } Account Termination
Tutanota will [delete inactive free accounts](https://tutanota.com/faq#inactive-accounts) after six months. You can reuse a deactivated free account if you pay.
Tutanota will [delete inactive free accounts](https://tutanota.com/faq#inactive-accounts) after six months. You can reuse a deactivated free account if you pay.
??? info "Additional Functionality"
#### :material-information-outline:{ .pg-blue } Additional Functionality
Tutanota offers the business version of [Tutanota to non-profit organizations](https://tutanota.com/blog/posts/secure-email-for-non-profit) for free or with a heavy discount.
Tutanota also has a business feature called [Secure Connect](https://tutanota.com/secure-connect/). This ensures customer contact to the business uses E2EE. The feature costs €240/y.
Tutanota offers the business version of [Tutanota to non-profit organizations](https://tutanota.com/blog/posts/secure-email-for-non-profit) for free or with a heavy discount.
Tutanota also has a business feature called [Secure Connect](https://tutanota.com/secure-connect/). This ensures customer contact to the business uses E2EE. The feature costs €240/y.
## Email Aliasing Services
An email aliasing service allows you to easily generate a new email address for every website you register for. The email aliases you generate are then forwarded to an email address of your choosing, hiding both your "main" email address and the identity of your email provider. True email aliasing is better than plus addressing commonly used and supported by many providers, which allows you to create aliases like yourname+[anythinghere]@example.com, because websites, advertisers, and tracking networks can trivially remove anything after the + sign to know your true email address.
<div class="grid cards" markdown>
- ![AnonAddy logo](assets/img/email/anonaddy.svg#only-light){ .twemoji }![AnonAddy logo](assets/img/email/anonaddy-dark.svg#only-dark){ .twemoji } [AnonAddy](email.md#anonaddy)
- ![SimpleLogin logo](assets/img/email/simplelogin.svg){ .twemoji } [SimpleLogin](email.md#simplelogin)
</div>
Email aliasing can act as a safeguard in case your email provider ever ceases operation. In that scenario, you can easily re-route your aliases to a new email address. In turn, however, you are placing trust in the aliasing service to continue functioning.
Using a dedicated email aliasing service also has a number of benefits over a catch-all alias on a custom domain:
@@ -411,7 +436,7 @@ We prefer our recommended providers to collect as little data as possible.
**Best Case:**
- Accepts Bitcoin, cash, and other forms of cryptocurrency and/or anonymous payment options (gift cards, etc.)
- Aceita [opções de pagamento anônimas](advanced/payments.md) ([criptomoedas](cryptocurrency.md), dinheiro, cartões-presente, etc.)
### Security
@@ -428,7 +453,7 @@ Email servers deal with a lot of very sensitive data. We expect that providers w
- Valid [DANE](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities) records.
- Valid [SPF](https://en.wikipedia.org/wiki/Sender_Policy_Framework) and [DKIM](https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail) records.
- Have a proper [DMARC](https://en.wikipedia.org/wiki/DMARC) record and policy or use [ARC](https://en.wikipedia.org/wiki/Authenticated_Received_Chain) for authentication. If DMARC authentication is being used, the policy must be set to `reject` or `quarantine`.
- A server suite preference of TLS 1.2 or later and a plan for [Deprecating TLSv1.0 and TLSv1.1](https://datatracker.ietf.org/doc/draft-ietf-tls-oldversions-deprecate/).
- A server suite preference of TLS 1.2 or later and a plan for [RFC8996](https://datatracker.ietf.org/doc/rfc8996/).
- [SMTPS](https://en.wikipedia.org/wiki/SMTPS) submission, assuming SMTP is used.
- Website security standards such as:
- [HTTP Strict Transport Security](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security)
@@ -443,7 +468,7 @@ Email servers deal with a lot of very sensitive data. We expect that providers w
- Bug-bounty programs and/or a coordinated vulnerability-disclosure process.
- Website security standards such as:
- [Content Security Policy (CSP)](https://en.wikipedia.org/wiki/Content_Security_Policy)
- [Expect-CT](https://datatracker.ietf.org/doc/draft-ietf-httpbis-expect-ct)
- [RFC9163 Expect-CT](https://datatracker.ietf.org/doc/rfc9163/)
### Trust
@@ -481,5 +506,3 @@ Must not have any marketing which is irresponsible:
### Additional Functionality
While not strictly requirements, there are some other convenience or privacy factors we looked into when determining which providers to recommend.
--8<-- "includes/abbreviations.pt-BR.txt"

3
i18n/pt-BR/encryption.md
View File

@@ -1,6 +1,7 @@
---
title: "Softwares de Criptografia"
icon: material/file-lock
description: A criptografia de dados é a única maneira de controlar quem pode acessá-los. These tools allow you to encrypt your emails and any other files.
---
A criptografia de dados é a única maneira de controlar quem pode acessá-los. Se você atualmente não está usando “software” de criptografia para seu disco rígido, e-mails ou arquivos, você deve escolher uma opção aqui.
@@ -353,5 +354,3 @@ Our best-case criteria represents what we would like to see from the perfect pro
- Operating System (FDE) encryption apps should utilize hardware security such as a TPM or Secure Enclave.
- File encryption apps should have first- or third-party support for mobile platforms.
--8<-- "includes/abbreviations.pt-BR.txt"

3
i18n/pt-BR/file-sharing.md
View File

@@ -1,6 +1,7 @@
---
title: "File Sharing and Sync"
icon: material/share-variant
description: Discover how to privately share your files between your devices, with your friends and family, or anonymously online.
---
Discover how to privately share your files between your devices, with your friends and family, or anonymously online.
@@ -145,5 +146,3 @@ Our best-case criteria represents what we would like to see from the perfect pro
- Has mobile clients for iOS and Android, which at least support document previews.
- Supports photo backup from iOS and Android, and optionally supports file/folder sync on Android.
--8<-- "includes/abbreviations.pt-BR.txt"

94
i18n/pt-BR/financial-services.md Normal file
View File

@@ -0,0 +1,94 @@
---
title: Serviços Financeiros
icon: material/bank
---
Making payments online is one of the biggest challenges to privacy. These services can assist you in protecting your privacy from merchants and other trackers, provided you have a strong understanding of how to make private payments effectively. We strongly encourage you first read our payments overview article before making any purchases:
[Making Private Payments :material-arrow-right-drop-circle:](advanced/payments.md ""){.md-button}
## Serviços de Mascaramento de Pagamento
There are a number of services which provide "virtual debit cards" which you can use with online merchants without revealing your actual banking or billing information in most cases. It's important to note that these financial services are **not** anonymous and are subject to "Know Your Customer" (KYC) laws and may require your ID or other identifying information. These services are primarily useful for protecting you from merchant data breaches, less sophisticated tracking or purchase correlation by marketing agencies, and online data theft; and **not** for making a purchase completely anonymously.
!!! tip "Check your current bank"
Many banks and credit card providers offer native virtual card functionality. If you use one which provides this option already, you should use it over the following recommendations in most cases. That way you are not trusting multiple parties with your personal information.
### Privacy.com (US)
!!! recommendation
![Privacy.com logo](assets/img/financial-services/privacy_com.svg#only-light){ align=right }
![Privacy.com logo](assets/img/financial-services/privacy_com-dark.svg#only-dark){ align=right }
**Privacy.com**'s free plan allows you to create up to 12 virtual cards per month, set spend limits on those cards, and shut off cards instantly. Their paid plan allows you to create up to 36 cards per month, get 1% cash back on purchases, and hide transaction information from your bank.
[:octicons-home-16: Homepage](https://privacy.com){ .md-button .md-button--primary }
[:octicons-eye-16:](https://privacy.com/privacy-policy){ .card-link title="Privacy Policy" }
[:octicons-info-16:](https://support.privacy.com/hc/en-us){ .card-link title=Documentation}
Privacy.com gives information about the merchants you purchase from to your bank by default. Their paid "discreet merchants" feature hides merchant information from your bank, so your bank only sees that a purchase was made with Privacy.com but not where that money was spent, however that is not foolproof, and of course Privacy.com still has knowledge about the merchants you are spending money with.
### MySudo (US, Paid)
!!! recommendation
![MySudo logo](assets/img/financial-services/mysudo.svg#only-light){ align=right }
![MySudo logo](assets/img/financial-services/mysudo-dark.svg#only-dark){ align=right }
**MySudo** provides up to 9 virtual cards depending on the plan you purchase. Their paid plans additionally include functionality which may be useful for making purchases privately, such as virtual phone numbers and email addresses, although we typically recommend other [email aliasing providers](email.md) for extensive email aliasing use.
[:octicons-home-16: Homepage](https://mysudo.com/){ .md-button .md-button--primary }
[:octicons-eye-16:](https://anonyome.com/privacy-policy/){ .card-link title="Privacy Policy" }
[:octicons-info-16:](https://support.mysudo.com/hc/en-us){ .card-link title=Documentation}
### Criteria
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
!!! example "This section is new"
We are working on establishing defined criteria for every section of our site, and this may be subject to change. If you have any questions about our criteria, please [ask on our forum](https://discuss.privacyguides.net/latest) and don't assume we didn't consider something when making our recommendations if it is not listed here. There are many factors considered and discussed when we recommend a project, and documenting every single one is a work-in-progress.
- Allows the creation of multiple cards which function as a shield between the merchant and your personal finances.
- Cards must not require you to provide accurate billing address information to the merchant.
## Gift Card Marketplaces
These services allow you to purchase gift cards for a variety of merchants online with [cryptocurrency](cryptocurrency.md). Some of these services offer ID verification options for higher limits, but they also allow accounts with just an email address. Basic limits typically start at $5,000-10,000 a day for basic accounts, and significantly higher limits for ID verified accounts (if offered).
### Cake Pay
!!! recommendation
![CakePay logo](assets/img/financial-services/cakepay.svg){ align=right }
**Cake Pay** allows you to purchase gift cards and related products with Monero. Purchases for USA merchants are available in the Cake Wallet mobile app, while the Cake Pay web app includes a broad selection of global merchants.
[:octicons-home-16: Homepage](https://cakepay.com/){ .md-button .md-button--primary }
[:octicons-eye-16:](https://ionia.docsend.com/view/jhjvdn7qq7k3ukwt){ .card-link title="Privacy Policy" }
[:octicons-info-16:](https://guides.cakewallet.com/){ .card-link title=Documentation}
### CoinCards
!!! recommendation
![CakePay logo](assets/img/financial-services/coincards.svg){ align=right }
**CoinCards** (available in the US, Canada, and UK) allows you to purchase gift cards for a large variety of merchants.
[:octicons-home-16: Homepage](https://coincards.com/){ .md-button .md-button--primary }
[:octicons-eye-16:](https://coincards.com/privacy-policy/){ .card-link title="Privacy Policy" }
[:octicons-info-16:](https://coincards.com/frequently-asked-questions/){ .card-link title=Documentation}
### Criteria
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
!!! example "This section is new"
We are working on establishing defined criteria for every section of our site, and this may be subject to change. If you have any questions about our criteria, please [ask on our forum](https://discuss.privacyguides.net/latest) and don't assume we didn't consider something when making our recommendations if it is not listed here. There are many factors considered and discussed when we recommend a project, and documenting every single one is a work-in-progress.
- Accepts payment in [a recommended cryptocurrency](cryptocurrency.md).
- No ID requirement.

