diff --git a/config.toml b/config.toml
index 4545418..73edb44 100644
--- a/config.toml
+++ b/config.toml
@@ -67,6 +67,78 @@ offensive = "Offensif"
tags = "Tags"
mobile = "téléphonie"
+[languages.el]
+generate_feed = true
+taxonomies = [
+ {name = "categories"},
+ {name = "tags"},
+]
+title = "AnarSec"
+
+[languages.el.translations]
+language_name = "el"
+language_selection = "Langue"
+search = "Recherche"
+published = "Publié le"
+edited = "Modifié le"
+letter = "Brochure Letter"
+a4 = "Brochure A4"
+read = "Lire la suite"
+contents = "Sommaire"
+categories = "Catégories"
+defensive = "Défensif"
+offensive = "Offensif"
+tags = "Tags"
+mobile = "téléphonie"
+
+[languages.pt]
+generate_feed = true
+taxonomies = [
+ {name = "categories"},
+ {name = "tags"},
+]
+title = "AnarSec"
+
+[languages.pt.translations]
+language_name = "pt"
+language_selection = "Langue"
+search = "Recherche"
+published = "Publié le"
+edited = "Modifié le"
+letter = "Brochure Letter"
+a4 = "Brochure A4"
+read = "Lire la suite"
+contents = "Sommaire"
+categories = "Catégories"
+defensive = "Défensif"
+offensive = "Offensif"
+tags = "Tags"
+mobile = "téléphonie"
+
+[languages.ru]
+generate_feed = true
+taxonomies = [
+ {name = "categories"},
+ {name = "tags"},
+]
+title = "AnarSec"
+
+[languages.ru.translations]
+language_name = "ru"
+language_selection = "Langue"
+search = "Recherche"
+published = "Publié le"
+edited = "Modifié le"
+letter = "Brochure Letter"
+a4 = "Brochure A4"
+read = "Lire la suite"
+contents = "Sommaire"
+categories = "Catégories"
+defensive = "Défensif"
+offensive = "Offensif"
+tags = "Tags"
+mobile = "téléphonie"
+
[extra]
navbar_items = [
{ code = "en", nav_items = [
@@ -82,6 +154,27 @@ navbar_items = [
{ url = "$BASE_URL/fr/recommendations/", name = "Recommendations" },
{ url = "$BASE_URL/fr/glossary/", name = "Glossaire" },
{ url = "$BASE_URL/fr/contact/", name = "Contact" },
+ ] },
+ { code = "el", nav_items = [
+ { url = "$BASE_URL/el/posts/", name = "Guides" },
+ { url = "$BASE_URL/el/series/", name = "Séries" },
+ { url = "$BASE_URL/el/recommendations/", name = "Recommendations" },
+ { url = "$BASE_URL/el/glossary/", name = "Glossaire" },
+ { url = "$BASE_URL/el/contact/", name = "Contact" },
+ ] },
+ { code = "pt", nav_items = [
+ { url = "$BASE_URL/pt/posts/", name = "Guides" },
+ { url = "$BASE_URL/pt/series/", name = "Séries" },
+ { url = "$BASE_URL/pt/recommendations/", name = "Recommendations" },
+ { url = "$BASE_URL/pt/glossary/", name = "Glossaire" },
+ { url = "$BASE_URL/pt/contact/", name = "Contact" },
+ ] },
+ { code = "ru", nav_items = [
+ { url = "$BASE_URL/ru/posts/", name = "Guides" },
+ { url = "$BASE_URL/ru/series/", name = "Séries" },
+ { url = "$BASE_URL/ru/recommendations/", name = "Recommendations" },
+ { url = "$BASE_URL/ru/glossary/", name = "Glossaire" },
+ { url = "$BASE_URL/ru/contact/", name = "Contact" },
] }
]
diff --git a/content/_index.el.md b/content/_index.el.md
new file mode 100644
index 0000000..b93aec0
--- /dev/null
+++ b/content/_index.el.md
@@ -0,0 +1,21 @@
++++
+sort_by = "date"
+paginate_by = 10
+title = "Tech Guides for Anarchists"
++++
+
+
+
+**You want a quick overview of our** **[advice for all anarchists?](/recommendations)**
+
+**You need to** **[do action research or write an anonymous communique?](/posts/tails)**
+
+**You need** **[increased security against malware?](/posts/qubes)**
+
+**You want to** **[protect your digital devices from covert house visits by law enforcement?](/posts/tamper)**
+
+See all guides
+
+ 
+
+
diff --git a/content/_index.pt.md b/content/_index.pt.md
new file mode 100644
index 0000000..b93aec0
--- /dev/null
+++ b/content/_index.pt.md
@@ -0,0 +1,21 @@
++++
+sort_by = "date"
+paginate_by = 10
+title = "Tech Guides for Anarchists"
++++
+
+
+
+**You want a quick overview of our** **[advice for all anarchists?](/recommendations)**
+
+**You need to** **[do action research or write an anonymous communique?](/posts/tails)**
+
+**You need** **[increased security against malware?](/posts/qubes)**
+
+**You want to** **[protect your digital devices from covert house visits by law enforcement?](/posts/tamper)**
+
+See all guides
+
+
+
+
diff --git a/content/_index.ru.md b/content/_index.ru.md
new file mode 100644
index 0000000..b93aec0
--- /dev/null
+++ b/content/_index.ru.md
@@ -0,0 +1,21 @@
++++
+sort_by = "date"
+paginate_by = 10
+title = "Tech Guides for Anarchists"
++++
+
+
+
+**You want a quick overview of our** **[advice for all anarchists?](/recommendations)**
+
+**You need to** **[do action research or write an anonymous communique?](/posts/tails)**
+
+**You need** **[increased security against malware?](/posts/qubes)**
+
+**You want to** **[protect your digital devices from covert house visits by law enforcement?](/posts/tamper)**
+
+See all guides
+
+
+
+
diff --git a/content/contact/_index.el.md b/content/contact/_index.el.md
new file mode 100644
index 0000000..cceb4eb
--- /dev/null
+++ b/content/contact/_index.el.md
@@ -0,0 +1,29 @@
++++
+title = "Contact"
+sort_by = "date"
+paginate_by = 5
++++
+
+
+
+
+
+**Email**: anarsec (at) riseup (dot) net
+
+[PGP key](/anarsec.asc)
+
+>Our PGP public key can be verified from a second location [at 0xacab](https://0xacab.org/anarsec/anarsec.guide/-/blob/no-masters/static/anarsec.asc) — commit SHA should be 4ab7e7262f51a661b02e1cf6712b75101f4b25e1.
+>
+>WayBack Machine of PGP key: [anarsec.guide](https://web.archive.org/web/20230619164601/https://www.anarsec.guide/anarsec.asc) / [0xacab.org](https://web.archive.org/web/20230619164309/https://0xacab.org/anarsec/anarsec.guide/-/blob/no-masters/static/anarsec.asc)
+
+
+# Contribute
+
+Anarsec encourages contributions! If you would like to suggest edits to a guide, we prefer that you contact us rather than submit a merge request on 0xacab. This is to maintain a unified tone and style to the guides.
+
+We are also open to submitted guides — please get in touch with proposals.
+
+>0xacab commits are signed with SSH key fingerprint:
+xXfPe+zku+SaJorO4XldMFcAVPMmQQgLHl4VpmYhiok
+
+
+
+
+
+
+**Email**: anarsec (at) riseup (dot) net
+
+[PGP key](/anarsec.asc)
+
+>Our PGP public key can be verified from a second location [at 0xacab](https://0xacab.org/anarsec/anarsec.guide/-/blob/no-masters/static/anarsec.asc) — commit SHA should be 4ab7e7262f51a661b02e1cf6712b75101f4b25e1.
+>
+>WayBack Machine of PGP key: [anarsec.guide](https://web.archive.org/web/20230619164601/https://www.anarsec.guide/anarsec.asc) / [0xacab.org](https://web.archive.org/web/20230619164309/https://0xacab.org/anarsec/anarsec.guide/-/blob/no-masters/static/anarsec.asc)
+
+
+# Contribute
+
+Anarsec encourages contributions! If you would like to suggest edits to a guide, we prefer that you contact us rather than submit a merge request on 0xacab. This is to maintain a unified tone and style to the guides.
+
+We are also open to submitted guides — please get in touch with proposals.
+
+>0xacab commits are signed with SSH key fingerprint:
+xXfPe+zku+SaJorO4XldMFcAVPMmQQgLHl4VpmYhiok
+
+
+
+
+
+
+**Email**: anarsec (at) riseup (dot) net
+
+[PGP key](/anarsec.asc)
+
+>Our PGP public key can be verified from a second location [at 0xacab](https://0xacab.org/anarsec/anarsec.guide/-/blob/no-masters/static/anarsec.asc) — commit SHA should be 4ab7e7262f51a661b02e1cf6712b75101f4b25e1.
+>
+>WayBack Machine of PGP key: [anarsec.guide](https://web.archive.org/web/20230619164601/https://www.anarsec.guide/anarsec.asc) / [0xacab.org](https://web.archive.org/web/20230619164309/https://0xacab.org/anarsec/anarsec.guide/-/blob/no-masters/static/anarsec.asc)
+
+
+# Contribute
+
+Anarsec encourages contributions! If you would like to suggest edits to a guide, we prefer that you contact us rather than submit a merge request on 0xacab. This is to maintain a unified tone and style to the guides.
+
+We are also open to submitted guides — please get in touch with proposals.
+
+>0xacab commits are signed with SSH key fingerprint:
+xXfPe+zku+SaJorO4XldMFcAVPMmQQgLHl4VpmYhiok
+
+
+
+
+> This glossary defines terms commonly used in AnarSec articles.
+
+### Asynchronous Communication
+
+Unlike [synchronous communication](/glossary/#synchronous-communication), both parties do not need to be online at the same time. This relies on some sort of server to store messages until the message recipients come online. This is the type of messaging that most people are familiar with (email, Signal, etc.).
+
+### Backdoor
+
+A backdoor in software or hardware allows an unauthorized party to bypass access controls. For example, an undocumented developer account in a router allows the developer of that product to bypass the login form. Third parties can also use backdoors to access software/hardware. Hackers want to create backdoors, as do law enforcement agencies.
+
+### Brute-force attack
+
+An attacker who “simply” tries every possible key to access a service or decrypt a file is using “brute force.” This process is called a brute-force attack. More powerful computers make brute-force attacks more feasible. Modern cryptographic protocols are designed to force an adversary (who does not have the cryptographic key) to spend (nearly) as much time as it would take to try every possible key to break the code. The parameters of a good protocol are chosen to make this amount of time impractical.
+
+### Checksums / Fingerprints
+
+Checksums are digital fingerprints: small-sized blocks of data derived from another block of digital data for the purpose of detecting any changes that may have been made. For example, when you download an operating system .iso file, a checksum is listed that looks like: `sha512: 9f923361887ac4b1455bc5ae51c06f2457c6d(continued...)`. You can use [hash functions](https://open.oregonstate.education/defenddissent/chapter/cryptographic-hash/) like SHA512 to create fingerprints. Essentially, this mathematical operation converts the 0's and 1's of the file into a unique "fingerprint". Changing a single 1 or 0 results in a completely different fingerprint. It is often important to know if a file has changed, such as when downloading the image file for an operating system. Fingerprints are often used in cryptography (e.g. in certificates or to verify [public keys](/glossary/#public-key-cryptography) in general). GtkHash is a program that allows you to calculate checksums without using a command line interface.
+
+### Command Line Interface (CLI)
+
+The "command line" is an all-text alternative to the graphical "point and click" tool that most of us are more familiar with; the Command Line Interface (CLI) allows us to do some things that a Graphical User Interface (GUI) does not. Often, either a GUI or a CLI would work, and which you use is a matter of preference. For example, in [Tails](/glossary/#tails), you can verify the [checksum](/glossary/#checksums-fingerprints) of a file using either a GUI (the GtkHash program) or a CLI command (`sha256sum`).
+
+For more information, see [Linux Essentials](/posts/linux/#the-command-line-interface). The Tech Learning Collective's "Foundations: Linux Journey" course on the [command line](https://techlearningcollective.com/foundations/linux-journey/the-shell) is our recommended introduction to using the CLI/terminal.
+
+### Correlation Attack
+
+An end-to-end correlation attack is a theoretical way that a global adversary could break the anonymity of the [Tor network](/glossary/#tor-network). For more information, see [Protecting against determined, skilled attackers](/posts/tails-best/#2-protecting-against-determined-skilled-attackers) and [Make Correlation Attacks More Difficult](/posts/tails/#make-correlation-attacks-more-difficult). For research papers on the subject, see [Thirteen Years of Tor Attacks](https://github.com/Attacks-on-Tor/Attacks-on-Tor#correlation-attacks) and the design proposal on [information leaks in Tor](https://spec.torproject.org/proposals/344-protocol-info-leaks.html).
+
+### CVE
+
+CVE stands for Common Vulnerabilities and Exposures. It is a globally unique identifier for [security vulnerabilities](/glossary/#vulnerability) in software. Identifiers look like “CVE-YEAR-NUMBER.” The year in the identifier is the year the CVE ID was assigned, not the year the vulnerability was publicly disclosed.
