2020-08-27 00:13:53 -04:00
|
|
|
# SOME DESCRIPTIVE TITLE.
|
2020-09-03 14:52:02 -04:00
|
|
|
# Copyright (C) Micah Lee, et al.
|
2020-08-27 00:13:53 -04:00
|
|
|
# This file is distributed under the same license as the OnionShare package.
|
|
|
|
# FIRST AUTHOR <EMAIL@ADDRESS>, 2020.
|
|
|
|
#
|
|
|
|
#, fuzzy
|
|
|
|
msgid ""
|
|
|
|
msgstr ""
|
|
|
|
"Project-Id-Version: OnionShare 2.3\n"
|
|
|
|
"Report-Msgid-Bugs-To: \n"
|
2020-12-13 20:50:01 -03:00
|
|
|
"POT-Creation-Date: 2020-12-13 15:48-0800\n"
|
2020-08-27 00:13:53 -04:00
|
|
|
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
|
|
|
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
|
|
|
"Language-Team: LANGUAGE <LL@li.org>\n"
|
|
|
|
"MIME-Version: 1.0\n"
|
|
|
|
"Content-Type: text/plain; charset=utf-8\n"
|
|
|
|
"Content-Transfer-Encoding: 8bit\n"
|
2020-11-15 19:44:58 -03:00
|
|
|
"Generated-By: Babel 2.9.0\n"
|
2020-08-27 00:13:53 -04:00
|
|
|
|
|
|
|
#: ../../source/security.rst:2
|
2020-11-15 19:44:58 -03:00
|
|
|
msgid "Security Design"
|
2020-08-27 00:13:53 -04:00
|
|
|
msgstr ""
|
|
|
|
|
|
|
|
#: ../../source/security.rst:4
|
2020-11-15 19:44:58 -03:00
|
|
|
msgid "Read :ref:`how_it_works` first to get a handle on how OnionShare works."
|
2020-08-27 00:13:53 -04:00
|
|
|
msgstr ""
|
|
|
|
|
2020-08-27 20:30:42 -04:00
|
|
|
#: ../../source/security.rst:6
|
|
|
|
msgid "Like all software, OnionShare may contain bugs or vulnerabilities."
|
2020-08-27 00:13:53 -04:00
|
|
|
msgstr ""
|
|
|
|
|
|
|
|
#: ../../source/security.rst:9
|
2020-08-27 20:30:42 -04:00
|
|
|
msgid "What OnionShare protects against"
|
|
|
|
msgstr ""
|
|
|
|
|
|
|
|
#: ../../source/security.rst:11
|
2020-08-27 00:13:53 -04:00
|
|
|
msgid ""
|
2023-05-31 09:54:10 -04:00
|
|
|
"**Third parties don't have access to anything that happens in OnionShare.** "
|
|
|
|
"Using OnionShare means hosting services directly on your computer. When "
|
|
|
|
"sharing files with OnionShare, they are not uploaded to any server. If you "
|
|
|
|
"make an OnionShare chat room, your computer acts as a server for that too. "
|
|
|
|
"This avoids the traditional model of having to trust the computers of others."
|
2020-08-27 00:13:53 -04:00
|
|
|
msgstr ""
|
|
|
|
|
2023-10-01 07:00:39 -03:00
|
|
|
#: ../../source/security.rst:13 ../../source/security.rst:17
|
2020-08-27 00:13:53 -04:00
|
|
|
msgid ""
|
2023-05-31 09:54:10 -04:00
|
|
|
"**Network eavesdroppers can't spy on anything that happens in OnionShare in "
|
|
|
|
"transit.** The connection between the Tor onion service and Tor Browser is "
|
|
|
|
"end-to-end encrypted. This means network attackers can't eavesdrop on "
|
|
|
|
"anything except encrypted Tor traffic. Even if an eavesdropper is a "
|
|
|
|
"malicious rendezvous node used to connect the Tor Browser with OnionShare's "
|
|
|
|
"onion service, the traffic is encrypted using the onion service's private "
|
|
|
|
"key."
|
2020-08-27 00:13:53 -04:00
|
|
|
msgstr ""
|
|
|
|
|
2023-10-01 07:00:39 -03:00
|
|
|
#: ../../source/security.rst:15 ../../source/security.rst:23
|
2020-08-27 00:13:53 -04:00
|
|
|
msgid ""
|
2023-05-31 09:54:10 -04:00
|
|
|
"**Anonymity of OnionShare users are protected by Tor.** OnionShare and Tor "
|
|
|
|
"Browser protect the anonymity of the users. As long as the OnionShare user "
|
|
|
|
"anonymously communicates the OnionShare address with the Tor Browser users, "
|
|
|
|
"the Tor Browser users and eavesdroppers can't learn the identity of the "
|
|
|
|
"OnionShare user."
|
2020-08-27 00:13:53 -04:00
|
|
|
msgstr ""
|
|
|
|
|
2020-08-27 20:30:42 -04:00
|
|
|
#: ../../source/security.rst:17
|
2020-08-27 00:13:53 -04:00
|
|
|
msgid ""
|
2020-11-15 19:44:58 -03:00
|
|
|
"**If an attacker learns about the onion service, it still can't access "
|
|
|
|
"anything.** Prior attacks against the Tor network to enumerate onion "
|
2023-05-31 09:54:10 -04:00
|
|
|
"services allowed the attacker to discover private .onion addresses. If an "
|
|
|
|
"attack discovers a private OnionShare address, a password will be prevent "
|
|
|
|
"them from accessing it (unless the OnionShare user chooses to turn it off "
|
|
|
|
"and make it public). The password is generated by choosing two random words "
|
|
|
|
"from a list of 6800 words, making 6800², or about 46 million possible "
|
|
|
|
"passwords. Only 20 wrong guesses can be made before OnionShare stops the "
|
|
|
|
"server, preventing brute force attacks against the password."