3
i18n/pt-BR/frontends.md
View File

@@ -1,6 +1,7 @@
---
title: "Frontends"
icon: material/flip-to-front
description: These open-source frontends for various internet services allow you to access content without JavaScript or other annoyances.
---
Sometimes services will try to force you to sign up for an account by blocking access to content with annoying popups. They might also break without JavaScript enabled. These frontends can allow you to get around these restrictions.
@@ -264,5 +265,3 @@ Recommended frontends...
We only consider frontends for websites which are...
- Not normally accessible without JavaScript.
--8<-- "includes/abbreviations.pt-BR.txt"

2
i18n/pt-BR/index.md
View File

@@ -40,5 +40,3 @@ Tentar proteger todos os seus dados de todos — o tempo todo — é impraticáv
[:material-hand-coin-outline:](about/donate.md){ title="Apoie o projeto" }
É importante que um site como o Privacy Guides esteja sempre atualizado. Precisamos que nosso público fique de olho nas atualizações de software para os aplicativos listados em nosso site e acompanhe as notícias recentes sobre os serviços que recomendamos. É difícil acompanhar o ritmo acelerado da internet, mas tentamos o nosso melhor. Se você detectar um erro, achar que um serviço não deve ser listado, notar que um serviço qualificado está faltando, acreditar que uma extensão de navegador não é mais a melhor escolha ou descobrir qualquer outro problema, informe-nos.
--8<-- "includes/abbreviations.pt-BR.txt"

5
i18n/pt-BR/kb-archive.md
View File

@@ -1,11 +1,12 @@
---
title: KB Archive
icon: material/archive
description: Some pages that used to be in our knowledge base can now be found on our blog.
---
# Pages Moved to Blog
Some pages that used to be in our knowledge base can now be found on our blog:
Algumas páginas que costumavam estar em nossa base de conhecimento agora podem ser encontradas em nosso blog:
- [GrapheneOS vs. CalyxOS](https://blog.privacyguides.org/2022/04/21/grapheneos-or-calyxos/)
- [Signal Configuration Hardening](https://blog.privacyguides.org/2022/07/07/signal-configuration-and-hardening/)
@@ -14,5 +15,3 @@ Some pages that used to be in our knowledge base can now be found on our blog:
- [Secure Data Erasure](https://blog.privacyguides.org/2022/05/25/secure-data-erasure/)
- [Integrando a remoção de metadados](https://blog.privacyguides.org/2022/04/09/integrating-metadata-removal/)
- [iOS Configuration Guide](https://blog.privacyguides.org/2022/10/22/ios-configuration-guide/)
--8<-- "includes/abbreviations.pt-BR.txt"

2
i18n/pt-BR/meta/brand.md
View File

@@ -20,5 +20,3 @@ Additional branding guidelines can be found at [github.com/privacyguides/brand](
"Privacy Guides" and the shield logo are trademarks owned by Jonah Aragon, unlimited usage is granted to the Privacy Guides project.
Without waiving any of its rights, Privacy Guides does not advise others on the scope of its intellectual property rights. Privacy Guides does not permit or consent to any use of its trademarks in any manner that is likely to cause confusion by implying association with or sponsorship by Privacy Guides. If you are aware of any such use, please contact Jonah Aragon at jonah@privacyguides.org. Consult your legal counsel if you have questions.
--8<-- "includes/abbreviations.pt-BR.txt"

2
i18n/pt-BR/meta/git-recommendations.md
View File

@@ -44,5 +44,3 @@ If you are working on your own branch, run these commands before submitting a PR
git fetch origin
git rebase origin/main
```
--8<-- "includes/abbreviations.pt-BR.txt"

10
i18n/pt-BR/meta/uploading-images.md
View File

@@ -1,10 +1,10 @@
---
title: Uploading Images
title: Enviando Imagens
---
Here are a couple of general rules for contributing to Privacy Guides:
## Images
## Imagens
- We **prefer** SVG images, but if those do not exist we can use PNG images
@@ -13,7 +13,7 @@ Company logos have canvas size of:
- 128x128px
- 384x128px
## Optimization
## Otimização
### PNG
@@ -31,7 +31,7 @@ optipng -o7 file.png
In Inkscape:
1. File Save As..
1. Salvar Arquivo Como..
2. Set type to Optimized SVG (*.svg)
In the **Options** tab:
@@ -87,5 +87,3 @@ scour --set-precision=5 \
--protect-ids-noninkscape \
input.svg output.svg
```
--8<-- "includes/abbreviations.pt-BR.txt"

2
i18n/pt-BR/meta/writing-style.md
View File

@@ -85,5 +85,3 @@ Source: [plainlanguage.gov](https://www.plainlanguage.gov/guidelines/conversatio
> - “must not” for a prohibition
> - “may” for a discretionary action
> - “should” for a recommendation
--8<-- "includes/abbreviations.pt-BR.txt"

3
i18n/pt-BR/mobile-browsers.md
View File

@@ -1,6 +1,7 @@
---
title: "Mobile Browsers"
icon: material/cellphone-information
description: These browsers are what we currently recommend for standard/non-anonymous internet browsing on your phone.
---
These are our currently recommended mobile web browsers and configurations for standard/non-anonymous internet browsing. If you need to browse the internet anonymously, you should use [Tor](tor.md) instead. In general, we recommend keeping extensions to a minimum; they have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
@@ -189,5 +190,3 @@ Additional filter lists do slow things down and may increase your attack surface
- Must not replicate built-in browser or OS functionality.
- Must directly impact user privacy, i.e. must not simply provide information.
--8<-- "includes/abbreviations.pt-BR.txt"

3
i18n/pt-BR/multi-factor-authentication.md
View File

@@ -1,6 +1,7 @@
---
title: "Multi-Factor Authenticators"
icon: 'material/two-factor-authentication'
description: These tools assist you with securing your internet accounts with Multi-Factor Authentication without sending your secrets to a third-party.
---
## Hardware Security Keys
@@ -140,5 +141,3 @@ We highly recommend that you use mobile TOTP apps instead of desktop alternative
- Must not require internet connectivity.
- Must not sync to a third-party cloud sync/backup service.
- **Optional** E2EE sync support with OS-native tools is acceptable, e.g. encrypted sync via iCloud.
--8<-- "includes/abbreviations.pt-BR.txt"

5
i18n/pt-BR/news-aggregators.md
View File

@@ -1,9 +1,10 @@
---
title: "News Aggregators"
icon: material/rss
description: These news aggregator clients let you keep up with your favorite blogs and news sites using internet standards like RSS.
---
A [news aggregator](https://en.wikipedia.org/wiki/News_aggregator) is a way to keep up with your favourite blogs and news sites.
A [news aggregator](https://en.wikipedia.org/wiki/News_aggregator) is a way to keep up with your favorite blogs and news sites.
## Aggregator clients
@@ -169,5 +170,3 @@ You can subscribe YouTube channels without logging in and associating usage info
```text
https://www.youtube.com/feeds/videos.xml?channel_id=[CHANNEL ID]
```
--8<-- "includes/abbreviations.pt-BR.txt"