+
+### DDoS Attack
+
+A Distributed Denial of Service (DDoS) attack attempts to overload or crash the services of the target system by sending a large number of requests from many sources. The goal of a DDoS attack is to affect the availability of a service or system, such as making a web server unavailable to web browsers.
+
+### Digital Signatures
+
+Digital signatures are based on [public-key cryptography](/glossary/#public-key-cryptography). A private key is used to digitally sign data, while the corresponding public key is used by third parties to verify the signature. Before a public key is used to verify a signature, its authenticity should be verified.
+
+To learn more, [watch this video](https://www.youtube.com/watch?v=s22eJ1eVLTU&listen=false). For a more detailed look, see [Defend Dissent: Authenticity through Cryptographic Signing](https://open.oregonstate.education/defenddissent/chapter/cryptographic-signing/) or our [GPG explanation](/posts/tails-best/#appendix-gpg-explanation).
+
+### Doxxing
+
+The publication of private information about an individual or organization is called doxxing. Before publication, the person doing the doxing may use public databases, social media, or [social engineering](/glossary/#social-engineering) to obtain information.
+
+### Encryption
+
+Encryption is the process of scrambling a message so that it can only be unscrambled (and read) by the intended parties. The method you use to scramble the original message, or *plaintext*, is called the *cipher* or *encryption protocol*. In almost all cases, the cipher is not intended to be kept secret. The scrambled, unreadable, encrypted message is called the ciphertext and can be safely shared. Most ciphers require an additional piece of information, called a *cryptographic key*, to encrypt and decrypt (scramble and unscramble) messages.
+
+For more information, see [symmetric cryptography](/glossary/#symmetric-cryptography), [asymmetric cryptography](/glossary/#public-key-cryptography), or [Defend Dissent: What is Encryption?](https://open.oregonstate.education/defenddissent/chapter/what-is-encryption/)
+
+### End-to-end encryption (e2ee)
+
+Data is [encrypted](/glossary/#encryption) as it travels from one device to another — endpoint to endpoint — and cannot be decrypted by any intermediary. It can only be decrypted by the endpoints. This is different from "encryption at rest", such as [Full Disk Encryption](/glossary/#full-disk-encryption-fde), where the data stored on your device is encrypted when the device is turned off. Both are important!
+
+For more information, check out [Encrypted Messaging for Anarchists](/posts/e2ee), and [Defend Dissent: Protecting Your Communications](https://open.oregonstate.education/defenddissent/chapter/protecting-your-communications/).
+
+### Exploit
+
+An exploit is designed to take advantage of a [vulnerability](/glossary/#vulnerability). Even worse (or better, depending on whether you are the attacker or the target) are [zero-day exploits](/glossary/#zero-day-exploit).
+
+### Forward secrecy
+
+Forward secrecy (FS, also known as “Perfect Forward Secrecy”) combines a system of long-term keys and session keys to protect encrypted communications from future key compromise. An attacker who can record every encrypted message ([man-in-the-middle](/glossary/#man-in-the-middle-attack)) won’t be able to decrypt those messages if the keys are compromised in the future. Modern encryption protocols such as [TLS](/glossary/#https) 1.3 and the Signal Protocol provide FS. For more information, see [Anonymous Planet](https://anonymousplanet.org/guide.html#forward-secrecy).
+
+### Full Disk Encryption (FDE)
+
+FDE means that the entire disk is [encrypted](/glossary/#encryption) until a password is entered when the device is powered on. Not all FDE is created equal. For example, the quality of how FDE is implemented on a phone depends not only on your operating system, but also on your hardware (the model of your phone). FDE uses [symmetric cryptography](/glossary/#symmetric-cryptography), and on Linux it typically uses the [LUKS specification](/glossary/#luks).
+
+### GnuPG / OpenPGP
+
+GnuPG (GPG) is a program that implements the OpenPGP (Pretty Good Privacy) standard. GPG provides cryptographic functions for encrypting, decrypting, and signing text and files. It is a classic example of [public-key cryptography](/glossary/#public-key-cryptography). When used with email, [metadata](/glossary/#metadata) (such as email addresses) remains unencrypted. It does not provide [forward secrecy](/glossary/#forward-secrecy).
+
+For more information, see [this primer](https://github.com/AnarchoTechNYC/meta/wiki/Pretty-Good-Privacy-%28PGP%29). We don't recommend it for encrypted communications, [here's why](/posts/e2ee/#pgp-email).
+
+### Hardening
+
+Hardening is a general term for the process of securing systems against attacks.
+
+### HTTPS
+
+The "S" in HTTPS stands for "secure"; which means that your Internet connection is encrypted using the [Transport Layer Security (TLS)](https://www.youtube.com/watch?v=0TLDTodL7Lc&listen=false) protocol. This involves the website generating a certificate using [public-key cryptography](/glossary/#public-key-cryptography) that can be used to verify its authenticity — that you are actually connecting to the web server you intended, and that this connection is encrypted.
+
+For more information, see [our explanation](/posts/tails/#what-is-https) or [Defend Dissent: Protecting Your Communications](https://open.oregonstate.education/defenddissent/chapter/protecting-your-communications/).
+
+### Linux
+
+Linux is an [open-source](/glossary/#open-source) "kernel" upon which operating systems are built. Unlike Windows or macOS, there are many flavors of Linux operating systems. For example, Ubuntu, Kali, and Tails are based on Debian. Manjaro is based on Arch. For more information, see [Linux Essentials](/posts/linux).
+
+### LUKS
+
+The [Linux Unified Key Setup (LUKS)](https://gitlab.com/cryptsetup/cryptsetup) is a platform-independent specification for disk encryption. It is the standard used in [Tails](/glossary/#tails), [Qubes OS](/glossary/#qubes-os), Ubuntu, etc. LUKS encryption is only effective when the device is powered off. LUKS should use [Argon2id](/posts/tails-best/#passwords) to make it less vulnerable to brute-force attacks.
+
+### Malware
+
+Malware (malicious software) is a generic term for software that contains unwanted or malicious functionality. Malware includes ransomware, Trojan horses, computer viruses, worms, spyware, scareware, adware, etc. Today, malware is more difficult to categorize because sophisticated malware often combines characteristics of different categories. For example, [WannaCry](https://en.wikipedia.org/wiki/WannaCry_ransomware_attack) spread like a worm, but encrypted files and held them for ransom (ransomware).
+
+### Man-in-the-middle attack
+
+An example of a man-in-the-middle attack is when Alice communicates with Bob over the Internet, Eve (eavesdropper) joins the conversation “in the middle” and becomes the man-in-the-middle. Eve can modify, insert, replay, or read messages at will. Protective measures include encryption (confidentiality) and checking the authenticity and integrity of all messages. However, you must also make sure that you are communicating with the expected party. You must verify that you have the real public key of the recipient. For example, this is what you do when you verify a contract's "Safety Number" in the Signal encrypted messaging app.
+
+For a more detailed look, see [Defend Dissent: The Man in the Middle](https://open.oregonstate.education/defenddissent/chapter/the-man-in-the-middle/) and the [Whonix documentation](https://www.whonix.org/wiki/Warning#Man-in-the-middle_Attacks).
+
+### Metadata
+
+Metadata is data that provides information about other data. For example, a JPG file contains the actual image (data) but it may also contain metadata such as the date the file was created, the type of camera, GPS coordinates, and so on. Metadata can be valuable to attackers (to find appropriate exploits for outdated software the target is using), government agencies (to collect information about people to create social graphs), and other parties (to target location-based advertising). Whenever you use a computer, you are likely leaving metadata behind.
+
+For more information, see [Remove Identifying Metadata From Files](/posts/metadata) and [Defend Dissent: Metadata](https://open.oregonstate.education/defenddissent/chapter/metadata/).
+
+### Open-source
+
+The only software we can trust because the "source code" that it is written in is "open" for anyone to examine.
+
+### Operating system (OS)
+
+The system software that runs your device before any other software. Some common examples include Windows, macOS, Linux, Android, and iOS. Linux and some versions of Android are the only open-source options on this list.
+
+### Passphrase
+
+A passphrase is similar to a [password](/glossary/#password), but is made up of words instead of random characters.
+
+### Password
+
+A password is a string of characters used for authentication. A strong password consists of randomly chosen characters that all have the same probability of occurrence and can be created with the KeePassXC Password Generator.
+
+For more information, see [Defend Dissent: Passwords](https://open.oregonstate.education/defenddissent/chapter/passwords/)
+
+### Phishing
+
+Phishing is a technique of [social engineering](/glossary/#social-engineering). Attackers send SMS messages, emails, chat messages, etc. to their targets to get their personal information. The attackers can then try to impersonate their victims. It can also be used to get the victim to download [malware](/glossary/#malware) onto a system, which can be used as a starting point for hacking. [Spear phishing](/glossary/#spear-phishing) is a more sophisticated form of phishing. For more information, see the [Kicksecure documentation](https://www.kicksecure.com/wiki/Social_Engineering).
+
+### Physical attacks
+
+A physical attack is a situation where an adversary first gains physical access to your device through loss, theft, or confiscation. For example, your phone may be confiscated when you cross a border or are arrested. This is in contrast to a [remote attack](/glossary/#remote-attacks).
+
+For more information, see [Making Your Electronics Tamper-Evident](/posts/tamper), the [Threat Library](https://notrace.how/threat-library/techniques/targeted-digital-surveillance/physical-access.html), the [KickSecure documentation](https://www.kicksecure.com/wiki/Protection_Against_Physical_Attacks), and [Defend Dissent: Protecting Your Devices](https://open.oregonstate.education/defenddissent/chapter/protecting-your-devices/).
+
+### Plausible deniability
+
+Plausible deniability can be a security objective. It is achieved when you can’t prove that a person/system sent a particular message. Then that person/system can plausibly deny being the sender of the message.
+
+### Public-key cryptography
+
+Public-key cryptography (or asymmetric cryptography) is the opposite of [symmetric cryptography](/glossary/#symmetric-cryptography). Each party has two keys (public and private). The private key must be kept secret and is used for decryption; the public key must be made public, and is used for encryption. This is the model used for encrypted communication, since the public key cannot be used for decryption. All other parties must verify that a published public key belongs to its intended owner to avoid [man-in-the-middle attacks](/glossary/#man-in-the-middle-attack).
+
+There are several approaches to public-key cryptography. For example, some cryptosystems are based on the algebraic structure of elliptic curves over finite fields (ECC). Others are based on the difficulty of factoring the product of two large prime numbers (RSA). Public-key cryptography can also be used for [digital signatures](/glossary/#digital-signatures).
+
+To learn more, watch [this video](https://www.youtube.com/watch?v=GSIDS_lvRv4), or for a more detailed look, see [Defend Dissent: Public-Key Cryptography](https://open.oregonstate.education/defenddissent/chapter/public-key-cryptography/).
+
+### Qubes OS
+
+You can think of [Qubes OS](https://www.qubes-os.org/) as Linux + [virtual machines](/glossary/#virtual-machine-vm). We [recommend](/recommendations) it as an everyday operating system for intermediate Linux users.
+
+### Remote attacks
+
+By remote attack, we mean that an adversary would access the data on your phone or laptop through an Internet or data connection. There are companies that develop and sell the ability to infect your device (usually focusing on smartphones) with [malware](/glossary/#malware) that would allow their customer (your adversary, be it a corporate or state agent) to remotely access some or all of your information. This is in contrast to a [physical attack](/glossary/#physical-attacks).
+
+For a more detailed look, see [Defend Dissent: Protecting Your Devices](https://open.oregonstate.education/defenddissent/chapter/protecting-your-devices/).
+
+### Sandboxing
+
+Sandboxing is the software-based isolation of applications to mitigate system failures or vulnerabilities. For example, if an attacker hacks an application that is "sandboxed", the attacker must escape the sandbox to hack the entire system. [Virtualization](/glossary/#virtualization) is the most powerful implementation of sandboxing.
+
+### Security goal
+
+Security goals are concepts in information security that define what needs to be achieved. Well-known security goals are confidentiality, integrity, and availability (known as the CIA triad).
+
+### Social engineering
+
+Social engineering is a general term for the psychological manipulation of people to perform actions. Social engineering doesn't depend on technology; it's quite common in everyday life. For example, children cry to manipulate their parents; commercials manipulate their viewers. In information security, [phishing](/glossary/#phishing) is a common social engineering technique.
+
+### Spear phishing
+
+Spear phishing is more sophisticated than regular [phishing](/glossary/#phishing), which casts a wide net. In spear phishing, attackers customize their forged messages and send them to a smaller number of potential victims. Spear phishing requires more research on the part of the attacker; however, the success rate of spear phishing attacks is higher than the success rate of regular phishing attacks.
+
+### Supply-chain attack
+
+A supply-chain attack can affect any user of hardware or software components. Attackers manipulate a component during the manufacturing process. In most cases, the actual attack occurs before the targeted user has the manipulated component. Examples include tampered compilers or firmware, and attacks such as [Stuxnet](https://en.wikipedia.org/wiki/Stuxnet) or [SolarWinds](https://en.wikipedia.org/wiki/2020_SolarWinds_watering_hole_attack).