|
2020-08-27 00:13:53 -04:00
|
|
|
msgstr ""
|
|
|
|
|
2023-10-01 07:00:39 -03:00
|
|
|
#: ../../source/security.rst:20 ../../source/security.rst:33
|
2020-08-27 00:13:53 -04:00
|
|
|
msgid "What OnionShare doesn't protect against"
|
|
|
|
msgstr ""
|
|
|
|
|
2020-08-27 20:30:42 -04:00
|
|
|
#: ../../source/security.rst:22
|
2020-08-27 00:13:53 -04:00
|
|
|
msgid ""
|
2023-05-31 09:54:10 -04:00
|
|
|
"**Communicating the OnionShare address might not be secure.** Communicating "
|
|
|
|
"the OnionShare address to people is the responsibility of the OnionShare "
|
|
|
|
"user. If sent insecurely (such as through an email message monitored by an "
|
|
|
|
"attacker), an eavesdropper can tell that OnionShare is being used. If the "
|
|
|
|
"eavesdropper loads the address in Tor Browser while the service is still up, "
|
|
|
|
"they can access it. To avoid this, the address must be communicateed "
|
|
|
|
"securely, via encrypted text message (probably with disappearing messages "
|
|
|
|
"enabled), encrypted email, or in person. This isn't necessary when using "
|
|
|
|
"OnionShare for something that isn't secret."
|
2020-08-27 00:13:53 -04:00
|
|
|
msgstr ""
|
|
|
|
|
2020-08-27 20:30:42 -04:00
|
|
|
#: ../../source/security.rst:24
|
2020-08-27 00:13:53 -04:00
|
|
|
msgid ""
|
2020-11-15 19:44:58 -03:00
|
|
|
"**Communicating the OnionShare address might not be anonymous.** Extra "
|
2023-05-31 09:54:10 -04:00
|
|
|
"precautions must be taken to ensure the OnionShare address is communicated "
|
|
|
|
"anonymously. A new email or chat account, only accessed over Tor, can be "
|
|
|
|
"used to share the address. This isn't necessary unless anonymity is a goal."
|
2020-08-27 00:13:53 -04:00
|
|
|
msgstr ""
|
2023-10-01 07:00:39 -03:00
|
|
|
|
|
|
|
#: ../../source/security.rst:11
|
|
|
|
msgid ""
|
|
|
|
"**Third parties don't have access to anything that happens in OnionShare.** "
|
|
|
|
"Using OnionShare means hosting services directly on your computer. When "
|
|
|
|
"sharing your files with OnionShare, they are not uploaded to any third-party "
|
|
|
|
"server. If you make an OnionShare chat room, your computer acts as a server "
|
|
|
|
"for that too. This avoids the traditional model of having to trust the "
|
|
|
|
"computers of others."
|
|
|
|
msgstr ""
|
|
|
|
|
|
|
|
#: ../../source/security.rst:28
|
|
|
|
msgid ""
|
|
|
|
"**If an attacker learns about the onion service, they still can't access "
|
|
|
|
"anything.** Prior attacks against the Tor network to enumerate onion "
|
|
|
|
"services allowed attackers to discover private ``.onion`` addresses. To "
|
|
|
|
"access an OnionShare service from its address, the private key used for "
|
|
|
|
"client authentication must be guessed (unless the service is already made "
|
|
|
|
"public by turning off the private key -- see :ref:`turn_off_private_key`)."
|
|
|
|
msgstr ""
|
|
|
|
|
|
|
|
#: ../../source/security.rst:35
|
|
|
|
msgid ""
|
|
|
|
"**Communicating the OnionShare address and private key might not be secure."
|
|
|
|
"** Communicating the OnionShare address to people is the responsibility of "
|
|
|
|
"the OnionShare user. If sent insecurely (such as through an e-mail message "
|
|
|
|
"monitored by an attacker), an eavesdropper can tell that OnionShare is being "
|
|
|
|
"used. Eavesdroppers can access services that are still up by loading their "
|
|
|
|
"addresses and/or lost key in the Tor Browser. Avoid this by communicating "
|
|
|
|
"the address securely, via encrypted text message (probably with disappearing "
|
|
|
|
"messages enabled), encrypted e-mail, or in person. This isn't necessary when "
|
|
|
|
"using OnionShare for something that isn't secret."
|
|
|
|
msgstr ""
|
|
|
|
|
|
|
|
#: ../../source/security.rst:42
|
|
|
|
msgid ""
|
|
|
|
"**Communicating the OnionShare address and private key might not be "
|
|
|
|
"anonymous.** Extra precaution must be taken to ensure the OnionShare address "
|
|
|
|
"is communicated anonymously. A new e-mail or chat account, only accessed "
|
|
|
|
"over Tor, can be used to share the address. This isn't necessary unless "
|
|
|
|
"anonymity is a goal."
|
|
|
|
msgstr ""
|