39
i18n/pt-BR/notebooks.md
View File

@@ -1,27 +1,28 @@
---
title: "Notebooks"
title: "Blocos de Notas"
icon: material/notebook-edit-outline
description: These encrypted note-taking apps let you keep track of your notes without giving them to a third-party.
---
Keep track of your notes and journalings without giving them to a third-party.
Mantenha o controle de suas anotações e registros de atividades sem entregá-los a terceiros.
If you are currently using an application like Evernote, Google Keep, or Microsoft OneNote, we suggest you pick an alternative here that supports E2EE.
Se você estiver usando atualmente um aplicativo como Evernote, Google Keep, ou Microsoft OneNote, sugerimos que escolha uma alternativa que suporte E2EE.
## Cloud-based
## Baseado na nuvem
### Joplin
!!! recommendation
![Joplin logo](assets/img/notebooks/joplin.svg){ align=right }
![Logotipo Joplin](assets/img/notebooks/joplin.svg){ align=right }
**Joplin** is a free, open-source, and fully-featured note-taking and to-do application which can handle a large number of markdown notes organized into notebooks and tags. It offers E2EE and can sync through Nextcloud, Dropbox, and more. It also offers easy import from Evernote and plain-text notes.
* *Joplin** é um aplicativo de anotações e tarefas gratuito, de código aberto e com todos os recursos que pode lidar com um grande número de anotações organizadas em blocos de anotações e tags. Ele oferece E2EE e pode sincronizar através do Nextcloud, Dropbox e muito mais. Oferece também uma importação fácil a partir do Evernote e notas de texto simples.
[:octicons-home-16: Homepage](https://joplinapp.org/){ .md-button .md-button--primary }
[:octicons-eye-16:](https://joplinapp.org/privacy/){ .card-link title="Privacy Policy" }
[:octicons-info-16:](https://joplinapp.org/help/){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/laurent22/joplin){ .card-link title="Source Code" }
[:octicons-heart-16:](https://joplinapp.org/donate/){ .card-link title=Contribute }
[:octicons-eye-16:](https://joplinapp.org/privacy/){ .card-link title="Política de privacidade" }
[:octicons-info-16:](https://joplinapp.org/help/){ .card-link title=Documentação}
[:octicons-code-16:](https://github.com/laurent22/joplin){ .card-link title="Código fonte" }
[:octicons-heart-16:](https://joplinapp.org/donate/){ .card-link title=Contribua }
??? downloads
@@ -34,21 +35,21 @@ If you are currently using an application like Evernote, Google Keep, or Microso
- [:simple-firefoxbrowser: Firefox](https://addons.mozilla.org/firefox/addon/joplin-web-clipper/)
- [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/joplin-web-clipper/alofnhikmmkdbbbgpnglcpdollgjjfek)
Joplin does not support password/PIN protection for the [application itself or individual notes and notebooks](https://github.com/laurent22/joplin/issues/289). However, your data is still encrypted in transit and at the sync location using your master key. Desde Janeiro de 2023, Joplin suporta bloqueio de aplicativo por biometria no [Android](https://joplinapp.org/changelog_android/#android-v2-10-3-https-github-com-laurent22-joplin-releases-tag-android-v2-10-3-pre-release-2023-01-05t11-29-06z) e [iOS](https://joplinapp.org/changelog_ios/#ios-v12-10-2-https-github-com-laurent22-joplin-releases-tag-ios-v12-10-2-2023-01-20t17-41-13z).
O Joplin não suporta proteção por senha/PIN para o [próprio aplicativo ou notas e blocos de anotações individuais](https://github.com/laurent22/joplin/issues/289). No entanto, seus dados ainda são criptografados em trânsito e no local de sincronização usando sua chave mestra. Desde janeiro de 2023, Joplin suporta bloqueio de aplicativo por biometria no [Android](https://joplinapp.org/changelog_android/#android-v2-10-3-https-github-com-laurent22-joplin-releases-tag-android-v2-10-3-pre-release-2023-01-05t11-29-06z) e [iOS](https://joplinapp.org/changelog_ios/#ios-v12-10-2-https-github-com-laurent22-joplin-releases-tag-ios-v12-10-2-2023-01-20t17-41-13z).
### Standard Notes
!!! recommendation
![Standard Notes logo](assets/img/notebooks/standard-notes.svg){ align=right }
![Logotipo do Standard Notes](assets/img/notebooks/standard-notes.svg){ align=right }
**Standard Notes** is a simple and private notes app that makes your notes easy and available everywhere you are. It features E2EE on every platform, and a powerful desktop experience with themes and custom editors. It has also been [independently audited (PDF)](https://s3.amazonaws.com/standard-notes/security/Report-SN-Audit.pdf).
**Standard Notes** é um aplicativo de notas simples e privado que torna suas notas fáceis e disponíveis em qualquer lugar que você esteja. Possui E2EE em todas as plataformas e uma poderosa experiência de desktop com temas e editores personalizados. Também foi [auditado independentemente (PDF)](https://s3.amazonaws.com/standard-notes/security/Report-SN-Audit.pdf).
[:octicons-home-16: Homepage](https://standardnotes.com){ .md-button .md-button--primary }
[:octicons-eye-16:](https://standardnotes.com/privacy){ .card-link title="Privacy Policy" }
[:octicons-info-16:](https://standardnotes.com/help){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/standardnotes){ .card-link title="Source Code" }
[:octicons-heart-16:](https://standardnotes.com/donate){ .card-link title=Contribute }
[:octicons-eye-16:](https://standardnotes.com/privacy){ .card-link title="Política de privacidade" }
[:octicons-info-16:](https://standardnotes.com/help){ .card-link title=Documentação}
[:octicons-code-16:](https://github.com/standardnotes){ .card-link title="Código fonte" }
[:octicons-heart-16:](https://standardnotes.com/donate){ .card-link title=Contribua }
??? downloads
@@ -60,7 +61,7 @@ Joplin does not support password/PIN protection for the [application itself or i
- [:simple-linux: Linux](https://standardnotes.com)
- [:octicons-globe-16: Web](https://app.standardnotes.com/)
### Cryptee
### Criptee
!!! recommendation
@@ -111,5 +112,3 @@ Cryptee offers 100MB of storage for free, with paid options if you need more. Si
- Local backup/sync functionality should support encryption.
- Cloud-based platforms should support document sharing.
--8<-- "includes/abbreviations.pt-BR.txt"

50
i18n/pt-BR/os/android-overview.md
View File

@@ -1,11 +1,12 @@
---
title: Android Overview
title: Visão geral do Android
icon: simple/android
description: Android is an open-source operating system with strong security protections, which makes it our top choice for phones.
---
Android is a secure operating system that has strong [app sandboxing](https://source.android.com/security/app-sandbox), [Verified Boot](https://source.android.com/security/verifiedboot) (AVB), and a robust [permission](https://developer.android.com/guide/topics/permissions/overview) control system.
## Choosing an Android Distribution
## Escolhendo uma Distribuição Android
When you buy an Android phone, the device's default operating system often comes with invasive integration with apps and services that are not part of the [Android Open-Source Project](https://source.android.com/). An example of such is Google Play Services, which has irrevocable privileges to access your files, contacts storage, call logs, SMS messages, location, camera, microphone, hardware identifiers, and so on. These apps and services increase the attack surface of your device and are the source of various privacy concerns with Android.
@@ -15,7 +16,7 @@ Ideally, when choosing a custom Android distribution, you should make sure that
[Our Android System Recommendations :material-arrow-right-drop-circle:](../android.md ""){.md-button}
## Avoid Rooting
## Evite Roteamento
[Rooting](https://en.wikipedia.org/wiki/Rooting_(Android)) Android phones can decrease security significantly as it weakens the complete [Android security model](https://en.wikipedia.org/wiki/Android_(operating_system)#Security_and_privacy). This can decrease privacy should there be an exploit that is assisted by the decreased security. Common rooting methods involve directly tampering with the boot partition, making it impossible to perform successful Verified Boot. Apps that require root will also modify the system partition meaning that Verified Boot would have to remain disabled. Having root exposed directly in the user interface also increases the [attack surface](https://en.wikipedia.org/wiki/Attack_surface) of your device and may assist in [privilege escalation](https://en.wikipedia.org/wiki/Privilege_escalation) vulnerabilities and SELinux policy bypasses.
@@ -37,7 +38,7 @@ Unfortunately, OEMs are only obliged to support Verified Boot on their stock And
Many OEMs also have broken implementation of Verified Boot that you have to be aware of beyond their marketing. For example, the Fairphone 3 and 4 are not secure by default, as the [stock bootloader trusts the public AVB signing key](https://forum.fairphone.com/t/bootloader-avb-keys-used-in-roms-for-fairphone-3-4/83448/11). This breaks verified boot on a stock Fairphone device, as the system will boot alternative Android operating systems such (such as /e/) [without any warning](https://source.android.com/security/verifiedboot/boot-flow#locked-devices-with-custom-root-of-trust) about custom operating system usage.
## Firmware Updates
## Atualizações de Firmware
Firmware updates are critical for maintaining security and without them your device cannot be secure. OEMs have support agreements with their partners to provide the closed-source components for a limited support period. These are detailed in the monthly [Android Security Bulletins](https://source.android.com/security/bulletin).
@@ -53,9 +54,44 @@ It's important to not use an [end-of-life](https://endoflife.date/android) versi
## Android Permissions
[Permissions on Android](https://developer.android.com/guide/topics/permissions/overview) grant you control over what apps are allowed to access. Google regularly makes [improvements](https://developer.android.com/about/versions/11/privacy/permissions) on the permission system in each successive version. All apps you install are strictly [sandboxed](https://source.android.com/security/app-sandbox), therefore, there is no need to install any antivirus apps. A smartphone with the latest version of Android will always be more secure than an old smartphone with an antivirus that you have paid for. It's better not to pay for antivirus software and to save money to buy a new smartphone such as a Google Pixel.
[Permissions on Android](https://developer.android.com/guide/topics/permissions/overview) grant you control over what apps are allowed to access. Google regularly makes [improvements](https://developer.android.com/about/versions/11/privacy/permissions) on the permission system in each successive version. All apps you install are strictly [sandboxed](https://source.android.com/security/app-sandbox), therefore, there is no need to install any antivirus apps.
Should you want to run an app that you're unsure about, consider using a user or work profile.
A smartphone with the latest version of Android will always be more secure than an old smartphone with an antivirus that you have paid for. It's better not to pay for antivirus software and to save money to buy a new smartphone such as a Google Pixel.
Android 10:
- [Scoped Storage](https://developer.android.com/about/versions/10/privacy/changes#scoped-storage) gives you more control over your files and can limit what can [access external storage](https://developer.android.com/training/data-storage#permissions). Apps can have a specific directory in external storage as well as the ability to store specific types of media there.
- Tighter access on [device location](https://developer.android.com/about/versions/10/privacy/changes#app-access-device-location) by introducing the `ACCESS_BACKGROUND_LOCATION` permission. This prevents apps from accessing the location when running in the background without express permission from the user.
Android 11:
- [One-time permissions](https://developer.android.com/about/versions/11/privacy/permissions#one-time) which allows you to grant a permission to an app just once.
- [Auto-reset permissions](https://developer.android.com/about/versions/11/privacy/permissions#auto-reset), which resets [runtime permissions](https://developer.android.com/guide/topics/permissions/overview#runtime) that were granted when the app was opened.
- Granular permissions for accessing [phone number](https://developer.android.com/about/versions/11/privacy/permissions#phone-numbers) related features.
Android 12:
- A permission to grant only the [approximate location](https://developer.android.com/about/versions/12/behavior-changes-12#approximate-location).
- Auto-reset of [hibernated apps](https://developer.android.com/about/versions/12/behavior-changes-12#app-hibernation).
- [Data access auditing](https://developer.android.com/about/versions/12/behavior-changes-12#data-access-auditing) which makes it easier to determine what part of an app is performing a specific type of data access.
Android 13:
- A permission for [nearby wifi access](https://developer.android.com/about/versions/13/behavior-changes-13#nearby-wifi-devices-permission). The MAC addresses of nearby WiFi access points was a popular way for apps to track a user's location.
- More [granular media permissions](https://developer.android.com/about/versions/13/behavior-changes-13#granular-media-permissions), meaning you can grant access to images, videos or audio files only.
- Background use of sensors now requires the [`BODY_SENSORS`](https://developer.android.com/about/versions/13/behavior-changes-13#body-sensors-background-permission) permission.
An app may request a permission for a specific feature it has. For example, any app that can scan QR codes will require the camera permission. Some apps can request more permissions than they need.
[Exodus](https://exodus-privacy.eu.org/) can be useful when comparing apps that have similar purposes. If an app requires a lot of permissions and has a lot of advertising and analytics this is probably a bad sign. We recommend looking at the individual trackers and reading their descriptions rather than simply **counting the total** and assuming all items listed are equal.
!!! warning
If an app is mostly a web-based service, the tracking may occur on the server side. [Facebook](https://reports.exodus-privacy.eu.org/en/reports/com.facebook.katana/latest/) shows "no trackers" but certainly does track users' interests and behavior across the site. Apps may evade detection by not using standard code libraries produced by the advertising industry, though this is unlikely.
!!! note
Privacy-friendly apps such as [Bitwarden](https://reports.exodus-privacy.eu.org/en/reports/com.x8bit.bitwarden/latest/) may show some trackers such as [Google Firebase Analytics](https://reports.exodus-privacy.eu.org/en/trackers/49/). This library includes [Firebase Cloud Messaging](https://en.wikipedia.org/wiki/Firebase_Cloud_Messaging) which can provide [push notifications](https://en.wikipedia.org/wiki/Push_technology) in apps. This [is the case](https://fosstodon.org/@bitwarden/109636825700482007) with Bitwarden. That doesn't mean that Bitwarden is using all of the analytics features that are provided by Google Firebase Analytics.
## Media Access
@@ -131,5 +167,3 @@ You will either be given the option to delete your advertising ID or to *Opt out
[SafetyNet](https://developer.android.com/training/safetynet/attestation) and the [Play Integrity APIs](https://developer.android.com/google/play/integrity) are generally used for [banking apps](https://grapheneos.org/usage#banking-apps). Many banking apps will work fine in GrapheneOS with sandboxed Play services, however some non-financial apps have their own crude anti-tampering mechanisms which might fail. GrapheneOS passes the `basicIntegrity` check, but not the certification check `ctsProfileMatch`. Devices with Android 8 or later have hardware attestation support which cannot be bypassed without leaked keys or serious vulnerabilities.
As for Google Wallet, we don't recommend this due to their [privacy policy](https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=en), which states you must opt-out if you don't want your credit rating and personal information shared with affiliate marketing services.
--8<-- "includes/abbreviations.pt-BR.txt"