+
+### Symmetric cryptography
+
+Symmetric cryptography is the opposite of [public-key cryptography](/glossary/#public-key-cryptography). Two parties need the same private key to communicate with each other. They both use this key to encrypt and decrypt data. Symmetric cryptography is faster than public-key cryptography, but you must exchange keys securely. AES is a well-known example of symmetric cryptography. This is the model used for [Full Disk Encryption](/glossary/#full-disk-encryption-fde) (e.g. used by [LUKS](/glossary/#luks) in Linux Full Disk Encryption).
+
+### Synchronous communication
+
+Unlike [asynchronous communication](/glossary/#asynchronous-communication), both parties must be online at the same time. This does not require servers for the communication and is often referred to as "peer to peer".
+
+### Tails
+
+Tails is an operating system that makes secure and anonymous computer use accessible to everyone. Tails runs from a USB drive and is designed to leave no trace of your activity on your computer unless you explicitly want it to.
+
+Tails uses the [Tor anonymity network](/glossary/#tor-network) to protect your privacy online; all software is configured to connect to the Internet through Tor. If an application tries to connect to the Internet directly, it is automatically blocked for security reasons.
+
+For more information, see [Tails for Anarchists](/posts/tails).
+
+### Threat model
+
+Threat modeling is a family of activities for improving security by identifying a set of adversaries, [security goals](/glossary/#security-goal), and [vulnerabilities](/glossary/#vulnerability), and then defining countermeasures to prevent or mitigate the effects of threats to the system. A threat is a potential or actual undesirable event that can be malicious (such as a [DDoS attack](/glossary/#ddos-attack)) or accidental (such as a hard drive failure). Threat modeling is the deliberate activity of identifying and assessing threats and vulnerabilities.
+
+For more information, see [the No Trace Project Threat Library](https://notrace.how/threat-library/), [Defend Dissent: Digital Threats to Social Movements](https://open.oregonstate.education/defenddissent/chapter/digital-threats/) and [Defending against Surveillance and Suppression](https://open.oregonstate.education/defenddissent/chapter/surveillance-and-suppression/).
+
+### Tor network
+
+[Tor](https://www.torproject.org/) (short for The Onion Router) is an open and distributed network that helps defend against traffic analysis. Tor protects you by routing your communications through a network of relays run by volunteers around the world: it prevents someone monitoring your Internet connection from learning what sites you visit, and it prevents the operators of the sites you visit from learning your physical location.
+
+Every website visited through the Tor network passes through 3 relays. Relays are servers hosted by different people and organizations around the world. No single relay ever knows both where the encrypted connection is coming from and where it is going. An excerpt from a leaked top-secret NSA assessment calls Tor "the King of high secure, low latency Internet anonymity" with "no contenders for the throne in waiting". The Tor network can be accessed through the Tor Browser on any operating system. The [Tails](/glossary/#tails) operating system forces every program to use the Tor network when accessing the Internet.
+
+For more information, see [Tails for Anarchists](/posts/tails/#tor) and [Privacy Guides](https://www.privacyguides.org/en/advanced/tor-overview/). To understand the limitations of Tor, see the [Whonix documentation](https://www.whonix.org/wiki/Warning).
+
+### Two-Factor Authentication (2FA)
+
+Two-factor authentication (or “2FA”) is a way for a user to identify themselves to a service provider by requiring a combination of two different authentication methods. These can be something the user knows (such as a password or PIN) or something the user has (such as a hardware token or mobile phone).
+
+### Virtualization
+
+Virtualization is a technology that creates a virtual version of something, including virtual computer hardware. A [Virtual Machine](/glossary/#virtual-machine-vm) takes advantage of this technology.
+
+### Virtual Machine (VM)
+
+A virtual machine is a [virtualization](/glossary/#virtualization)/emulation of a computer system. Virtual machines are based on computer architectures and provide the functionality of a physical computer. This can provide the security benefit of [sandboxing](/glossary/#sandboxing). [Qubes OS](/glossary/#qubes-os) consists of VMs that [run directly on the hardware](https://www.qubes-os.org/faq/#how-does-qubes-os-compare-to-running-vms-in-a-conventional-os) (referred to as "bare metal"). According to the Qubes project, "virtualization is currently the only practically viable approach to implementing strong isolation while simultaneously providing compatibility with existing applications and drivers."
+
+### VoIP (Voice over Internet Protocol)
+
+Google Voice is a well-known and insecure VoIP service; this technology routes your calls over the Internet (as Signal does) instead of using standard cell tower transmission. Unlike Signal, VoIP allows you to receive calls from anyone, not just other Signal users. The advantage of using VoIP for calls over a data plan is that you can create different numbers for different activities (one for bills, one for signing up for a Signal account, etc.), and you never need to turn off Airplane mode. The advantage of using a data plan instead is that you can use it away from Wi-Fi, at the cost of geolocation (i.e. it will be possible for your service provider and possibly other parties to know where your device is at any given time).
+
+### VPN (Virtual Private Network)
+
+A VPN extends a private network (like your home network) over a public network (like the Internet). Devices connected to the VPN are part of the private network, even if they are physically located elsewhere. Applications that use a VPN are subject to the functionality, security, and management of the private network.
+
+In other words, it is a technology that essentially makes it appear that you are connecting to the Internet from the network of the company providing the service, rather than from your home network. Your connection to the company is through an encrypted "tunnel". A VPN is not the best tool for anonymity (defined as knowing who you are — Tor is far better), but it can partially enhance your privacy (defined as knowing what you are doing).
+
+It is important to emphasize this to cut through the widespread marketing hype; [a VPN is not enough to keep you anonymous](https://www.ivpn.net/privacy-guides/will-a-vpn-protect-me/). Using a VPN can be thought of as simply shifting your trust from a local Internet Service Provider which is guaranteed to be a snitch to a remote company that claims to limit its ability to effectively snitch on you.
+
+For more information, see [Privacy Guides](https://www.privacyguides.org/en/basics/vpn-overview/), and for an excellent comparison of a VPN and [Tor](/glossary/#tor-network), see [Defend Dissent: Anonymous Routing](https://open.oregonstate.education/defenddissent/chapter/anonymous-routing/).
+
+### Vulnerability
+
+Vulnerabilities are [exploitable](/glossary/#exploit) security flaws in software or hardware. Well-known vulnerabilities have names like Heartbleed, Shellshock, Spectre, or Stagefright and at least one [CVE](/glossary/#cve) identifier. Vulnerabilities don't always have exploits. A popular vulnerability severity rating system is [CVSS](https://en.wikipedia.org/wiki/Common_Vulnerability_Scoring_System).
+
+### Zero-day exploit
+
+A zero-day [exploit](/glossary/#exploit) is unknown to the public, the vendor, or other parties that would normally mitigate it. As a result, it is extremely powerful and highly valued. Governments can either develop their own zero-day exploits or purchase them from a [zero-day broker](https://www.wired.com/story/untold-history-americas-zero-day-market/).
+
+
diff --git a/content/glossary/_index.pt.md b/content/glossary/_index.pt.md
new file mode 100644
index 0000000..a6ab73e
--- /dev/null
+++ b/content/glossary/_index.pt.md
@@ -0,0 +1,253 @@
++++
+title = "Glossary"
+sort_by = "date"
+paginate_by = 5
++++
+
+
+
+> This glossary defines terms commonly used in AnarSec articles.
+
+### Asynchronous Communication
+
+Unlike [synchronous communication](/glossary/#synchronous-communication), both parties do not need to be online at the same time. This relies on some sort of server to store messages until the message recipients come online. This is the type of messaging that most people are familiar with (email, Signal, etc.).
+
+### Backdoor
+
+A backdoor in software or hardware allows an unauthorized party to bypass access controls. For example, an undocumented developer account in a router allows the developer of that product to bypass the login form. Third parties can also use backdoors to access software/hardware. Hackers want to create backdoors, as do law enforcement agencies.
+
+### Brute-force attack
+
+An attacker who “simply” tries every possible key to access a service or decrypt a file is using “brute force.” This process is called a brute-force attack. More powerful computers make brute-force attacks more feasible. Modern cryptographic protocols are designed to force an adversary (who does not have the cryptographic key) to spend (nearly) as much time as it would take to try every possible key to break the code. The parameters of a good protocol are chosen to make this amount of time impractical.
+
+### Checksums / Fingerprints
+
+Checksums are digital fingerprints: small-sized blocks of data derived from another block of digital data for the purpose of detecting any changes that may have been made. For example, when you download an operating system .iso file, a checksum is listed that looks like: `sha512: 9f923361887ac4b1455bc5ae51c06f2457c6d(continued...)`. You can use [hash functions](https://open.oregonstate.education/defenddissent/chapter/cryptographic-hash/) like SHA512 to create fingerprints. Essentially, this mathematical operation converts the 0's and 1's of the file into a unique "fingerprint". Changing a single 1 or 0 results in a completely different fingerprint. It is often important to know if a file has changed, such as when downloading the image file for an operating system. Fingerprints are often used in cryptography (e.g. in certificates or to verify [public keys](/glossary/#public-key-cryptography) in general). GtkHash is a program that allows you to calculate checksums without using a command line interface.
+
+### Command Line Interface (CLI)
+
+The "command line" is an all-text alternative to the graphical "point and click" tool that most of us are more familiar with; the Command Line Interface (CLI) allows us to do some things that a Graphical User Interface (GUI) does not. Often, either a GUI or a CLI would work, and which you use is a matter of preference. For example, in [Tails](/glossary/#tails), you can verify the [checksum](/glossary/#checksums-fingerprints) of a file using either a GUI (the GtkHash program) or a CLI command (`sha256sum`).
+
+For more information, see [Linux Essentials](/posts/linux/#the-command-line-interface). The Tech Learning Collective's "Foundations: Linux Journey" course on the [command line](https://techlearningcollective.com/foundations/linux-journey/the-shell) is our recommended introduction to using the CLI/terminal.
+
+### Correlation Attack
+
+An end-to-end correlation attack is a theoretical way that a global adversary could break the anonymity of the [Tor network](/glossary/#tor-network). For more information, see [Protecting against determined, skilled attackers](/posts/tails-best/#2-protecting-against-determined-skilled-attackers) and [Make Correlation Attacks More Difficult](/posts/tails/#make-correlation-attacks-more-difficult). For research papers on the subject, see [Thirteen Years of Tor Attacks](https://github.com/Attacks-on-Tor/Attacks-on-Tor#correlation-attacks) and the design proposal on [information leaks in Tor](https://spec.torproject.org/proposals/344-protocol-info-leaks.html).
+
+### CVE
+
+CVE stands for Common Vulnerabilities and Exposures. It is a globally unique identifier for [security vulnerabilities](/glossary/#vulnerability) in software. Identifiers look like “CVE-YEAR-NUMBER.” The year in the identifier is the year the CVE ID was assigned, not the year the vulnerability was publicly disclosed.
+
+### DDoS Attack
+
+A Distributed Denial of Service (DDoS) attack attempts to overload or crash the services of the target system by sending a large number of requests from many sources. The goal of a DDoS attack is to affect the availability of a service or system, such as making a web server unavailable to web browsers.
+
+### Digital Signatures
+
+Digital signatures are based on [public-key cryptography](/glossary/#public-key-cryptography). A private key is used to digitally sign data, while the corresponding public key is used by third parties to verify the signature. Before a public key is used to verify a signature, its authenticity should be verified.
+
+To learn more, [watch this video](https://www.youtube.com/watch?v=s22eJ1eVLTU&listen=false). For a more detailed look, see [Defend Dissent: Authenticity through Cryptographic Signing](https://open.oregonstate.education/defenddissent/chapter/cryptographic-signing/) or our [GPG explanation](/posts/tails-best/#appendix-gpg-explanation).
+
+### Doxxing
+
+The publication of private information about an individual or organization is called doxxing. Before publication, the person doing the doxing may use public databases, social media, or [social engineering](/glossary/#social-engineering) to obtain information.
+
+### Encryption
+
+Encryption is the process of scrambling a message so that it can only be unscrambled (and read) by the intended parties. The method you use to scramble the original message, or *plaintext*, is called the *cipher* or *encryption protocol*. In almost all cases, the cipher is not intended to be kept secret. The scrambled, unreadable, encrypted message is called the ciphertext and can be safely shared. Most ciphers require an additional piece of information, called a *cryptographic key*, to encrypt and decrypt (scramble and unscramble) messages.
+
+For more information, see [symmetric cryptography](/glossary/#symmetric-cryptography), [asymmetric cryptography](/glossary/#public-key-cryptography), or [Defend Dissent: What is Encryption?](https://open.oregonstate.education/defenddissent/chapter/what-is-encryption/)
+
+### End-to-end encryption (e2ee)
+
+Data is [encrypted](/glossary/#encryption) as it travels from one device to another — endpoint to endpoint — and cannot be decrypted by any intermediary. It can only be decrypted by the endpoints. This is different from "encryption at rest", such as [Full Disk Encryption](/glossary/#full-disk-encryption-fde), where the data stored on your device is encrypted when the device is turned off. Both are important!
+
+For more information, check out [Encrypted Messaging for Anarchists](/posts/e2ee), and [Defend Dissent: Protecting Your Communications](https://open.oregonstate.education/defenddissent/chapter/protecting-your-communications/).
+
+### Exploit
+
+An exploit is designed to take advantage of a [vulnerability](/glossary/#vulnerability). Even worse (or better, depending on whether you are the attacker or the target) are [zero-day exploits](/glossary/#zero-day-exploit).
+
+### Forward secrecy
+
+Forward secrecy (FS, also known as “Perfect Forward Secrecy”) combines a system of long-term keys and session keys to protect encrypted communications from future key compromise. An attacker who can record every encrypted message ([man-in-the-middle](/glossary/#man-in-the-middle-attack)) won’t be able to decrypt those messages if the keys are compromised in the future. Modern encryption protocols such as [TLS](/glossary/#https) 1.3 and the Signal Protocol provide FS. For more information, see [Anonymous Planet](https://anonymousplanet.org/guide.html#forward-secrecy).
+
+### Full Disk Encryption (FDE)
+
+FDE means that the entire disk is [encrypted](/glossary/#encryption) until a password is entered when the device is powered on. Not all FDE is created equal. For example, the quality of how FDE is implemented on a phone depends not only on your operating system, but also on your hardware (the model of your phone). FDE uses [symmetric cryptography](/glossary/#symmetric-cryptography), and on Linux it typically uses the [LUKS specification](/glossary/#luks).
+
+### GnuPG / OpenPGP
+
+GnuPG (GPG) is a program that implements the OpenPGP (Pretty Good Privacy) standard. GPG provides cryptographic functions for encrypting, decrypting, and signing text and files. It is a classic example of [public-key cryptography](/glossary/#public-key-cryptography). When used with email, [metadata](/glossary/#metadata) (such as email addresses) remains unencrypted. It does not provide [forward secrecy](/glossary/#forward-secrecy).
+
+For more information, see [this primer](https://github.com/AnarchoTechNYC/meta/wiki/Pretty-Good-Privacy-%28PGP%29). We don't recommend it for encrypted communications, [here's why](/posts/e2ee/#pgp-email).
+
+### Hardening
+
+Hardening is a general term for the process of securing systems against attacks.
+
+### HTTPS
+
+The "S" in HTTPS stands for "secure"; which means that your Internet connection is encrypted using the [Transport Layer Security (TLS)](https://www.youtube.com/watch?v=0TLDTodL7Lc&listen=false) protocol. This involves the website generating a certificate using [public-key cryptography](/glossary/#public-key-cryptography) that can be used to verify its authenticity — that you are actually connecting to the web server you intended, and that this connection is encrypted.
+
+For more information, see [our explanation](/posts/tails/#what-is-https) or [Defend Dissent: Protecting Your Communications](https://open.oregonstate.education/defenddissent/chapter/protecting-your-communications/).
+
+### Linux
+
+Linux is an [open-source](/glossary/#open-source) "kernel" upon which operating systems are built. Unlike Windows or macOS, there are many flavors of Linux operating systems. For example, Ubuntu, Kali, and Tails are based on Debian. Manjaro is based on Arch. For more information, see [Linux Essentials](/posts/linux).
+
+### LUKS
+
+The [Linux Unified Key Setup (LUKS)](https://gitlab.com/cryptsetup/cryptsetup) is a platform-independent specification for disk encryption. It is the standard used in [Tails](/glossary/#tails), [Qubes OS](/glossary/#qubes-os), Ubuntu, etc. LUKS encryption is only effective when the device is powered off. LUKS should use [Argon2id](/posts/tails-best/#passwords) to make it less vulnerable to brute-force attacks.
+
+### Malware
+
+Malware (malicious software) is a generic term for software that contains unwanted or malicious functionality. Malware includes ransomware, Trojan horses, computer viruses, worms, spyware, scareware, adware, etc. Today, malware is more difficult to categorize because sophisticated malware often combines characteristics of different categories. For example, [WannaCry](https://en.wikipedia.org/wiki/WannaCry_ransomware_attack) spread like a worm, but encrypted files and held them for ransom (ransomware).
+
+### Man-in-the-middle attack
+
+An example of a man-in-the-middle attack is when Alice communicates with Bob over the Internet, Eve (eavesdropper) joins the conversation “in the middle” and becomes the man-in-the-middle. Eve can modify, insert, replay, or read messages at will. Protective measures include encryption (confidentiality) and checking the authenticity and integrity of all messages. However, you must also make sure that you are communicating with the expected party. You must verify that you have the real public key of the recipient. For example, this is what you do when you verify a contract's "Safety Number" in the Signal encrypted messaging app.
+
+For a more detailed look, see [Defend Dissent: The Man in the Middle](https://open.oregonstate.education/defenddissent/chapter/the-man-in-the-middle/) and the [Whonix documentation](https://www.whonix.org/wiki/Warning#Man-in-the-middle_Attacks).
+
+### Metadata
+
+Metadata is data that provides information about other data. For example, a JPG file contains the actual image (data) but it may also contain metadata such as the date the file was created, the type of camera, GPS coordinates, and so on. Metadata can be valuable to attackers (to find appropriate exploits for outdated software the target is using), government agencies (to collect information about people to create social graphs), and other parties (to target location-based advertising). Whenever you use a computer, you are likely leaving metadata behind.
+
+For more information, see [Remove Identifying Metadata From Files](/posts/metadata) and [Defend Dissent: Metadata](https://open.oregonstate.education/defenddissent/chapter/metadata/).
+
+### Open-source
+
+The only software we can trust because the "source code" that it is written in is "open" for anyone to examine.
+
+### Operating system (OS)
+
+The system software that runs your device before any other software. Some common examples include Windows, macOS, Linux, Android, and iOS. Linux and some versions of Android are the only open-source options on this list.
+
+### Passphrase
+
+A passphrase is similar to a [password](/glossary/#password), but is made up of words instead of random characters.
+
+### Password
+
+A password is a string of characters used for authentication. A strong password consists of randomly chosen characters that all have the same probability of occurrence and can be created with the KeePassXC Password Generator.
+
+For more information, see [Defend Dissent: Passwords](https://open.oregonstate.education/defenddissent/chapter/passwords/)
+
+### Phishing
+
+Phishing is a technique of [social engineering](/glossary/#social-engineering). Attackers send SMS messages, emails, chat messages, etc. to their targets to get their personal information. The attackers can then try to impersonate their victims. It can also be used to get the victim to download [malware](/glossary/#malware) onto a system, which can be used as a starting point for hacking. [Spear phishing](/glossary/#spear-phishing) is a more sophisticated form of phishing. For more information, see the [Kicksecure documentation](https://www.kicksecure.com/wiki/Social_Engineering).
+
+### Physical attacks
+
+A physical attack is a situation where an adversary first gains physical access to your device through loss, theft, or confiscation. For example, your phone may be confiscated when you cross a border or are arrested. This is in contrast to a [remote attack](/glossary/#remote-attacks).
+
+For more information, see [Making Your Electronics Tamper-Evident](/posts/tamper), the [Threat Library](https://notrace.how/threat-library/techniques/targeted-digital-surveillance/physical-access.html), the [KickSecure documentation](https://www.kicksecure.com/wiki/Protection_Against_Physical_Attacks), and [Defend Dissent: Protecting Your Devices](https://open.oregonstate.education/defenddissent/chapter/protecting-your-devices/).
+
+### Plausible deniability
+
+Plausible deniability can be a security objective. It is achieved when you can’t prove that a person/system sent a particular message. Then that person/system can plausibly deny being the sender of the message.
+
+### Public-key cryptography
+
+Public-key cryptography (or asymmetric cryptography) is the opposite of [symmetric cryptography](/glossary/#symmetric-cryptography). Each party has two keys (public and private). The private key must be kept secret and is used for decryption; the public key must be made public, and is used for encryption. This is the model used for encrypted communication, since the public key cannot be used for decryption. All other parties must verify that a published public key belongs to its intended owner to avoid [man-in-the-middle attacks](/glossary/#man-in-the-middle-attack).
+
+There are several approaches to public-key cryptography. For example, some cryptosystems are based on the algebraic structure of elliptic curves over finite fields (ECC). Others are based on the difficulty of factoring the product of two large prime numbers (RSA). Public-key cryptography can also be used for [digital signatures](/glossary/#digital-signatures).
+
+To learn more, watch [this video](https://www.youtube.com/watch?v=GSIDS_lvRv4), or for a more detailed look, see [Defend Dissent: Public-Key Cryptography](https://open.oregonstate.education/defenddissent/chapter/public-key-cryptography/).
+
+### Qubes OS
+
+You can think of [Qubes OS](https://www.qubes-os.org/) as Linux + [virtual machines](/glossary/#virtual-machine-vm). We [recommend](/recommendations) it as an everyday operating system for intermediate Linux users.
+
+### Remote attacks
+
+By remote attack, we mean that an adversary would access the data on your phone or laptop through an Internet or data connection. There are companies that develop and sell the ability to infect your device (usually focusing on smartphones) with [malware](/glossary/#malware) that would allow their customer (your adversary, be it a corporate or state agent) to remotely access some or all of your information. This is in contrast to a [physical attack](/glossary/#physical-attacks).
+
+For a more detailed look, see [Defend Dissent: Protecting Your Devices](https://open.oregonstate.education/defenddissent/chapter/protecting-your-devices/).
+
+### Sandboxing
+
+Sandboxing is the software-based isolation of applications to mitigate system failures or vulnerabilities. For example, if an attacker hacks an application that is "sandboxed", the attacker must escape the sandbox to hack the entire system. [Virtualization](/glossary/#virtualization) is the most powerful implementation of sandboxing.
+
+### Security goal
+
+Security goals are concepts in information security that define what needs to be achieved. Well-known security goals are confidentiality, integrity, and availability (known as the CIA triad).
+
+### Social engineering
+
+Social engineering is a general term for the psychological manipulation of people to perform actions. Social engineering doesn't depend on technology; it's quite common in everyday life. For example, children cry to manipulate their parents; commercials manipulate their viewers. In information security, [phishing](/glossary/#phishing) is a common social engineering technique.
+
+### Spear phishing
+
+Spear phishing is more sophisticated than regular [phishing](/glossary/#phishing), which casts a wide net. In spear phishing, attackers customize their forged messages and send them to a smaller number of potential victims. Spear phishing requires more research on the part of the attacker; however, the success rate of spear phishing attacks is higher than the success rate of regular phishing attacks.
+
+### Supply-chain attack
+
+A supply-chain attack can affect any user of hardware or software components. Attackers manipulate a component during the manufacturing process. In most cases, the actual attack occurs before the targeted user has the manipulated component. Examples include tampered compilers or firmware, and attacks such as [Stuxnet](https://en.wikipedia.org/wiki/Stuxnet) or [SolarWinds](https://en.wikipedia.org/wiki/2020_SolarWinds_watering_hole_attack).
+
+### Symmetric cryptography
+
+Symmetric cryptography is the opposite of [public-key cryptography](/glossary/#public-key-cryptography). Two parties need the same private key to communicate with each other. They both use this key to encrypt and decrypt data. Symmetric cryptography is faster than public-key cryptography, but you must exchange keys securely. AES is a well-known example of symmetric cryptography. This is the model used for [Full Disk Encryption](/glossary/#full-disk-encryption-fde) (e.g. used by [LUKS](/glossary/#luks) in Linux Full Disk Encryption).
+
+### Synchronous communication
+
+Unlike [asynchronous communication](/glossary/#asynchronous-communication), both parties must be online at the same time. This does not require servers for the communication and is often referred to as "peer to peer".
+
+### Tails
+
+Tails is an operating system that makes secure and anonymous computer use accessible to everyone. Tails runs from a USB drive and is designed to leave no trace of your activity on your computer unless you explicitly want it to.
+
+Tails uses the [Tor anonymity network](/glossary/#tor-network) to protect your privacy online; all software is configured to connect to the Internet through Tor. If an application tries to connect to the Internet directly, it is automatically blocked for security reasons.
+
+For more information, see [Tails for Anarchists](/posts/tails).
+
+### Threat model
+
+Threat modeling is a family of activities for improving security by identifying a set of adversaries, [security goals](/glossary/#security-goal), and [vulnerabilities](/glossary/#vulnerability), and then defining countermeasures to prevent or mitigate the effects of threats to the system. A threat is a potential or actual undesirable event that can be malicious (such as a [DDoS attack](/glossary/#ddos-attack)) or accidental (such as a hard drive failure). Threat modeling is the deliberate activity of identifying and assessing threats and vulnerabilities.
+
+For more information, see [the No Trace Project Threat Library](https://notrace.how/threat-library/), [Defend Dissent: Digital Threats to Social Movements](https://open.oregonstate.education/defenddissent/chapter/digital-threats/) and [Defending against Surveillance and Suppression](https://open.oregonstate.education/defenddissent/chapter/surveillance-and-suppression/).
+
+### Tor network
+
+[Tor](https://www.torproject.org/) (short for The Onion Router) is an open and distributed network that helps defend against traffic analysis. Tor protects you by routing your communications through a network of relays run by volunteers around the world: it prevents someone monitoring your Internet connection from learning what sites you visit, and it prevents the operators of the sites you visit from learning your physical location.
+
+Every website visited through the Tor network passes through 3 relays. Relays are servers hosted by different people and organizations around the world. No single relay ever knows both where the encrypted connection is coming from and where it is going. An excerpt from a leaked top-secret NSA assessment calls Tor "the King of high secure, low latency Internet anonymity" with "no contenders for the throne in waiting". The Tor network can be accessed through the Tor Browser on any operating system. The [Tails](/glossary/#tails) operating system forces every program to use the Tor network when accessing the Internet.