5
i18n/pt-BR/os/linux-overview.md
View File

@@ -1,9 +1,10 @@
---
title: Linux Overview
icon: simple/linux
description: Linux is an open-source, privacy-focused desktop operating system alternative, but not all distribitions are created equal.
---
It is often believed that [open-source](https://en.wikipedia.org/wiki/Open-source_software) software is inherently secure because the source code is available. There is an expectation that community verification occurs regularly; however, this isnt always [the case](https://seirdy.one/posts/2022/02/02/floss-security/). It does depend on a number of factors, such as project activity, developer experience, level of rigour applied to [code reviews](https://en.wikipedia.org/wiki/Code_review), and how often attention is given to specific parts of the [codebase](https://en.wikipedia.org/wiki/Codebase) that may go untouched for years.
It is often believed that [open-source](https://en.wikipedia.org/wiki/Open-source_software) software is inherently secure because the source code is available. There is an expectation that community verification occurs regularly; however, this isnt always [the case](https://seirdy.one/posts/2022/02/02/floss-security/). It does depend on a number of factors, such as project activity, developer experience, level of rigor applied to [code reviews](https://en.wikipedia.org/wiki/Code_review), and how often attention is given to specific parts of the [codebase](https://en.wikipedia.org/wiki/Codebase) that may go untouched for years.
At the moment, desktop Linux does have some areas that could be better improved when compared to their proprietary counterparts, e.g.:
@@ -139,5 +140,3 @@ The Fedora Project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Co
This [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) is currently off by default. We recommend adding `countme=false` to `/etc/dnf/dnf.conf` just in case it is enabled in the future. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems/) timer.
openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by deleting the `/var/lib/zypp/AnonymousUniqueId` file.
--8<-- "includes/abbreviations.pt-BR.txt"

3
i18n/pt-BR/os/qubes-overview.md
View File

@@ -1,6 +1,7 @@
---
title: "Qubes Overview"
icon: simple/qubesos
description: Qubes is an operating system built around isolating apps within virtual machines for heightened security.
---
[**Qubes OS**](../desktop.md#qubes-os) is an operating system which uses the [Xen](https://en.wikipedia.org/wiki/Xen) hypervisor to provide strong security for desktop computing through isolated virtual machines. Each VM is called a *Qube* and you can assign each Qube a level of trust based on its purpose. As Qubes OS provides security by using isolation, and only permitting actions on a per case basis, it is the opposite of [badness enumeration](https://www.ranum.com/security/computer_security/editorials/dumb/).
@@ -52,5 +53,3 @@ For additional information we encourage you to consult the extensive Qubes OS do
- J. Rutkowska: [*Software compartmentalization vs. physical separation*](https://invisiblethingslab.com/resources/2014/Software_compartmentalization_vs_physical_separation.pdf)
- J. Rutkowska: [*Partitioning my digital life into security domains*](https://blog.invisiblethings.org/2011/03/13/partitioning-my-digital-life-into.html)
- Qubes OS: [*Artigos Relacionados*](https://www.qubes-os.org/news/categories/#articles)
--8<-- "includes/abbreviations.pt-BR.txt"

3
i18n/pt-BR/passwords.md
View File

@@ -1,6 +1,7 @@
---
title: "Password Managers"
icon: material/form-textbox-password
description: Password managers allow you to securely store and manage passwords and other credentials.
---
Password managers allow you to securely store and manage passwords and other credentials with the use of a master password.
@@ -226,5 +227,3 @@ These products are minimal password managers that can be used within scripting a
We are working on establishing defined criteria for every section of our site, and this may be subject to change. If you have any questions about our criteria, please [ask on our forum](https://discuss.privacyguides.net/latest) and don't assume we didn't consider something when making our recommendations if it is not listed here. There are many factors considered and discussed when we recommend a project, and documenting every single one is a work-in-progress.
- Must be cross-platform.
--8<-- "includes/abbreviations.pt-BR.txt"

3
i18n/pt-BR/productivity.md
View File

@@ -1,6 +1,7 @@
---
title: "Productivity Tools"
icon: material/file-sign
description: Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do.
---
Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The privacy policy may legally protect your rights, but it does not provide technical access constraints.
@@ -153,5 +154,3 @@ In general, we define office suites as applications which could reasonably act a
[:octicons-server-16:](https://privatebin.info/directory/){ .card-link title="Public Instances"}
[:octicons-info-16:](https://github.com/PrivateBin/PrivateBin/wiki/FAQ){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/PrivateBin/PrivateBin){ .card-link title="Source Code" }
--8<-- "includes/abbreviations.pt-BR.txt"

3
i18n/pt-BR/real-time-communication.md
View File

@@ -1,6 +1,7 @@
---
title: "Real-Time Communication"
icon: material/chat-processing
description: Other instant messengers make all of your private conversations available to the company that runs them.
---
These are our recommendations for encrypted real-time communication.
@@ -191,5 +192,3 @@ Our best-case criteria represents what we would like to see from the perfect pro
- Should be decentralized, i.e. federated or P2P.
- Should use E2EE for all messages by default.
- Should support Linux, macOS, Windows, Android, and iOS.
--8<-- "includes/abbreviations.pt-BR.txt"

3
i18n/pt-BR/router.md
View File

@@ -1,6 +1,7 @@
---
title: "Firmware para Roteadores"
icon: material/router-wireless
description: These alternative operating systems can be used to secure your router or Wi-Fi access point.
---
Abaixo estão alguns sistemas operacionais alternativos, que podem ser usados em roteadores, pontos de acesso Wi-Fi, etc.
@@ -47,5 +48,3 @@ OPNsense foi originalmente desenvolvido como um fork do [pfSense](https://en.wik
- Deve ser de código aberto.
- Deve receber atualizações regulares.
- Must support a wide variety of hardware.
--8<-- "includes/abbreviations.pt-BR.txt"

13
i18n/pt-BR/search-engines.md
View File

@@ -1,6 +1,7 @@
---
title: "Search Engines"
title: "Motores de busca"
icon: material/search-web
description: These privacy-respecting search engines don't build an advertising profile based on your searches.
---
Use a search engine that doesn't build an advertising profile based on your searches.
@@ -13,9 +14,9 @@ Consider using a [VPN](vpn.md) or [Tor](https://www.torproject.org/) if your thr
!!! recommendation
![Brave Search logo](assets/img/search-engines/brave-search.svg){ align=right }
[brave Search logo](assets/img/search-engines/brave-search.svg){ align=right }
**Brave Search** is developed by Brave and serves results primarily from its own, independent index. The index is optimized against Google Search and therefore may provide more contextually accurate results compared to other alternatives.
**Brave Search*** é desenvolvido pela Brave e serve resultados principalmente a partir do seu próprio índice independente. The index is optimized against Google Search and therefore may provide more contextually accurate results compared to other alternatives.
Brave Search includes unique features such as Discussions, which highlights conversation-focused results—such as forum posts.
@@ -65,7 +66,7 @@ When self-hosting, it is important that you have other people using your instanc
When you are using a SearXNG instance, be sure to go read their privacy policy. Since SearXNG instances may be modified by their owners, they do not necessarily reflect their privacy policy. Some instances run as a Tor hidden service, which may grant some privacy as long as your search queries does not contain PII.
## Startpage
## Página inicial
!!! recommendation
@@ -94,7 +95,7 @@ Startpage's majority shareholder is System1 who is an adtech company. We don't b
We are working on establishing defined criteria for every section of our site, and this may be subject to change. If you have any questions about our criteria, please [ask on our forum](https://discuss.privacyguides.net/latest) and don't assume we didn't consider something when making our recommendations if it is not listed here. There are many factors considered and discussed when we recommend a project, and documenting every single one is a work-in-progress.
### Minimum Requirements
### Requisitos Mínimos
- Must not collect personally identifiable information per their privacy policy.
- Must not allow users to create an account with them.
@@ -105,5 +106,3 @@ Our best-case criteria represents what we would like to see from the perfect pro
- Should be based on open-source software.
- Should not block Tor exit node IP addresses.
--8<-- "includes/abbreviations.pt-BR.txt"