+
+For more information, see [Tails for Anarchists](/posts/tails/#tor) and [Privacy Guides](https://www.privacyguides.org/en/advanced/tor-overview/). To understand the limitations of Tor, see the [Whonix documentation](https://www.whonix.org/wiki/Warning).
+
+### Two-Factor Authentication (2FA)
+
+Two-factor authentication (or “2FA”) is a way for a user to identify themselves to a service provider by requiring a combination of two different authentication methods. These can be something the user knows (such as a password or PIN) or something the user has (such as a hardware token or mobile phone).
+
+### Virtualization
+
+Virtualization is a technology that creates a virtual version of something, including virtual computer hardware. A [Virtual Machine](/glossary/#virtual-machine-vm) takes advantage of this technology.
+
+### Virtual Machine (VM)
+
+A virtual machine is a [virtualization](/glossary/#virtualization)/emulation of a computer system. Virtual machines are based on computer architectures and provide the functionality of a physical computer. This can provide the security benefit of [sandboxing](/glossary/#sandboxing). [Qubes OS](/glossary/#qubes-os) consists of VMs that [run directly on the hardware](https://www.qubes-os.org/faq/#how-does-qubes-os-compare-to-running-vms-in-a-conventional-os) (referred to as "bare metal"). According to the Qubes project, "virtualization is currently the only practically viable approach to implementing strong isolation while simultaneously providing compatibility with existing applications and drivers."
+
+### VoIP (Voice over Internet Protocol)
+
+Google Voice is a well-known and insecure VoIP service; this technology routes your calls over the Internet (as Signal does) instead of using standard cell tower transmission. Unlike Signal, VoIP allows you to receive calls from anyone, not just other Signal users. The advantage of using VoIP for calls over a data plan is that you can create different numbers for different activities (one for bills, one for signing up for a Signal account, etc.), and you never need to turn off Airplane mode. The advantage of using a data plan instead is that you can use it away from Wi-Fi, at the cost of geolocation (i.e. it will be possible for your service provider and possibly other parties to know where your device is at any given time).
+
+### VPN (Virtual Private Network)
+
+A VPN extends a private network (like your home network) over a public network (like the Internet). Devices connected to the VPN are part of the private network, even if they are physically located elsewhere. Applications that use a VPN are subject to the functionality, security, and management of the private network.
+
+In other words, it is a technology that essentially makes it appear that you are connecting to the Internet from the network of the company providing the service, rather than from your home network. Your connection to the company is through an encrypted "tunnel". A VPN is not the best tool for anonymity (defined as knowing who you are — Tor is far better), but it can partially enhance your privacy (defined as knowing what you are doing).
+
+It is important to emphasize this to cut through the widespread marketing hype; [a VPN is not enough to keep you anonymous](https://www.ivpn.net/privacy-guides/will-a-vpn-protect-me/). Using a VPN can be thought of as simply shifting your trust from a local Internet Service Provider which is guaranteed to be a snitch to a remote company that claims to limit its ability to effectively snitch on you.
+
+For more information, see [Privacy Guides](https://www.privacyguides.org/en/basics/vpn-overview/), and for an excellent comparison of a VPN and [Tor](/glossary/#tor-network), see [Defend Dissent: Anonymous Routing](https://open.oregonstate.education/defenddissent/chapter/anonymous-routing/).
+
+### Vulnerability
+
+Vulnerabilities are [exploitable](/glossary/#exploit) security flaws in software or hardware. Well-known vulnerabilities have names like Heartbleed, Shellshock, Spectre, or Stagefright and at least one [CVE](/glossary/#cve) identifier. Vulnerabilities don't always have exploits. A popular vulnerability severity rating system is [CVSS](https://en.wikipedia.org/wiki/Common_Vulnerability_Scoring_System).
+
+### Zero-day exploit
+
+A zero-day [exploit](/glossary/#exploit) is unknown to the public, the vendor, or other parties that would normally mitigate it. As a result, it is extremely powerful and highly valued. Governments can either develop their own zero-day exploits or purchase them from a [zero-day broker](https://www.wired.com/story/untold-history-americas-zero-day-market/).
+
+
diff --git a/content/glossary/_index.ru.md b/content/glossary/_index.ru.md
new file mode 100644
index 0000000..a6ab73e
--- /dev/null
+++ b/content/glossary/_index.ru.md
@@ -0,0 +1,253 @@
++++
+title = "Glossary"
+sort_by = "date"
+paginate_by = 5
++++
+
+
+
+> This glossary defines terms commonly used in AnarSec articles.
+
+### Asynchronous Communication
+
+Unlike [synchronous communication](/glossary/#synchronous-communication), both parties do not need to be online at the same time. This relies on some sort of server to store messages until the message recipients come online. This is the type of messaging that most people are familiar with (email, Signal, etc.).
+
+### Backdoor
+
+A backdoor in software or hardware allows an unauthorized party to bypass access controls. For example, an undocumented developer account in a router allows the developer of that product to bypass the login form. Third parties can also use backdoors to access software/hardware. Hackers want to create backdoors, as do law enforcement agencies.
+
+### Brute-force attack
+
+An attacker who “simply” tries every possible key to access a service or decrypt a file is using “brute force.” This process is called a brute-force attack. More powerful computers make brute-force attacks more feasible. Modern cryptographic protocols are designed to force an adversary (who does not have the cryptographic key) to spend (nearly) as much time as it would take to try every possible key to break the code. The parameters of a good protocol are chosen to make this amount of time impractical.
+
+### Checksums / Fingerprints
+
+Checksums are digital fingerprints: small-sized blocks of data derived from another block of digital data for the purpose of detecting any changes that may have been made. For example, when you download an operating system .iso file, a checksum is listed that looks like: `sha512: 9f923361887ac4b1455bc5ae51c06f2457c6d(continued...)`. You can use [hash functions](https://open.oregonstate.education/defenddissent/chapter/cryptographic-hash/) like SHA512 to create fingerprints. Essentially, this mathematical operation converts the 0's and 1's of the file into a unique "fingerprint". Changing a single 1 or 0 results in a completely different fingerprint. It is often important to know if a file has changed, such as when downloading the image file for an operating system. Fingerprints are often used in cryptography (e.g. in certificates or to verify [public keys](/glossary/#public-key-cryptography) in general). GtkHash is a program that allows you to calculate checksums without using a command line interface.
+
+### Command Line Interface (CLI)
+
+The "command line" is an all-text alternative to the graphical "point and click" tool that most of us are more familiar with; the Command Line Interface (CLI) allows us to do some things that a Graphical User Interface (GUI) does not. Often, either a GUI or a CLI would work, and which you use is a matter of preference. For example, in [Tails](/glossary/#tails), you can verify the [checksum](/glossary/#checksums-fingerprints) of a file using either a GUI (the GtkHash program) or a CLI command (`sha256sum`).
+
+For more information, see [Linux Essentials](/posts/linux/#the-command-line-interface). The Tech Learning Collective's "Foundations: Linux Journey" course on the [command line](https://techlearningcollective.com/foundations/linux-journey/the-shell) is our recommended introduction to using the CLI/terminal.
+
+### Correlation Attack
+
+An end-to-end correlation attack is a theoretical way that a global adversary could break the anonymity of the [Tor network](/glossary/#tor-network). For more information, see [Protecting against determined, skilled attackers](/posts/tails-best/#2-protecting-against-determined-skilled-attackers) and [Make Correlation Attacks More Difficult](/posts/tails/#make-correlation-attacks-more-difficult). For research papers on the subject, see [Thirteen Years of Tor Attacks](https://github.com/Attacks-on-Tor/Attacks-on-Tor#correlation-attacks) and the design proposal on [information leaks in Tor](https://spec.torproject.org/proposals/344-protocol-info-leaks.html).
+
+### CVE
+
+CVE stands for Common Vulnerabilities and Exposures. It is a globally unique identifier for [security vulnerabilities](/glossary/#vulnerability) in software. Identifiers look like “CVE-YEAR-NUMBER.” The year in the identifier is the year the CVE ID was assigned, not the year the vulnerability was publicly disclosed.
+
+### DDoS Attack
+
+A Distributed Denial of Service (DDoS) attack attempts to overload or crash the services of the target system by sending a large number of requests from many sources. The goal of a DDoS attack is to affect the availability of a service or system, such as making a web server unavailable to web browsers.
+
+### Digital Signatures
+
+Digital signatures are based on [public-key cryptography](/glossary/#public-key-cryptography). A private key is used to digitally sign data, while the corresponding public key is used by third parties to verify the signature. Before a public key is used to verify a signature, its authenticity should be verified.
+
+To learn more, [watch this video](https://www.youtube.com/watch?v=s22eJ1eVLTU&listen=false). For a more detailed look, see [Defend Dissent: Authenticity through Cryptographic Signing](https://open.oregonstate.education/defenddissent/chapter/cryptographic-signing/) or our [GPG explanation](/posts/tails-best/#appendix-gpg-explanation).
+
+### Doxxing
+
+The publication of private information about an individual or organization is called doxxing. Before publication, the person doing the doxing may use public databases, social media, or [social engineering](/glossary/#social-engineering) to obtain information.
+
+### Encryption
+
+Encryption is the process of scrambling a message so that it can only be unscrambled (and read) by the intended parties. The method you use to scramble the original message, or *plaintext*, is called the *cipher* or *encryption protocol*. In almost all cases, the cipher is not intended to be kept secret. The scrambled, unreadable, encrypted message is called the ciphertext and can be safely shared. Most ciphers require an additional piece of information, called a *cryptographic key*, to encrypt and decrypt (scramble and unscramble) messages.
+
+For more information, see [symmetric cryptography](/glossary/#symmetric-cryptography), [asymmetric cryptography](/glossary/#public-key-cryptography), or [Defend Dissent: What is Encryption?](https://open.oregonstate.education/defenddissent/chapter/what-is-encryption/)
+
+### End-to-end encryption (e2ee)
+
+Data is [encrypted](/glossary/#encryption) as it travels from one device to another — endpoint to endpoint — and cannot be decrypted by any intermediary. It can only be decrypted by the endpoints. This is different from "encryption at rest", such as [Full Disk Encryption](/glossary/#full-disk-encryption-fde), where the data stored on your device is encrypted when the device is turned off. Both are important!
+
+For more information, check out [Encrypted Messaging for Anarchists](/posts/e2ee), and [Defend Dissent: Protecting Your Communications](https://open.oregonstate.education/defenddissent/chapter/protecting-your-communications/).
+
+### Exploit
+
+An exploit is designed to take advantage of a [vulnerability](/glossary/#vulnerability). Even worse (or better, depending on whether you are the attacker or the target) are [zero-day exploits](/glossary/#zero-day-exploit).
+
+### Forward secrecy
+
+Forward secrecy (FS, also known as “Perfect Forward Secrecy”) combines a system of long-term keys and session keys to protect encrypted communications from future key compromise. An attacker who can record every encrypted message ([man-in-the-middle](/glossary/#man-in-the-middle-attack)) won’t be able to decrypt those messages if the keys are compromised in the future. Modern encryption protocols such as [TLS](/glossary/#https) 1.3 and the Signal Protocol provide FS. For more information, see [Anonymous Planet](https://anonymousplanet.org/guide.html#forward-secrecy).
+
+### Full Disk Encryption (FDE)
+
+FDE means that the entire disk is [encrypted](/glossary/#encryption) until a password is entered when the device is powered on. Not all FDE is created equal. For example, the quality of how FDE is implemented on a phone depends not only on your operating system, but also on your hardware (the model of your phone). FDE uses [symmetric cryptography](/glossary/#symmetric-cryptography), and on Linux it typically uses the [LUKS specification](/glossary/#luks).
+
+### GnuPG / OpenPGP
+
+GnuPG (GPG) is a program that implements the OpenPGP (Pretty Good Privacy) standard. GPG provides cryptographic functions for encrypting, decrypting, and signing text and files. It is a classic example of [public-key cryptography](/glossary/#public-key-cryptography). When used with email, [metadata](/glossary/#metadata) (such as email addresses) remains unencrypted. It does not provide [forward secrecy](/glossary/#forward-secrecy).
+
+For more information, see [this primer](https://github.com/AnarchoTechNYC/meta/wiki/Pretty-Good-Privacy-%28PGP%29). We don't recommend it for encrypted communications, [here's why](/posts/e2ee/#pgp-email).
+
+### Hardening
+
+Hardening is a general term for the process of securing systems against attacks.
+
+### HTTPS
+
+The "S" in HTTPS stands for "secure"; which means that your Internet connection is encrypted using the [Transport Layer Security (TLS)](https://www.youtube.com/watch?v=0TLDTodL7Lc&listen=false) protocol. This involves the website generating a certificate using [public-key cryptography](/glossary/#public-key-cryptography) that can be used to verify its authenticity — that you are actually connecting to the web server you intended, and that this connection is encrypted.
+
+For more information, see [our explanation](/posts/tails/#what-is-https) or [Defend Dissent: Protecting Your Communications](https://open.oregonstate.education/defenddissent/chapter/protecting-your-communications/).
+
+### Linux
+
+Linux is an [open-source](/glossary/#open-source) "kernel" upon which operating systems are built. Unlike Windows or macOS, there are many flavors of Linux operating systems. For example, Ubuntu, Kali, and Tails are based on Debian. Manjaro is based on Arch. For more information, see [Linux Essentials](/posts/linux).