46
i18n/pt-BR/tools.md
View File

@@ -3,6 +3,7 @@ title: "Privacy Tools"
icon: material/tools
hide:
- toc
description: Privacy Guides is the most transparent and reliable website for finding software, apps, and services that protect your personal data from mass surveillance programs and other internet threats.
---
If you're looking for a specific solution to something, these are the hardware and software tools we recommend in a variety of categories. Our recommended privacy tools are primarily chosen based on security features, with additional emphasis on decentralized and open-source tools. They are applicable to a variety of threat models ranging from protection against global mass surveillance programs and avoiding big tech companies to mitigating attacks, but only you can determine what will work best for your needs.
@@ -84,7 +85,7 @@ For more details about each project, why they were chosen, and additional tips o
<div class="grid cards" markdown>
- ![Aurora Store logo](/assets/img/android/aurora-store.webp){ .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- ![Aurora Store logo](assets/img/android/aurora-store.webp){ .twemoji } [Aurora Store (Google Play Client)](android.md#aurora-store)
- ![Shelter logo](assets/img/android/mini/shelter.svg){ .twemoji } [Shelter (Work Profiles)](android.md#shelter)
- ![Auditor logo](assets/img/android/auditor.svg#only-light){ .twemoji }![GrapheneOS logo](assets/img/android/auditor-dark.svg#only-dark){ .twemoji } [Auditor (Supported Devices)](android.md#auditor)
- ![Secure Camera logo](assets/img/android/secure_camera.svg#only-light){ .twemoji }![Secure Camera logo](assets/img/android/secure_camera-dark.svg#only-dark){ .twemoji } [Secure Camera](android.md#secure-camera)
@@ -199,6 +200,29 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
[Learn more :material-arrow-right-drop-circle:](email.md#self-hosting-email)
### Serviços Financeiros
#### Serviços de Mascaramento de Pagamento
<div class="grid cards" markdown>
- ![Privacy.com logo](assets/img/financial-services/privacy_com.svg#only-light){ .twemoji }![Privacy.com logo](assets/img/financial-services/privacy_com-dark.svg#only-dark){ .twemoji } [Privacy.com](financial-services.md#privacycom-us-free)
- ![MySudo logo](assets/img/financial-services/mysudo.svg#only-light){ .twemoji }![MySudo logo](assets/img/financial-services/mysudo-dark.svg#only-dark){ .twemoji } [MySudo](financial-services.md#mysudo-us-paid)
</div>
[Learn more :material-arrow-right-drop-circle:](financial-services.md#payment-masking-services)
#### Mercados de Cartões-Presente Online
<div class="grid cards" markdown>
- ![Cake Pay logo](assets/img/financial-services/cakepay.svg){ .twemoji } [Cake Pay](financial-services.md#cake-pay)
- ![CoinCards logo](assets/img/financial-services/coincards.svg){ .twemoji } [CoinCards](financial-services.md#coincards)
</div>
[Learn more :material-arrow-right-drop-circle:](financial-services.md#gift-card-marketplaces)
### Search Engines
<div class="grid cards" markdown>
@@ -226,9 +250,9 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
<div class="grid cards" markdown>
- ![Proton VPN logo](assets/img/vpn/protonvpn.svg){ .twemoji } [Proton VPN](vpn.md#proton-vpn)
- ![IVPN logo](assets/img/vpn/mini/ivpn.svg){ .twemoji } [IVPN](vpn.md#ivpn)
- ![Mullvad logo](assets/img/vpn/mullvad.svg){ .twemoji } [Mullvad](vpn.md#mullvad)
- ![Proton VPN logo](assets/img/vpn/protonvpn.svg){ .twemoji } [Proton VPN](vpn.md#proton-vpn)
</div>
@@ -247,6 +271,16 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
[Learn more :material-arrow-right-drop-circle:](calendar.md)
### Criptomoedas
<div class="grid cards" markdown>
- ![Monero logo](assets/img/cryptocurrency/monero.svg){ .twemoji }[Monero](cryptocurrency.md#monero)
</div>
[Learn more :material-arrow-right-drop-circle:](cryptocurrency.md)
### Data and Metadata Redaction
<div class="grid cards" markdown>
@@ -414,7 +448,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
</div>
[Learn more :material-arrow-right-drop-circle:](productivity.md)
[Saiba mais :material-arrow-right-drop-circle:](productivity.md)
### Real-Time Communication
@@ -428,7 +462,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
</div>
[Learn more :material-arrow-right-drop-circle:](real-time-communication.md)
[Saiba mais :material-arrow-right-drop-circle:](real-time-communication.md)
### Video Streaming Clients
@@ -438,6 +472,4 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
</div>
[Learn more :material-arrow-right-drop-circle:](video-streaming.md)
--8<-- "includes/abbreviations.pt-BR.txt"
[Saiba mais :material-arrow-right-drop-circle:](video-streaming.md)

11
i18n/pt-BR/tor.md
View File

@@ -1,6 +1,7 @@
---
title: "Tor Network"
icon: simple/torproject
description: Protect your internet browsing from prying eyes by using the Tor network, a secure network which circumvents censorship.
---
![Tor logo](assets/img/self-contained-networks/tor.svg){ align=right }
@@ -15,13 +16,7 @@ The **Tor** network is a group of volunteer-operated servers that allows you to
Tor works by routing your internet traffic through those volunteer-operated servers, instead of making a direct connection to the site you're trying to visit. This obfuscates where the traffic is coming from, and no server in the connection path is able to see the full path of where the traffic is coming from and going to, meaning even the servers you are using to connect cannot break your anonymity.
<figure markdown>
![Tor path](assets/img/how-tor-works/tor-path.svg#only-light)
![Tor path](assets/img/how-tor-works/tor-path-dark.svg#only-dark)
<figcaption>Tor circuit pathway - Nodes in the path can only see the servers they are directly connected to, for example the "Entry" node shown can see your IP address, and the address of the "Middle" node, but has no way to see which website you are visiting.</figcaption>
</figure>
- [More information about how Tor works :material-arrow-right-drop-circle:](advanced/tor-overview.md)
[Detalhes do Tor :material-arrow-right-drop-circle:](advanced/tor-overview.md ""){.md-button}
## Connecting to Tor
@@ -127,5 +122,3 @@ For resistance against traffic analysis attacks, consider enabling *Isolate Dest
Snowflake does not increase your privacy in any way, nor is it used to connect to the Tor network within your personal browser. However, if your internet connection is uncensored, you should consider running it to help people in censored networks achieve better privacy themselves. There is no need to worry about which websites people are accessing through your proxy—their visible browsing IP address will match their Tor exit node, not yours.
Running a Snowflake proxy is low-risk, even moreso than running a Tor relay or bridge which are already not particularly risky endeavours. However, it does still proxy traffic through your network which can be impactful in some ways, especially if your network is bandwidth-limited. Make sure you understand [how Snowflake works](https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/wikis/home) before deciding whether to run a proxy.
--8<-- "includes/abbreviations.pt-BR.txt"

3
i18n/pt-BR/video-streaming.md
View File

@@ -1,6 +1,7 @@
---
title: "Video Streaming"
icon: material/video-wireless
description: These networks allow you to stream internet content without building an advertising profile based on your interests.
---
The primary threat when using a video streaming platform is that your streaming habits and subscription lists could be used to profile you. You should combine these tools with a [VPN](vpn.md) or [Tor](https://www.torproject.org/) to make it harder to profile your usage.
@@ -48,5 +49,3 @@ You can disable *Save hosting data to help the LBRY network* option in :gear: **
- Must not require a centralized account to view videos.
- Decentralized authentication, such as via a mobile wallet's private key is acceptable.
--8<-- "includes/abbreviations.pt-BR.txt"

254
i18n/pt-BR/vpn.md
View File

@@ -1,11 +1,20 @@
---
title: "Serviços VPN"
title: "VPN Services"
icon: material/vpn
description: These are the best VPN services for protecting your privacy and security online. Find a provider here that isnt out to spy on you.
---
Encontre um operador de VPN sem rastreamento que não esteja fora para vender ou ler seu tráfego online.
Se você está procurando mais **privacidade** do seu ISP, em uma rede Wi-Fi pública, ou ao fazer torrent de arquivos, uma VPN pode ser a solução para você, desde que entenda os riscos envolvidos. We think these providers are a cut above the rest:
??? perigo "VPNs não fornecem anonimidade"
<div class="grid cards" markdown>
- ![IVPN logo](assets/img/vpn/mini/ivpn.svg){ .twemoji } [IVPN](#ivpn)
- ![Mullvad logo](assets/img/vpn/mullvad.svg){ .twemoji } [Mullvad](#mullvad)
- ![Proton VPN logo](assets/img/vpn/protonvpn.svg){ .twemoji } [Proton VPN](#proton-vpn)
</div>
!!! perigo "VPNs não fornecem anonimidade"
Using a VPN will **not** keep your browsing habits anonymous, nor will it add additional security to non-secure (HTTP) traffic.
@@ -15,80 +24,11 @@ Encontre um operador de VPN sem rastreamento que não esteja fora para vender ou
[Baixar Tor Browser](https://www.torproject.org/){ .md-button .md-button--primary } [Mitos sobre o Tor Browser & FAQ](advanced/tor-overview.md){ .md-button }
??? pergunta "Quando VPNs são úteis?"
Se estiver à procura de **privacidade** adicional do seu ISP, numa rede Wi-Fi pública, ou enquanto faça torrent de arquivos, uma VPN pode ser a solução, desde que entenda os riscos envolvidos.
[Mais Informações](basics/vpn-overview.md){ .md-button }
[Detalhes sobre VPNs :material-arrow-right-drop-circle:](basics/vpn-overview.md ""){.md-button}
## Provedores Recomendados
!!! resumo "Critérios"
Nossos fornecedores recomendados usam encriptação, aceitam Monero, suportam WireGuard e OpenVPN, e têm uma política de não-rastreamento. Leia nossa [lista completa de critérios](#our-criteria) para mais informações.
### Proton VPN
!!! anotar recomendação
![Logomarca ProtonVPN](assets/img/vpn/protonvpn.svg){ align=right }
**Proton VPN** é um forte concorrente no espaço VPN, e estão em funcionamento desde 2016. Proton AG está sediada na Suíça e oferece um plano gratuito limitado, bem como uma opção paga com mais recursos.
[:octicons-home-16: Página Inicial](https://protonvpn.com/){ .md-button .md-button--primary }
[:octicons-eye-16:](https://protonvpn.com/privacy-policy){ .card-link title="Política de Privacidade" }
[:octicons-info-16:](https://protonvpn.com/support/){ .card-link title=Documentação}
[:octicons-code-16:](https://github.com/ProtonVPN){ .card-link title="Código Fonte" }
??? downloads
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=ch.protonvpn.android)
- [:simple-appstore: App Store](https://apps.apple.com/app/apple-store/id1437005085)
- [:simple-github: GitHub](https://github.com/ProtonVPN/android-app/releases)
- [:simple-windows11: Windows](https://protonvpn.com/download-windows)
- [:simple-linux: Linux](https://protonvpn.com/support/linux-vpn-setup/)
??? verificar anotação "64 Países"
ProtonVPN tem [servidores em 64 países](https://protonvpn.com/vpn-servers) (1). Escolher um fornecedor de VPN com um servidor mais próximo de você irá reduzir a latência do tráfego de rede que você enviar. Isto deve-se a um caminho mais curto (menos pulos) até ao destino.
We also think it's better for the security of the VPN provider's private keys if they use [dedicated servers](https://en.wikipedia.org/wiki/Dedicated_hosting_service), instead of cheaper shared solutions (with other customers) such as [virtual private servers](https://en.wikipedia.org/wiki/Virtual_private_server).
1. Última verificação: 16-09-2022
??? verificar "Auditado Independentemente"
Em Janeiro de 2020, ProtonVPN foi submetida a uma auditoria independente pela SEC Consult. SEC Consult found some medium and low risk vulnerabilities in Proton VPN's Windows, Android, and iOS applications, all of which were "properly fixed" by Proton VPN before the reports were published. None of the issues identified would have provided an attacker remote access to your device or traffic. You can view individual reports for each platform at [protonvpn.com](https://protonvpn.com/blog/open-source/). In April 2022 Proton VPN underwent [another audit](https://protonvpn.com/blog/no-logs-audit/) and the report was [produced by Securitum](https://protonvpn.com/blog/wp-content/uploads/2022/04/securitum-protonvpn-nologs-20220330.pdf). A [letter of attestation](https://proton.me/blog/security-audit-all-proton-apps) was provided for Proton VPN's apps on 9th November 2021 by [Securitum](https://research.securitum.com).
??? verificar "Clientes Código-Aberto"
Proton VPN fornece o código fonte para os seus clientes desktop e móveis na sua [organização GitHub](https://github.com/ProtonVPN).
??? verificar "Aceita Dinheiro"
ProtonVPN, além de aceitar cartões de crédito/débito e PayPal, aceita Bitcoin, e **dinheiro/moeda local** como formas de pagamento anônimas.
??? verificar "Suporta WireGuard"
Proton VPN suporta principalmente o protocolo WireGuard®. [WireGuard](https://www.wireguard.com) is a newer protocol that uses state-of-the-art [cryptography](https://www.wireguard.com/protocol/). Additionally, WireGuard aims to be simpler and more performant.
Proton VPN [recommends](https://protonvpn.com/blog/wireguard/) the use of WireGuard with their service. On Proton VPN's Windows, macOS, iOS, Android, ChromeOS, and Android TV apps, WireGuard is the default protocol; however, [support](https://protonvpn.com/support/how-to-change-vpn-protocols/) for the protocol is not present in their Linux app.
??? warning "Remote Port Forwarding"
Proton VPN currently only supports remote [port forwarding](https://protonvpn.com/support/port-forwarding/) on Windows, which may impact some applications. Especially Peer-to-peer applications like Torrent clients.
??? success "Mobile Clients"
In addition to providing standard OpenVPN configuration files, Proton VPN has mobile clients for [App Store](https://apps.apple.com/us/app/protonvpn-fast-secure-vpn/id1437005085), [Google Play](https://play.google.com/store/apps/details?id=ch.protonvpn.android&hl=en_US), and [GitHub](https://github.com/ProtonVPN/android-app/releases) allowing for easy connections to their servers.
??? info "Additional Functionality"
Proton VPN clients support two factor authentication on all platforms except Linux at the moment. Proton VPN has their own servers and datacenters in Switzerland, Iceland and Sweden. They offer adblocking and known malware domains blocking with their DNS service. Additionally, Proton VPN also offers "Tor" servers allowing you to easily connect to onion sites, but we still strongly recommend using [the official Tor Browser](https://www.torproject.org/) for this purpose.
!!! danger "Killswitch feature is broken on Intel-based Macs"
System crashes [may occur](https://protonvpn.com/support/macos-t2-chip-kill-switch/) on Intel-based Macs when using the VPN killswitch. If you require this feature, and you are using a Mac with Intel chipset, you should consider using another VPN service.
Nossos fornecedores recomendados usam encriptação, aceitam Monero, suportam WireGuard e OpenVPN, e têm uma política de não-rastreamento. Read our [full list of criteria](#criteria) for more information.
### IVPN
@@ -111,43 +51,44 @@ Encontre um operador de VPN sem rastreamento que não esteja fora para vender ou
- [:simple-apple: macOS](https://www.ivpn.net/apps-macos/)
- [:simple-linux: Linux](https://www.ivpn.net/apps-linux/)
??? success annotate "35 Countries"
#### :material-check:{ .pg-green } 35 Countries
IVPN has [servers in 35 countries](https://www.ivpn.net/server-locations) (1). Escolher um fornecedor de VPN com um servidor mais próximo de você irá reduzir a latência do tráfego de rede que você enviar. Isto deve-se a um caminho mais curto (menos pulos) até ao destino.
We also think it's better for the security of the VPN provider's private keys if they use [dedicated servers](https://en.wikipedia.org/wiki/Dedicated_hosting_service), instead of cheaper shared solutions (with other customers) such as [virtual private servers](https://en.wikipedia.org/wiki/Virtual_private_server).
IVPN has [servers in 35 countries](https://www.ivpn.net/server-locations).(1) Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. Isto deve-se a um caminho mais curto (menos pulos) até ao destino.
{ .annotate }
1. Última verificação: 16-09-2022
??? verificar "Auditado Independentemente"
We also think it's better for the security of the VPN provider's private keys if they use [dedicated servers](https://en.wikipedia.org/wiki/Dedicated_hosting_service), instead of cheaper shared solutions (with other customers) such as [virtual private servers](https://en.wikipedia.org/wiki/Virtual_private_server).
IVPN has undergone a [no-logging audit from Cure53](https://cure53.de/audit-report_ivpn.pdf) which concluded in agreement with IVPN's no-logging claim. IVPN has also completed a [comprehensive pentest report Cure53](https://cure53.de/summary-report_ivpn_2019.pdf) in January 2020. IVPN has also said they plan to have [annual reports](https://www.ivpn.net/blog/independent-security-audit-concluded) in the future. A further review was conducted [in April 2022](https://www.ivpn.net/blog/ivpn-apps-security-audit-2022-concluded/) and was produced by Cure53 [on their website](https://cure53.de/pentest-report_IVPN_2022.pdf).
#### :material-check:{ .pg-green } Independently Audited
??? verificar "Clientes Código-Aberto"
IVPN has undergone a [no-logging audit from Cure53](https://cure53.de/audit-report_ivpn.pdf) which concluded in agreement with IVPN's no-logging claim. IVPN has also completed a [comprehensive pentest report Cure53](https://cure53.de/summary-report_ivpn_2019.pdf) in January 2020. IVPN has also said they plan to have [annual reports](https://www.ivpn.net/blog/independent-security-audit-concluded) in the future. A further review was conducted [in April 2022](https://www.ivpn.net/blog/ivpn-apps-security-audit-2022-concluded/) and was produced by Cure53 [on their website](https://cure53.de/pentest-report_IVPN_2022.pdf).
As of February 2020 [IVPN applications are now open-source](https://www.ivpn.net/blog/ivpn-applications-are-now-open-source). Source code can be obtained from their [GitHub organization](https://github.com/ivpn).
#### :material-check:{ .pg-green } Open-Source Clients
??? success "Accepts Cash and Monero"
As of February 2020 [IVPN applications are now open-source](https://www.ivpn.net/blog/ivpn-applications-are-now-open-source). Source code can be obtained from their [GitHub organization](https://github.com/ivpn).
In addition to accepting credit/debit cards and PayPal, IVPN accepts Bitcoin, **Monero** and **cash/local currency** (on annual plans) as anonymous forms of payment.