+
+### LUKS
+
+The [Linux Unified Key Setup (LUKS)](https://gitlab.com/cryptsetup/cryptsetup) is a platform-independent specification for disk encryption. It is the standard used in [Tails](/glossary/#tails), [Qubes OS](/glossary/#qubes-os), Ubuntu, etc. LUKS encryption is only effective when the device is powered off. LUKS should use [Argon2id](/posts/tails-best/#passwords) to make it less vulnerable to brute-force attacks.
+
+### Malware
+
+Malware (malicious software) is a generic term for software that contains unwanted or malicious functionality. Malware includes ransomware, Trojan horses, computer viruses, worms, spyware, scareware, adware, etc. Today, malware is more difficult to categorize because sophisticated malware often combines characteristics of different categories. For example, [WannaCry](https://en.wikipedia.org/wiki/WannaCry_ransomware_attack) spread like a worm, but encrypted files and held them for ransom (ransomware).
+
+### Man-in-the-middle attack
+
+An example of a man-in-the-middle attack is when Alice communicates with Bob over the Internet, Eve (eavesdropper) joins the conversation “in the middle” and becomes the man-in-the-middle. Eve can modify, insert, replay, or read messages at will. Protective measures include encryption (confidentiality) and checking the authenticity and integrity of all messages. However, you must also make sure that you are communicating with the expected party. You must verify that you have the real public key of the recipient. For example, this is what you do when you verify a contract's "Safety Number" in the Signal encrypted messaging app.
+
+For a more detailed look, see [Defend Dissent: The Man in the Middle](https://open.oregonstate.education/defenddissent/chapter/the-man-in-the-middle/) and the [Whonix documentation](https://www.whonix.org/wiki/Warning#Man-in-the-middle_Attacks).
+
+### Metadata
+
+Metadata is data that provides information about other data. For example, a JPG file contains the actual image (data) but it may also contain metadata such as the date the file was created, the type of camera, GPS coordinates, and so on. Metadata can be valuable to attackers (to find appropriate exploits for outdated software the target is using), government agencies (to collect information about people to create social graphs), and other parties (to target location-based advertising). Whenever you use a computer, you are likely leaving metadata behind.
+
+For more information, see [Remove Identifying Metadata From Files](/posts/metadata) and [Defend Dissent: Metadata](https://open.oregonstate.education/defenddissent/chapter/metadata/).
+
+### Open-source
+
+The only software we can trust because the "source code" that it is written in is "open" for anyone to examine.
+
+### Operating system (OS)
+
+The system software that runs your device before any other software. Some common examples include Windows, macOS, Linux, Android, and iOS. Linux and some versions of Android are the only open-source options on this list.
+
+### Passphrase
+
+A passphrase is similar to a [password](/glossary/#password), but is made up of words instead of random characters.
+
+### Password
+
+A password is a string of characters used for authentication. A strong password consists of randomly chosen characters that all have the same probability of occurrence and can be created with the KeePassXC Password Generator.
+
+For more information, see [Defend Dissent: Passwords](https://open.oregonstate.education/defenddissent/chapter/passwords/)
+
+### Phishing
+
+Phishing is a technique of [social engineering](/glossary/#social-engineering). Attackers send SMS messages, emails, chat messages, etc. to their targets to get their personal information. The attackers can then try to impersonate their victims. It can also be used to get the victim to download [malware](/glossary/#malware) onto a system, which can be used as a starting point for hacking. [Spear phishing](/glossary/#spear-phishing) is a more sophisticated form of phishing. For more information, see the [Kicksecure documentation](https://www.kicksecure.com/wiki/Social_Engineering).
+
+### Physical attacks
+
+A physical attack is a situation where an adversary first gains physical access to your device through loss, theft, or confiscation. For example, your phone may be confiscated when you cross a border or are arrested. This is in contrast to a [remote attack](/glossary/#remote-attacks).
+
+For more information, see [Making Your Electronics Tamper-Evident](/posts/tamper), the [Threat Library](https://notrace.how/threat-library/techniques/targeted-digital-surveillance/physical-access.html), the [KickSecure documentation](https://www.kicksecure.com/wiki/Protection_Against_Physical_Attacks), and [Defend Dissent: Protecting Your Devices](https://open.oregonstate.education/defenddissent/chapter/protecting-your-devices/).
+
+### Plausible deniability
+
+Plausible deniability can be a security objective. It is achieved when you can’t prove that a person/system sent a particular message. Then that person/system can plausibly deny being the sender of the message.
+
+### Public-key cryptography
+
+Public-key cryptography (or asymmetric cryptography) is the opposite of [symmetric cryptography](/glossary/#symmetric-cryptography). Each party has two keys (public and private). The private key must be kept secret and is used for decryption; the public key must be made public, and is used for encryption. This is the model used for encrypted communication, since the public key cannot be used for decryption. All other parties must verify that a published public key belongs to its intended owner to avoid [man-in-the-middle attacks](/glossary/#man-in-the-middle-attack).
+
+There are several approaches to public-key cryptography. For example, some cryptosystems are based on the algebraic structure of elliptic curves over finite fields (ECC). Others are based on the difficulty of factoring the product of two large prime numbers (RSA). Public-key cryptography can also be used for [digital signatures](/glossary/#digital-signatures).
+
+To learn more, watch [this video](https://www.youtube.com/watch?v=GSIDS_lvRv4), or for a more detailed look, see [Defend Dissent: Public-Key Cryptography](https://open.oregonstate.education/defenddissent/chapter/public-key-cryptography/).
+
+### Qubes OS
+
+You can think of [Qubes OS](https://www.qubes-os.org/) as Linux + [virtual machines](/glossary/#virtual-machine-vm). We [recommend](/recommendations) it as an everyday operating system for intermediate Linux users.
+
+### Remote attacks
+
+By remote attack, we mean that an adversary would access the data on your phone or laptop through an Internet or data connection. There are companies that develop and sell the ability to infect your device (usually focusing on smartphones) with [malware](/glossary/#malware) that would allow their customer (your adversary, be it a corporate or state agent) to remotely access some or all of your information. This is in contrast to a [physical attack](/glossary/#physical-attacks).
+
+For a more detailed look, see [Defend Dissent: Protecting Your Devices](https://open.oregonstate.education/defenddissent/chapter/protecting-your-devices/).
+
+### Sandboxing
+
+Sandboxing is the software-based isolation of applications to mitigate system failures or vulnerabilities. For example, if an attacker hacks an application that is "sandboxed", the attacker must escape the sandbox to hack the entire system. [Virtualization](/glossary/#virtualization) is the most powerful implementation of sandboxing.
+
+### Security goal
+
+Security goals are concepts in information security that define what needs to be achieved. Well-known security goals are confidentiality, integrity, and availability (known as the CIA triad).
+
+### Social engineering
+
+Social engineering is a general term for the psychological manipulation of people to perform actions. Social engineering doesn't depend on technology; it's quite common in everyday life. For example, children cry to manipulate their parents; commercials manipulate their viewers. In information security, [phishing](/glossary/#phishing) is a common social engineering technique.
+
+### Spear phishing
+
+Spear phishing is more sophisticated than regular [phishing](/glossary/#phishing), which casts a wide net. In spear phishing, attackers customize their forged messages and send them to a smaller number of potential victims. Spear phishing requires more research on the part of the attacker; however, the success rate of spear phishing attacks is higher than the success rate of regular phishing attacks.
+
+### Supply-chain attack
+
+A supply-chain attack can affect any user of hardware or software components. Attackers manipulate a component during the manufacturing process. In most cases, the actual attack occurs before the targeted user has the manipulated component. Examples include tampered compilers or firmware, and attacks such as [Stuxnet](https://en.wikipedia.org/wiki/Stuxnet) or [SolarWinds](https://en.wikipedia.org/wiki/2020_SolarWinds_watering_hole_attack).
+
+### Symmetric cryptography
+
+Symmetric cryptography is the opposite of [public-key cryptography](/glossary/#public-key-cryptography). Two parties need the same private key to communicate with each other. They both use this key to encrypt and decrypt data. Symmetric cryptography is faster than public-key cryptography, but you must exchange keys securely. AES is a well-known example of symmetric cryptography. This is the model used for [Full Disk Encryption](/glossary/#full-disk-encryption-fde) (e.g. used by [LUKS](/glossary/#luks) in Linux Full Disk Encryption).
+
+### Synchronous communication
+
+Unlike [asynchronous communication](/glossary/#asynchronous-communication), both parties must be online at the same time. This does not require servers for the communication and is often referred to as "peer to peer".
+
+### Tails
+
+Tails is an operating system that makes secure and anonymous computer use accessible to everyone. Tails runs from a USB drive and is designed to leave no trace of your activity on your computer unless you explicitly want it to.
+
+Tails uses the [Tor anonymity network](/glossary/#tor-network) to protect your privacy online; all software is configured to connect to the Internet through Tor. If an application tries to connect to the Internet directly, it is automatically blocked for security reasons.
+
+For more information, see [Tails for Anarchists](/posts/tails).
+
+### Threat model
+
+Threat modeling is a family of activities for improving security by identifying a set of adversaries, [security goals](/glossary/#security-goal), and [vulnerabilities](/glossary/#vulnerability), and then defining countermeasures to prevent or mitigate the effects of threats to the system. A threat is a potential or actual undesirable event that can be malicious (such as a [DDoS attack](/glossary/#ddos-attack)) or accidental (such as a hard drive failure). Threat modeling is the deliberate activity of identifying and assessing threats and vulnerabilities.
+
+For more information, see [the No Trace Project Threat Library](https://notrace.how/threat-library/), [Defend Dissent: Digital Threats to Social Movements](https://open.oregonstate.education/defenddissent/chapter/digital-threats/) and [Defending against Surveillance and Suppression](https://open.oregonstate.education/defenddissent/chapter/surveillance-and-suppression/).
+
+### Tor network
+
+[Tor](https://www.torproject.org/) (short for The Onion Router) is an open and distributed network that helps defend against traffic analysis. Tor protects you by routing your communications through a network of relays run by volunteers around the world: it prevents someone monitoring your Internet connection from learning what sites you visit, and it prevents the operators of the sites you visit from learning your physical location.
+
+Every website visited through the Tor network passes through 3 relays. Relays are servers hosted by different people and organizations around the world. No single relay ever knows both where the encrypted connection is coming from and where it is going. An excerpt from a leaked top-secret NSA assessment calls Tor "the King of high secure, low latency Internet anonymity" with "no contenders for the throne in waiting". The Tor network can be accessed through the Tor Browser on any operating system. The [Tails](/glossary/#tails) operating system forces every program to use the Tor network when accessing the Internet.
+
+For more information, see [Tails for Anarchists](/posts/tails/#tor) and [Privacy Guides](https://www.privacyguides.org/en/advanced/tor-overview/). To understand the limitations of Tor, see the [Whonix documentation](https://www.whonix.org/wiki/Warning).
+
+### Two-Factor Authentication (2FA)
+
+Two-factor authentication (or “2FA”) is a way for a user to identify themselves to a service provider by requiring a combination of two different authentication methods. These can be something the user knows (such as a password or PIN) or something the user has (such as a hardware token or mobile phone).
+
+### Virtualization
+
+Virtualization is a technology that creates a virtual version of something, including virtual computer hardware. A [Virtual Machine](/glossary/#virtual-machine-vm) takes advantage of this technology.
+
+### Virtual Machine (VM)
+
+A virtual machine is a [virtualization](/glossary/#virtualization)/emulation of a computer system. Virtual machines are based on computer architectures and provide the functionality of a physical computer. This can provide the security benefit of [sandboxing](/glossary/#sandboxing). [Qubes OS](/glossary/#qubes-os) consists of VMs that [run directly on the hardware](https://www.qubes-os.org/faq/#how-does-qubes-os-compare-to-running-vms-in-a-conventional-os) (referred to as "bare metal"). According to the Qubes project, "virtualization is currently the only practically viable approach to implementing strong isolation while simultaneously providing compatibility with existing applications and drivers."
+
+### VoIP (Voice over Internet Protocol)
+
+Google Voice is a well-known and insecure VoIP service; this technology routes your calls over the Internet (as Signal does) instead of using standard cell tower transmission. Unlike Signal, VoIP allows you to receive calls from anyone, not just other Signal users. The advantage of using VoIP for calls over a data plan is that you can create different numbers for different activities (one for bills, one for signing up for a Signal account, etc.), and you never need to turn off Airplane mode. The advantage of using a data plan instead is that you can use it away from Wi-Fi, at the cost of geolocation (i.e. it will be possible for your service provider and possibly other parties to know where your device is at any given time).
+
+### VPN (Virtual Private Network)
+
+A VPN extends a private network (like your home network) over a public network (like the Internet). Devices connected to the VPN are part of the private network, even if they are physically located elsewhere. Applications that use a VPN are subject to the functionality, security, and management of the private network.
+
+In other words, it is a technology that essentially makes it appear that you are connecting to the Internet from the network of the company providing the service, rather than from your home network. Your connection to the company is through an encrypted "tunnel". A VPN is not the best tool for anonymity (defined as knowing who you are — Tor is far better), but it can partially enhance your privacy (defined as knowing what you are doing).