#### :material-check:{ .pg-green } Accepts Cash and Monero
??? verificar "Suporta WireGuard"
In addition to accepting credit/debit cards and PayPal, IVPN accepts Bitcoin, **Monero** and **cash/local currency** (on annual plans) as anonymous forms of payment.
IVPN supports the WireGuard® protocol. [WireGuard](https://www.wireguard.com) is a newer protocol that uses state-of-the-art [cryptography](https://www.wireguard.com/protocol/). Additionally, WireGuard aims to be simpler and more performant.
IVPN [recommends](https://www.ivpn.net/wireguard/) the use of WireGuard with their service and, as such, the protocol is the default on all of IVPN's apps. IVPN also offers a WireGuard configuration generator for use with the official WireGuard [apps](https://www.wireguard.com/install/).
#### :material-check:{ .pg-green } WireGuard Support
??? success "Remote Port Forwarding"
IVPN supports the WireGuard® protocol. [WireGuard](https://www.wireguard.com) is a newer protocol that uses state-of-the-art [cryptography](https://www.wireguard.com/protocol/). Additionally, WireGuard aims to be simpler and more performant.
Remote [port forwarding](https://en.wikipedia.org/wiki/Port_forwarding) is possible with a Pro plan. Port forwarding [can be activated](https://www.ivpn.net/knowledgebase/81/How-do-I-activate-port-forwarding.html) via the client area. Port forwarding is only available on IVPN when using WireGuard or OpenVPN protocols and is [disabled on US servers](https://www.ivpn.net/knowledgebase/116/Port-forwarding-is-not-working-why.html).
IVPN [recommends](https://www.ivpn.net/wireguard/) the use of WireGuard with their service and, as such, the protocol is the default on all of IVPN's apps. IVPN also offers a WireGuard configuration generator for use with the official WireGuard [apps](https://www.wireguard.com/install/).
??? success "Mobile Clients"
#### :material-check:{ .pg-green } Remote Port Forwarding
In addition to providing standard OpenVPN configuration files, IVPN has mobile clients for [App Store](https://apps.apple.com/us/app/ivpn-serious-privacy-protection/id1193122683), [Google Play](https://play.google.com/store/apps/details?id=net.ivpn.client), and [GitHub](https://github.com/ivpn/android-app/releases) allowing for easy connections to their servers.
Remote [port forwarding](https://en.wikipedia.org/wiki/Port_forwarding) is possible with a Pro plan. Port forwarding [can be activated](https://www.ivpn.net/knowledgebase/81/How-do-I-activate-port-forwarding.html) via the client area. Port forwarding is only available on IVPN when using WireGuard or OpenVPN protocols and is [disabled on US servers](https://www.ivpn.net/knowledgebase/116/Port-forwarding-is-not-working-why.html).
??? info "Additional Functionality"
#### :material-check:{ .pg-green } Mobile Clients
IVPN clients support two factor authentication (Mullvad's clients do not). IVPN also provides "[AntiTracker](https://www.ivpn.net/antitracker)" functionality, which blocks advertising networks and trackers from the network level.
In addition to providing standard OpenVPN configuration files, IVPN has mobile clients for [App Store](https://apps.apple.com/us/app/ivpn-serious-privacy-protection/id1193122683), [Google Play](https://play.google.com/store/apps/details?id=net.ivpn.client), and [GitHub](https://github.com/ivpn/android-app/releases) allowing for easy connections to their servers.
#### :material-information-outline:{ .pg-blue } Additional Functionality
IVPN clients support two factor authentication (Mullvad's clients do not). IVPN also provides "[AntiTracker](https://www.ivpn.net/antitracker)" functionality, which blocks advertising networks and trackers from the network level.
### Mullvad
@@ -172,55 +113,120 @@ Encontre um operador de VPN sem rastreamento que não esteja fora para vender ou
- [:simple-apple: macOS](https://mullvad.net/en/download/macos/)
- [:simple-linux: Linux](https://mullvad.net/en/download/linux/)
??? verificar anotação "39 Países"
#### :material-check:{ .pg-green } 41 Countries
Mullvad has [servers in 41 countries](https://mullvad.net/servers/) (1). Escolher um fornecedor de VPN com um servidor mais próximo de você irá reduzir a latência do tráfego de rede que você enviar. Isto deve-se a um caminho mais curto (menos pulos) até ao destino.
We also think it's better for the security of the VPN provider's private keys if they use [dedicated servers](https://en.wikipedia.org/wiki/Dedicated_hosting_service), instead of cheaper shared solutions (with other customers) such as [virtual private servers](https://en.wikipedia.org/wiki/Virtual_private_server).
Mullvad has [servers in 41 countries](https://mullvad.net/servers/).(1) Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. Isto deve-se a um caminho mais curto (menos pulos) até ao destino.
{ .annotate }
1. Última verificação: 16-09-2022
??? verificar "Auditado Independentemente"
We also think it's better for the security of the VPN provider's private keys if they use [dedicated servers](https://en.wikipedia.org/wiki/Dedicated_hosting_service), instead of cheaper shared solutions (with other customers) such as [virtual private servers](https://en.wikipedia.org/wiki/Virtual_private_server).
Mullvad's VPN clients have been audited by Cure53 and Assured AB in a pentest report [published at cure53.de](https://cure53.de/pentest-report_mullvad_v2.pdf). The security researchers concluded:
#### :material-check:{ .pg-green } Independently Audited
Mullvad's VPN clients have been audited by Cure53 and Assured AB in a pentest report [published at cure53.de](https://cure53.de/pentest-report_mullvad_v2.pdf). The security researchers concluded:
> Cure53 and Assured AB are happy with the results of the audit and the software leaves an overall positive impression. With security dedication of the in-house team at the Mullvad VPN compound, the testers have no doubts about the project being on the right track from a security standpoint.
In 2020 a second audit [was announced](https://mullvad.net/blog/2020/6/25/results-available-audit-mullvad-app/) and the [final audit report](https://cure53.de/pentest-report_mullvad_2020_v2.pdf) was made available on Cure53's website:
> The results of this May-June 2020 project targeting the Mullvad complex are quite positive. [...] The overall application ecosystem used by Mullvad leaves a sound and structured impression. The overall structure of the application makes it easy to roll out patches and fixes in a structured manner. More than anything, the findings spotted by Cure53 showcase the importance of constantly auditing and re-assessing the current leak vectors, in order to always ensure privacy of the end-users. With that being said, Mullvad does a great job protecting the end-user from common PII leaks and privacy related risks.
In 2021 an infrastructure audit [was announced](https://mullvad.net/en/blog/2021/1/20/no-pii-or-privacy-leaks-found-cure53s-infrastructure-audit/) and the [final audit report](https://cure53.de/pentest-report_mullvad_2021_v1.pdf) was made available on Cure53's website. Another report was commissioned [in June 2022](https://mullvad.net/en/blog/2022/6/22/vpn-server-audit-found-no-information-leakage-or-logging-of-customer-data/) and is available on [Assured's website](https://www.assured.se/publications/Assured_Mullvad_relay_server_audit_report_2022.pdf).
#### :material-check:{ .pg-green } Open-Source Clients
Mullvad provides the source code for their desktop and mobile clients in their [GitHub organization](https://github.com/mullvad/mullvadvpn-app).
#### :material-check:{ .pg-green } Accepts Cash and Monero
Mullvad, in addition to accepting credit/debit cards and PayPal, accepts Bitcoin, Bitcoin Cash, **Monero** and **cash/local currency** as anonymous forms of payment. They also accept Swish and bank wire transfers.
#### :material-check:{ .pg-green } WireGuard Support
Mullvad suporta o protocolo WireGuard®. [WireGuard](https://www.wireguard.com) is a newer protocol that uses state-of-the-art [cryptography](https://www.wireguard.com/protocol/). Additionally, WireGuard aims to be simpler and more performant.
Mullvad [recommends](https://mullvad.net/en/help/why-wireguard/) the use of WireGuard with their service. It is the default or only protocol on Mullvad's Android, iOS, macOS, and Linux apps, but on Windows you have to [manually enable](https://mullvad.net/en/help/how-turn-wireguard-mullvad-app/) WireGuard. Mullvad also offers a WireGuard configuration generator for use with the official WireGuard [apps](https://www.wireguard.com/install/).
#### :material-check:{ .pg-green } IPv6 Support
Mullvad supports the future of networking [IPv6](https://en.wikipedia.org/wiki/IPv6). Their network allows you to [access services hosted on IPv6](https://mullvad.net/en/blog/2014/9/15/ipv6-support/) as opposed to other providers who block IPv6 connections.
#### :material-check:{ .pg-green } Remote Port Forwarding
Remote [port forwarding](https://en.wikipedia.org/wiki/Port_forwarding) is allowed for people who make one-time payments, but not allowed for accounts with a recurring/subscription-based payment method. This is to prevent Mullvad from being able to identify you based on your port usage and stored subscription information. See [Port forwarding with Mullvad VPN](https://mullvad.net/help/port-forwarding-and-mullvad/) for more information.
#### :material-check:{ .pg-green } Mobile Clients
Mullvad has published [App Store](https://apps.apple.com/app/mullvad-vpn/id1488466513) and [Google Play](https://play.google.com/store/apps/details?id=net.mullvad.mullvadvpn) clients, both supporting an easy-to-use interface as opposed to requiring you to manually configure your WireGuard connection. The Android client is also available on [GitHub](https://github.com/mullvad/mullvadvpn-app/releases).
#### :material-information-outline:{ .pg-blue } Additional Functionality
Mullvad is very transparent about which nodes they [own or rent](https://mullvad.net/en/servers/). They use [ShadowSocks](https://shadowsocks.org/) in their ShadowSocks + OpenVPN configuration, making them more resistant against firewalls with [Deep Packet Inspection](https://en.wikipedia.org/wiki/Deep_packet_inspection) trying to block VPNs. Supposedly, [China has to use a different method to block ShadowSocks servers](https://github.com/net4people/bbs/issues/22). Mullvad's website is also accessible via Tor at [o54hon2e2vj6c7m3aqqu6uyece65by3vgoxxhlqlsvkmacw6a7m7kiad.onion](http://o54hon2e2vj6c7m3aqqu6uyece65by3vgoxxhlqlsvkmacw6a7m7kiad.onion).
### Proton VPN
!!! anotar recomendação
![Logomarca ProtonVPN](assets/img/vpn/protonvpn.svg){ align=right }
> Cure53 and Assured AB are happy with the results of the audit and the software leaves an overall positive impression. With security dedication of the in-house team at the Mullvad VPN compound, the testers have no doubts about the project being on the right track from a security standpoint.
**Proton VPN** é um forte concorrente no espaço VPN, e estão em funcionamento desde 2016. Proton AG está sediada na Suíça e oferece um plano gratuito limitado, bem como uma opção paga com mais recursos.
In 2020 a second audit [was announced](https://mullvad.net/blog/2020/6/25/results-available-audit-mullvad-app/) and the [final audit report](https://cure53.de/pentest-report_mullvad_2020_v2.pdf) was made available on Cure53's website:
[:octicons-home-16: Página Inicial](https://protonvpn.com/){ .md-button .md-button--primary }
[:octicons-eye-16:](https://protonvpn.com/privacy-policy){ .card-link title="Política de Privacidade" }
[:octicons-info-16:](https://protonvpn.com/support/){ .card-link title=Documentação}
[:octicons-code-16:](https://github.com/ProtonVPN){ .card-link title="Código Fonte" }
> The results of this May-June 2020 project targeting the Mullvad complex are quite positive. [...] The overall application ecosystem used by Mullvad leaves a sound and structured impression. The overall structure of the application makes it easy to roll out patches and fixes in a structured manner. More than anything, the findings spotted by Cure53 showcase the importance of constantly auditing and re-assessing the current leak vectors, in order to always ensure privacy of the end-users. With that being said, Mullvad does a great job protecting the end-user from common PII leaks and privacy related risks.
??? downloads
In 2021 an infrastructure audit [was announced](https://mullvad.net/en/blog/2021/1/20/no-pii-or-privacy-leaks-found-cure53s-infrastructure-audit/) and the [final audit report](https://cure53.de/pentest-report_mullvad_2021_v1.pdf) was made available on Cure53's website. Another report was commissioned [in June 2022](https://mullvad.net/en/blog/2022/6/22/vpn-server-audit-found-no-information-leakage-or-logging-of-customer-data/) and is available on [Assured's website](https://www.assured.se/publications/Assured_Mullvad_relay_server_audit_report_2022.pdf).
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=ch.protonvpn.android)
- [:simple-appstore: App Store](https://apps.apple.com/app/apple-store/id1437005085)
- [:simple-github: GitHub](https://github.com/ProtonVPN/android-app/releases)
- [:simple-windows11: Windows](https://protonvpn.com/download-windows)
- [:simple-linux: Linux](https://protonvpn.com/support/linux-vpn-setup/)
??? verificar "Clientes Código-Aberto"
#### :material-check:{ .pg-green } 67 Countries
Mullvad provides the source code for their desktop and mobile clients in their [GitHub organization](https://github.com/mullvad/mullvadvpn-app).
Proton VPN has [servers in 67 countries](https://protonvpn.com/vpn-servers).(1) Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. Isto deve-se a um caminho mais curto (menos pulos) até ao destino.
{ .annotate }
??? success "Accepts Cash and Monero"
1. Última verificação: 16-09-2022
Mullvad, in addition to accepting credit/debit cards and PayPal, accepts Bitcoin, Bitcoin Cash, **Monero** and **cash/local currency** as anonymous forms of payment. They also accept Swish and bank wire transfers.
We also think it's better for the security of the VPN provider's private keys if they use [dedicated servers](https://en.wikipedia.org/wiki/Dedicated_hosting_service), instead of cheaper shared solutions (with other customers) such as [virtual private servers](https://en.wikipedia.org/wiki/Virtual_private_server).
??? verificar "Suporta WireGuard"
#### :material-check:{ .pg-green } Independently Audited
Mullvad suporta o protocolo WireGuard®. [WireGuard](https://www.wireguard.com) is a newer protocol that uses state-of-the-art [cryptography](https://www.wireguard.com/protocol/). Additionally, WireGuard aims to be simpler and more performant.
Mullvad [recommends](https://mullvad.net/en/help/why-wireguard/) the use of WireGuard with their service. It is the default or only protocol on Mullvad's Android, iOS, macOS, and Linux apps, but on Windows you have to [manually enable](https://mullvad.net/en/help/how-turn-wireguard-mullvad-app/) WireGuard. Mullvad also offers a WireGuard configuration generator for use with the official WireGuard [apps](https://www.wireguard.com/install/).
Em Janeiro de 2020, ProtonVPN foi submetida a uma auditoria independente pela SEC Consult. SEC Consult found some medium and low risk vulnerabilities in Proton VPN's Windows, Android, and iOS applications, all of which were "properly fixed" by Proton VPN before the reports were published. None of the issues identified would have provided an attacker remote access to your device or traffic. You can view individual reports for each platform at [protonvpn.com](https://protonvpn.com/blog/open-source/). In April 2022 Proton VPN underwent [another audit](https://protonvpn.com/blog/no-logs-audit/) and the report was [produced by Securitum](https://protonvpn.com/blog/wp-content/uploads/2022/04/securitum-protonvpn-nologs-20220330.pdf). A [letter of attestation](https://proton.me/blog/security-audit-all-proton-apps) was provided for Proton VPN's apps on 9th November 2021 by [Securitum](https://research.securitum.com).
??? verificar "Suporte à IPv6"
#### :material-check:{ .pg-green } Open-Source Clients
Mullvad supports the future of networking [IPv6](https://en.wikipedia.org/wiki/IPv6). Their network allows you to [access services hosted on IPv6](https://mullvad.net/en/blog/2014/9/15/ipv6-support/) as opposed to other providers who block IPv6 connections.
Proton VPN provides the source code for their desktop and mobile clients in their [GitHub organization](https://github.com/ProtonVPN).
??? success "Remote Port Forwarding"
#### :material-check:{ .pg-green } Accepts Cash
Remote [port forwarding](https://en.wikipedia.org/wiki/Port_forwarding) is allowed for people who make one-time payments, but not allowed for accounts with a recurring/subscription-based payment method. This is to prevent Mullvad from being able to identify you based on your port usage and stored subscription information. See [Port forwarding with Mullvad VPN](https://mullvad.net/help/port-forwarding-and-mullvad/) for more information.
Proton VPN, in addition to accepting credit/debit cards, PayPal, and [Bitcoin](advanced/payments.md#other-coins-bitcoin-ethereum-etc), also accepts **cash/local currency** as an anonymous form of payment.
??? success "Mobile Clients"
#### :material-check:{ .pg-green } WireGuard Support
Mullvad has published [App Store](https://apps.apple.com/app/mullvad-vpn/id1488466513) and [Google Play](https://play.google.com/store/apps/details?id=net.mullvad.mullvadvpn) clients, both supporting an easy-to-use interface as opposed to requiring you to manually configure your WireGuard connection. The Android client is also available on [GitHub](https://github.com/mullvad/mullvadvpn-app/releases).
Proton VPN suporta principalmente o protocolo WireGuard®. [WireGuard](https://www.wireguard.com) is a newer protocol that uses state-of-the-art [cryptography](https://www.wireguard.com/protocol/). Additionally, WireGuard aims to be simpler and more performant.
??? info "Additional Functionality"
Proton VPN [recommends](https://protonvpn.com/blog/wireguard/) the use of WireGuard with their service. On Proton VPN's Windows, macOS, iOS, Android, ChromeOS, and Android TV apps, WireGuard is the default protocol; however, [support](https://protonvpn.com/support/how-to-change-vpn-protocols/) for the protocol is not present in their Linux app.
Mullvad is very transparent about which nodes they [own or rent](https://mullvad.net/en/servers/). They use [ShadowSocks](https://shadowsocks.org/) in their ShadowSocks + OpenVPN configuration, making them more resistant against firewalls with [Deep Packet Inspection](https://en.wikipedia.org/wiki/Deep_packet_inspection) trying to block VPNs. Supposedly, [China has to use a different method to block ShadowSocks servers](https://github.com/net4people/bbs/issues/22). Mullvad's website is also accessible via Tor at [o54hon2e2vj6c7m3aqqu6uyece65by3vgoxxhlqlsvkmacw6a7m7kiad.onion](http://o54hon2e2vj6c7m3aqqu6uyece65by3vgoxxhlqlsvkmacw6a7m7kiad.onion).
#### :material-alert-outline:{ .pg-orange } Remote Port Forwarding
Proton VPN currently only supports remote [port forwarding](https://protonvpn.com/support/port-forwarding/) on Windows, which may impact some applications. Especially Peer-to-peer applications like Torrent clients.
#### :material-check:{ .pg-green } Mobile Clients
In addition to providing standard OpenVPN configuration files, Proton VPN has mobile clients for [App Store](https://apps.apple.com/us/app/protonvpn-fast-secure-vpn/id1437005085), [Google Play](https://play.google.com/store/apps/details?id=ch.protonvpn.android&hl=en_US), and [GitHub](https://github.com/ProtonVPN/android-app/releases) allowing for easy connections to their servers.
#### :material-information-outline:{ .pg-blue } Additional Functionality
Proton VPN clients support two factor authentication on all platforms except Linux at the moment. Proton VPN has their own servers and datacenters in Switzerland, Iceland and Sweden. They offer adblocking and known malware domains blocking with their DNS service. Additionally, Proton VPN also offers "Tor" servers allowing you to easily connect to onion sites, but we still strongly recommend using [the official Tor Browser](https://www.torproject.org/) for this purpose.
#### :material-alert-outline:{ .pg-orange } Killswitch feature is broken on Intel-based Macs
System crashes [may occur](https://protonvpn.com/support/macos-t2-chip-kill-switch/) on Intel-based Macs when using the VPN killswitch. If you require this feature, and you are using a Mac with Intel chipset, you should consider using another VPN service.
## Criteria
@@ -256,13 +262,13 @@ We prefer our recommended providers to collect as little data as possible. Not c
**Minimum to Qualify:**
- Monero or cash payment option.
- [Criptomoeda anônima](cryptocurrency.md) **ou** opção de pagamento em dinheiro.
- No personal information required to register: Only username, password, and email at most.
**Best Case:**
- Accepts Monero, cash, and other forms of anonymous payment options (gift cards, etc.)
- No personal information accepted (autogenerated username, no email required, etc.)
- Aceita múltiplas [opções de pagamento anônimas](advanced/payments.md).
- Nenhuma informação pessoal é aceita (nome de usuário gerado automaticamente, nenhum e-mail necessário, etc.).
### Security
@@ -320,5 +326,3 @@ Responsible marketing that is both educational and useful to the consumer could
### Additional Functionality
While not strictly requirements, there are some factors we looked into when determining which providers to recommend. These include adblocking/tracker-blocking functionality, warrant canaries, multihop connections, excellent customer support, the number of allowed simultaneous connections, etc.
--8<-- "includes/abbreviations.pt-BR.txt"