+
+It is important to emphasize this to cut through the widespread marketing hype; [a VPN is not enough to keep you anonymous](https://www.ivpn.net/privacy-guides/will-a-vpn-protect-me/). Using a VPN can be thought of as simply shifting your trust from a local Internet Service Provider which is guaranteed to be a snitch to a remote company that claims to limit its ability to effectively snitch on you.
+
+For more information, see [Privacy Guides](https://www.privacyguides.org/en/basics/vpn-overview/), and for an excellent comparison of a VPN and [Tor](/glossary/#tor-network), see [Defend Dissent: Anonymous Routing](https://open.oregonstate.education/defenddissent/chapter/anonymous-routing/).
+
+### Vulnerability
+
+Vulnerabilities are [exploitable](/glossary/#exploit) security flaws in software or hardware. Well-known vulnerabilities have names like Heartbleed, Shellshock, Spectre, or Stagefright and at least one [CVE](/glossary/#cve) identifier. Vulnerabilities don't always have exploits. A popular vulnerability severity rating system is [CVSS](https://en.wikipedia.org/wiki/Common_Vulnerability_Scoring_System).
+
+### Zero-day exploit
+
+A zero-day [exploit](/glossary/#exploit) is unknown to the public, the vendor, or other parties that would normally mitigate it. As a result, it is extremely powerful and highly valued. Governments can either develop their own zero-day exploits or purchase them from a [zero-day broker](https://www.wired.com/story/untold-history-americas-zero-day-market/).
+
+
diff --git a/content/posts/_index.el.md b/content/posts/_index.el.md
new file mode 100644
index 0000000..e1b8bd0
--- /dev/null
+++ b/content/posts/_index.el.md
@@ -0,0 +1,5 @@
++++
+title = "Guides"
+sort_by = "date"
+paginate_by = 10
++++
diff --git a/content/posts/_index.pt.md b/content/posts/_index.pt.md
new file mode 100644
index 0000000..e1b8bd0
--- /dev/null
+++ b/content/posts/_index.pt.md
@@ -0,0 +1,5 @@
++++
+title = "Guides"
+sort_by = "date"
+paginate_by = 10
++++
diff --git a/content/posts/_index.ru.md b/content/posts/_index.ru.md
new file mode 100644
index 0000000..e1b8bd0
--- /dev/null
+++ b/content/posts/_index.ru.md
@@ -0,0 +1,5 @@
++++
+title = "Guides"
+sort_by = "date"
+paginate_by = 10
++++
diff --git a/content/posts/nophones/index.el.md b/content/posts/nophones/index.el.md
new file mode 100644
index 0000000..8280091
--- /dev/null
+++ b/content/posts/nophones/index.el.md
@@ -0,0 +1,104 @@
++++
+title='Σκότωσε τον μπάτσο στην τσέπη σου'
+date=2024-04-23
+
+[taxonomies]
+categories = ["Defensive"]
+tags = ["mobile"]
+
+[extra]
+blogimage="/images/prison-pink.jpg"
+toc=true
+dateedit=2024-04-23
+a4="nophones-a4-el.pdf"
+letter="nophones-letter-el.pdf"
++++
+
+Η αποτελεσματική [κουλτούρα ασφάλειας και η επιχειρησιακή ασφάλεια](https://www.notrace.how/blog/a-base-to-stand-on/mia-base-gia-na-statheis.html) εμποδίζουν τις δυνάμεις καταστολής να γνωρίζουν για τις συγκεκριμένες εγκληματικές μας δραστηριότητες, αλλά και για τη ζωή μας, [τις σχέσεις μας](https://notrace.how/threat-library/techniques/network-mapping.html), τα μοτίβα μετακίνησής μας και ούτω καθεξής. Αυτή η γνώση είναι ένα τεράστιο πλεονέκτημα για τον περιορισμό των υπόπτων και τη διεξαγωγή στοχευμένης παρακολούθησης. Αυτό το άρθρο θα περιγράψει μερικές στρατηγικές για να σκοτώσετε τον μπάτσο στην τσέπη σας
+
+
+
+Η τοποθεσία του [τηλεφώνου σας παρακολουθείται ανά πάσα στιγμή](https://www.vice.com/en/article/m7vqkv/how-fbi-gets-phone-data-att-tmobile-verizon) και αυτά τα δεδομένα συλλέγονται από ιδιωτικές εταιρείες, επιτρέποντας στην αστυνομία να παρακάμψει την ανάγκη έκδοσης εντάλματος. [Τα αναγνωριστικά υλικού και οι πληροφορίες συνδρομής](https://anonymousplanet.org/guide.html#your-imei-and-imsi-and-by-extension-your-phone-number) του τηλεφώνου καταγράφονται από κάθε πύργο κινητής τηλεφωνίας στον οποίο συνδέεται το τηλέφωνό σας. Υπηρεσίες hacking, όπως η [Pegasus](https://www.amnesty.org/en/latest/research/2021/07/forensic-methodology-report-how-to-catch-nso-groups-pegasus/), θέτουν τον πλήρη συμβιβασμό των τηλεφώνων σε απόσταση αναπνοής ακόμη και από τις τοπικές αρχές επιβολής του νόμου και είναι "μηδενικό κλικ", που σημαίνει ότι δεν εξαρτώνται από το αν κάνετε κλικ σε έναν σύνδεσμο ή ανοίξετε ένα αρχείο για να χακάρουν το τηλέφωνό σας. Από την άλλη πλευρά, αφού περισσότεροι από 30 εμπρησμοί σε μια μικρή πόλη της Γαλλίας έμειναν ανεξιχνίαστοι, οι [ερευνητές παραπονέθηκαν](https://actforfree.noblogs.org/post/2022/04/17/grenoblefrance-these-saboteurs-of-the-ultra-left-have-been-elusive-for-five-years/) ότι «είναι αδύνατο να χρησιμοποιηθούν δεδομένα τηλεφώνου ή οχήματος επειδή λειτουργούν χωρίς τηλέφωνα ή αυτοκίνητα!»
+
+# Κρυπτογράφηση και γεωεντοπισμός
+
+Σε μια [πρόσφατη κατασταλτική επιχείρηση](https://www.notrace.how/resources/el/#ivan) εναντίον ενός αναρχικού, η αστυνομία παρακολούθησε τη γεωγραφική θέση του flip phone του υπόπτου σε πραγματικό χρόνο και έφτιαξε μια λίστα με όλους όσους είχε καλέσει ο ύποπτος. Είναι γνωστό ότι τέτοιες παρακολουθήσεις δεν είναι ασυνήθιστες, και όμως πολλοί σύντροφοι έχουν μαζί τους ένα κινητό τηλέφωνο όπου κι αν πάνε, ή κάνουν μη κρυπτογραφημένες κλήσεις σε άλλους αναρχικούς. Πιστεύουμε ότι και οι δύο αυτές πρακτικές πρέπει να αποφευχθούν. Ας μην κάνουμε τη δουλειά της αστυνομίας και των υπηρεσιών πληροφοριών τόσο εύκολη, παραδίδοντάς τους τα κοινωνικά μας δίκτυα και το ιστορικό γεωγραφικού εντοπισμού σε ασημένιο πιάτο.
+
+Εάν δεν φύγετε από το σπίτι με τηλέφωνο, η αστυνομία θα πρέπει να καταφύγει σε φυσική παρακολούθηση για να προσδιορίσει πού βρίσκεστε, η οποία απαιτεί πόρους και είναι ανιχνεύσιμη. Εάν ποτέ βρεθείτε υπό φυσική παρακολούθηση, το πρώτο βήμα του ερευνητή είναι να κατανοήσει το «προφίλ κίνησης» σας και το ιστορικό γεωγραφικής θέσης του τηλεφώνου σας παρέχει μια λεπτομερή εικόνα των καθημερινών σας μοτίβων.
+
+Μερικοί αναρχικοί ανταποκρίνονται στα προβλήματα με τα smartphones χρησιμοποιώντας flip phones ή σταθερά τηλέφωνα για να επικοινωνούν μεταξύ τους, αλλά αυτό δεν είναι μια καλή λύση. Τα κινητά και σταθερά τηλέφωνα δεν υποστηρίζουν [κρυπτογραφημένη επικοινωνία](/el/glossary/#end-to-end-encryption-e2ee), οπότε το κράτος μαθαίνει ποιος μιλάει σε ποιον και για τι μιλάει. Ένας πρωταρχικός στόχος της στοχευμένης επιτήρησης είναι η χαρτογράφηση του κοινωνικού δικτύου του στόχου προκειμένου να εντοπιστούν άλλοι στόχοι. Ο μόνος τρόπος για να αποφύγουμε να δώσουμε αυτές τις πληροφορίες στους εχθρούς μας είναι να χρησιμοποιήσουμε μόνο [κρυπτογραφημένα μέσα](/posts/e2ee/) για να επικοινωνήσουμε με άλλους αναρχικούς μέσω της τεχνολογίας.
+
+# Μοτίβα μεταδεδομένων
+
+Η κανονικοποίηση της συνεχούς συνδεσιμότητας εντός της κυρίαρχης κοινωνίας έχει οδηγήσει ορισμένους αναρχικούς να σημειώσουν σωστά ότι τα [μεταδεδομένα](/el/glossary/#metadata) του τηλεφώνου είναι χρήσιμα για τους ερευνητές. Ωστόσο, το συμπέρασμα που βγάζουν κάποιοι από αυτή τη διαπίστωση, ότι δηλαδή ["δεν πρέπει ποτέ να κλείνουμε το τηλέφωνο"](https://web.archive.org/web/20210126183740/https://325.nostate.net/2018/11/09/never-turn-off-the-phone-a-new-approach-to-security-culture), μας οδηγεί σε λάθος κατεύθυνση. Η λογική τους είναι ότι οι αλληλεπιδράσεις σας με την τεχνολογία σχηματίζουν ένα βασικό μοτίβο μεταδεδομένων και οι στιγμές που αποκλίνουν από αυτή τη βασική γραμμή γίνονται ύποπτες εάν συμπίπτουν με το πότε συμβαίνει μια δράση, η οποία μπορεί να χρησιμοποιηθεί από τους ερευνητές για να περιορίσουν τους υπόπτους. Ενώ αυτό είναι αλήθεια, το αντίθετο συμπέρασμα είναι πολύ πιο λογικό: οι αναρχικοί θα πρέπει να ελαχιστοποιήσουν τη δημιουργία μοτίβων μεταδεδομένων στα οποία οι ερευνητές θα έχουν πρόσβαση.
+
+Οι συνδέσεις μας με τις υποδομές της κυριαρχίας πρέπει να παραμείνουν αδιαφανείς και απρόβλεπτες, αν θέλουμε να διατηρήσουμε την ικανότητά μας να χτυπήσουμε τον εχθρό. Τι γίνεται αν η αναγνώριση που απαιτείται για μια δράση περιλαμβάνει ένα ολόκληρο Σαββατοκύριακο μακριά από ηλεκτρονικές συσκευές;Ή ας ξεκινήσουμε με το απλό γεγονός ότι τα τηλέφωνα πρέπει να αφήνονται στο σπίτι κατά τη διάρκεια μιας δράσης - αυτό γίνεται η εξαίρεση σε ένα μοτίβο μόνο αν τα τηλέφωνα μας συνοδεύουν κατά τα άλλα όπου κι αν πάμε.Σε μια κανονιστικά "πάντα συνδεδεμένη" ζωή, οποιαδήποτε από αυτές τις αλλαγές μεταδεδομένων θα κολλήσει σαν πονεμένος αντίχειρας, αλλά αυτό δεν συμβαίνει εάν αρνηθείτε να είστε συνεχώς συνδεδεμένοι. **Για να ελαχιστοποιήσετε το αποτύπωμα μεταδεδομένων, πρέπει να αφήσετε το τηλέφωνό σας στο σπίτι από προεπιλογή.**
+
+# Χρειάζεστε πραγματικά ένα τηλέφωνο;
+
+Τα τηλέφωνα έχουν αποικίσει την καθημερινή ζωή επειδή οι άνθρωποι έχουν ενσταλαχθεί με την πεποίθηση ότι χρειάζονται σύγχρονη επικοινωνία κάθε στιγμή. [Σύγχρονη](/el/glossary/#synchronous-communication) σημαίνει ότι δύο ή περισσότερα μέρη επικοινωνούν σε πραγματικό χρόνο, σε αντίθεση με κάτι [ασύγχρονο](/el/glossary/#asynchronous-communication) όπως το ηλεκτρονικό ταχυδρομείο, όπου τα μηνύματα αποστέλλονται σε διαφορετικές χρονικές στιγμές. Αυτή η «ανάγκη» έχει κανονικοποιηθεί, αλλά αξίζει να αντισταθούμε μέσα στον αναρχικό χώρο. [Η αναρχία μπορεί να είναι μόνο αντιβιομηχανική](https://theanarchistlibrary.org/library/bismuto-beyond-the-moment#toc1). Πρέπει να μάθουμε να ζούμε χωρίς τις ανέσεις που μας πωλούν οι εταιρείες τηλεπικοινωνιών, πρέπει να υπερασπιστούμε (ή να αναζωπυρώσουμε) την ικανότητά μας να ζούμε χωρίς να είμαστε συνδεδεμένοι στο Διαδίκτυο ανά πάσα στιγμή, χωρίς αλγοριθμικές οδηγίες σε πραγματικό χρόνο και χωρίς την άπειρη ευελιξία να αλλάζουμε σχέδια την τελευταία στιγμή.
+
+Εάν αποφασίσετε να χρησιμοποιήσετε ένα τηλέφωνο, προκειμένου να δυσκολέψετε όσο το δυνατόν περισσότερο έναν αντίπαλο να το γεωπαρακολουθήσει, να υποκλέψει τα μηνύματά του ή να το χακάρει, χρησιμοποιήστε το [GrapheneOS](/posts/grapheneos/). Αν μπορούμε να συμφωνήσουμε να **χρησιμοποιούμε μόνο [κρυπτογραφημένες επικοινωνίες](/posts/e2ee/) για να επικοινωνούμε με άλλους αναρχικούς**, αυτό αποκλείει τα flip phones και τα σταθερά τηλέφωνα. Το GrapheneOS είναι το μόνο λειτουργικό σύστημα smartphone που παρέχει εύλογο απόρρητο και ασφάλεια.
+
+**Για να αποτρέψετε την παρακολούθηση των κινήσεών σας, αντιμετωπίστε το smartphone σαν σταθερό τηλέφωνο και αφήστε το στο σπίτι όταν είστε έξω από το σπίτι**. Ακόμα κι αν χρησιμοποιείτε μια κάρτα SIM που αγοράσατε ανώνυμα, εάν συνδεθεί με την ταυτότητά σας στο μέλλον, μπορεί να υποβληθεί αναδρομικά ερώτημα στον πάροχο υπηρεσιών για δεδομένα γεωγραφικής θέσης. Εάν χρησιμοποιείτε το τηλέφωνο όπως συνιστούμε ([ως συσκευή μόνο Wi-Fi](/posts/grapheneos/#what-is-grapheneos) που διατηρείται σε λειτουργία πτήσης ανά πάσα στιγμή), δεν θα συνδεθεί σε κεραίες κινητής τηλεφωνίας. Δεν αρκεί να αφήνετε το τηλέφωνο στο σπίτι μόνο όταν πηγαίνετε σε μια συνάντηση, πορεία ή δράση, επειδή αυτό θα είναι μια εξαίρεση από το κανονικό μοτίβο συμπεριφοράς σας και θα χρησιμεύσει ως ένδειξη ότι η εγκληματική δραστηριότητα λαμβάνει χώρα σε αυτό το χρονικό παράθυρο.
+
+Μπορείτε να επιλέξετε να ζήσετε χωρίς τηλέφωνα εξ ολοκλήρου, εάν δεν αισθάνεστε ότι χρειάζεστε ένα "κρυπτογραφημένο σταθερό τηλέφωνο". Οι ακόλουθες στρατηγικές για την ελαχιστοποίηση της ανάγκης για τηλέφωνα βασίζονται σε υπολογιστές, όπου η σύγχρονη επικοινωνία είναι επίσης δυνατή αλλά πιο περιορισμένη.
+
+## Γραφειοκρατία
+
+Πολλοί γραφειοκρατικοί θεσμοί με τους οποίους είμαστε αναγκασμένοι να ασχοληθούμε καθιστούν δύσκολη τη ζωή χωρίς τηλέφωνο: υγειονομική περίθαλψη, τραπεζικές συναλλαγές κ.λπ. Η επικοινωνία με τις γραφειοκρατίες δεν χρειάζεται να είναι κρυπτογραφημένη, επομένως μπορείτε να χρησιμοποιήσετε μια εφαρμογή [Voice over Internet Protocol (VoIP)](/el/glossary#voip-voice-over-internet-protocol). Αυτό σας επιτρέπει να πραγματοποιείτε τηλεφωνικές κλήσεις μέσω του Διαδικτύου και όχι μέσω πύργων κινητής τηλεφωνίας. Οποιαδήποτε εφαρμογή VoIP που είναι διαθέσιμη σε έναν υπολογιστή είναι ασύγχρονη επειδή δεν κουδουνίζει όταν ο υπολογιστής είναι απενεργοποιημένος — βασίζεστε στη λειτουργία αυτόματου τηλεφωνητή για να επιστρέψετε αναπάντητες κλήσεις. Για παράδειγμα, μια υπηρεσία όπως το [jmp.chat](https://www.kicksecure.com/wiki/Mobile_Phone_Security#Phone_Number_Registration_Unlinked_to_SIM_Card) σας δίνει έναν αριθμό VoIP, τον οποίο μπορείτε να πληρώσετε σε Bitcoin και πραγματοποιείτε κλήσεις χρησιμοποιώντας μια εφαρμογή XMPP — το [Cheogram](https://cheogram.com/) λειτουργεί καλά.
+
+Το VoIP συνήθως λειτουργεί για οποιονδήποτε έλεγχο [ταυτότητας δύο παραγόντων](/el/glossary/#two-factor-authentication-2fa) (2FA) χρειάζεστε (όταν μια υπηρεσία απαιτεί να λάβετε έναν τυχαίο αριθμό για να συνδεθείτε). Οι [διαδικτυακοί αριθμοί τηλεφώνου](https://anonymousplanet.org/guide.html#online-phone-number) είναι μια άλλη επιλογή. Αν και συνήθως πιο ακριβό από το VoIP, ένα αποκλειστικό flip phone ή σταθερό τηλέφωνο λειτουργεί επίσης καλά για την πραγματοποίηση και λήψη «γραφειοκρατικών» κλήσεων από το σπίτι, όπως αυτές που αναφέρονται παραπάνω.
+
+## Επικοινωνία
+
+Το να μην κουβαλάτε το τηλέφωνο παντού απαιτεί μια αλλαγή στον τρόπο που κοινωνικοποιείστε, αν έχετε ήδη [πιαστεί στο δίχτυ](https://theanarchistlibrary.org/library/return-fire-vol-4-supplement-caught-in-the-net). Το να προσπαθούμε σκόπιμα να ελαχιστοποιήσουμε τη διαμεσολάβηση των οθονών στις σχέσεις μας είναι ένας πολύτιμος στόχος από μόνος του.
+
+Η χρήση ενός "κρυπτογραφημένου σταθερού τηλεφώνου" για την πραγματοποίηση τηλεφωνικών κλήσεων και ενός υπολογιστή για κρυπτογραφημένα μηνύματα μας επιτρέπει να αποφύγουμε την ατελείωτη ροή ειδοποιήσεων σε μια συσκευή που είναι πάντα προσβάσιμη.
+
+Θα έκανε σε όλους μας καλό να ρίξουμε μια σκληρή ματιά στη μονοκαλλιέργεια των ομαδικών συνομιλιών Signal που έχουν αντικαταστήσει τις πρόσωπο με πρόσωπο συναντήσεις σε ορισμένα μέρη του αναρχικού χώρου. Αυτή η σύλληψη της οργάνωσης των σχέσεων από την κουλτούρα των smartphones μας αναγκάζει σε μια ατελείωτη συνάντηση που είναι σχετικά εύκολο να επιτηρηθεί.
+
+Τούτου λεχθέντος, η κρυπτογραφημένη επικοινωνία μπορεί να είναι χρήσιμη για τον ορισμό ημερομηνίας και ώρας συνάντησης ή για έργα που μοιράζονται σε μεγάλες αποστάσεις. Δείτε το [Encrypted Messaging for Anarchists](/posts/e2ee/) για διάφορες επιλογές κατάλληλες για ένα αναρχικό [μοντέλο απειλής](/el/glossary/#threat-model).
+
+## Κλήσεις έκτακτης ανάγκης
+
+Ένας περαστικός στο δρόμο θα σας δανείσει συχνά το τηλέφωνό του για να κάνετε μια επείγουσα κλήση εάν του πείτε ότι το δικό σας έχει ξεμείνει από μπαταρία. Για να λαμβάνετε κλήσεις έκτακτης ανάγκης, εάν δεν μπορούν να επικοινωνήσουν μαζί σας όπως περιγράφεται παραπάνω, μπορούμε να σταματήσουμε ο ένας από το σπίτι του άλλου ή να κανονίσουμε εκ των προτέρων check-in μέσω κρυπτογραφημένων μηνυμάτων. Ποια σενάρια απαιτούν πραγματικά να είστε διαθέσιμοι για να λάβετε μια κλήση ανά πάσα στιγμή; Αν αυτά υπάρχουν πραγματικά στη ζωή σας, μπορείτε να οργανωθείτε γύρω τους χωρίς να προβάλλετε αυτή την επείγουσα ανάγκη σε όλους τους άλλους τομείς και στιγμές.
+
+## Οδηγίες
+
+Αγοράστε έναν χάρτινο χάρτη της περιοχής σας και φέρτε τον μαζί σας. Για μεγαλύτερες διαδρομές ή διαδρομές όπου χρειάζεστε οδηγίες, χρησιμοποιήστε το [OpenStreetMap](https://www.openstreetmap.org/) για να τις σημειώσετε εκ των προτέρων.
+
+## Μουσική και podcast
+
+Εξακολουθούν να κάνουν MP3 players! Για πολύ χαμηλότερη τιμή, μπορείτε να παίξετε μουσική και podcast, αλλά η συσκευή δεν διαθέτει GPS ή ραδιοφωνικό υλικό. Ωστόσο, αυτό δεν σημαίνει ότι δεν μπορείτε να εντοπίσετε γεωγραφικά από ένα MP3 player. Εάν συνδέεται σε Wi-Fi, η κατά προσέγγιση τοποθεσία της συσκευής αναπαραγωγής MP3 μπορεί να προσδιοριστεί από τη διεύθυνση IP της.
+
+# Παράρτημα: Ενάντια στο smartphone
+
+*από [Fernweh (#24)](https://fernweh.noblogs.org/texte/24-ausgabe/gegen-das-smartphone/)*
+
+Είναι πάντα μαζί μας, πάντα ενεργό, ανεξάρτητα από το πού βρισκόμαστε ή τι κάνουμε. Μας κρατά ενήμερους για τα πάντα και για όλους: τι κάνουν οι φίλοι μας, πότε φεύγει το επόμενο μετρό και πώς θα είναι ο καιρός αύριο. Μας φροντίζει, μας ξυπνάει το πρωί, μας υπενθυμίζει σημαντικά ραντεβού και πάντα μας ακούει. Ξέρει τα πάντα για εμάς, πότε πηγαίνουμε για ύπνο, πού είμαστε και πότε, με ποιους επικοινωνούμε, ποιοι είναι οι καλύτεροι φίλοι μας, τι μουσική ακούμε και ποια είναι τα χόμπι μας. Και το μόνο που ζητάει είναι λίγο ηλεκτρικό ρεύμα πού και πού;
+
+Όταν περπατάω σε μια περιοχή ή παίρνω το μετρό, το βλέπω σχεδόν σε όλους, και κανείς δεν μπορεί να αντέξει περισσότερο από μερικά δευτερόλεπτα χωρίς να πιάσει μανιωδώς την τσέπη του: το κινητό βγαίνει, ένα μήνυμα στέλνεται, ένα email ελέγχεται, μια φωτογραφία αρέσει. Το βάζουμε πάλι στην άκρη, ένα σύντομο διάλειμμα, και να 'μαστε πάλι, ξεφυλλίζοντας τις σημερινές ειδήσεις και τσεκάροντας τι κάνουν όλοι οι φίλοι...
+
+Είναι ο σύντροφός μας όταν είμαστε στην τουαλέτα, στη δουλειά ή στο σχολείο και προφανώς βοηθά στην καταπολέμηση της πλήξης ενώ περιμένουμε ή εργαζόμαστε κ.λπ. Είναι ίσως αυτός ένας από τους λόγους για την επιτυχία όλων αυτών των τεχνολογικών συσκευών, ότι η πραγματική ζωή είναι τόσο βαρετή και μονότονη που μερικά τετραγωνικά εκατοστά οθόνης είναι σχεδόν πάντα πιο συναρπαστικά από τον κόσμο και τους ανθρώπους γύρω μας; Είναι σαν εθισμός (οι άνθρωποι έχουν σίγουρα συμπτώματα στέρησης...) ή έχει γίνει ακόμη και μέρος του σώματός μας; Χωρίς αυτό, δεν ξέρουμε πλέον πώς να προσανατολιστούμε και νιώθουμε ότι κάτι λείπει; Επομένως, δεν είναι πλέον μόνο ένα εργαλείο ή ένα παιχνίδι, αλλά ένα μέρος μας που ασκεί επίσης έναν ορισμένο έλεγχο πάνω μας, στον οποίο προσαρμόζουμε, για παράδειγμα, να μην φύγετε από το σπίτι μέχρι να φορτιστεί πλήρως η μπαταρία; Είναι το smartphone το πρώτο βήμα για να θολώσει τη γραμμή μεταξύ ανθρώπου και ρομπότ;
+
+Όταν βλέπουμε τι προφητεύουν τεχνοκράτες όλων των ειδών (γυαλιά Google, εμφυτευμένα τσιπ κ.λπ.), φαίνεται σχεδόν σαν να οδεύουμε προς το να γίνουμε cyborgs, άνθρωποι με εμφυτευμένα smartphones που ελέγχουμε μέσω των σκέψεών μας (μέχρι να ελεγχθούν τελικά οι ίδιες οι σκέψεις μας). Δεν προκαλεί έκπληξη το γεγονός ότι τα μέσα μαζικής ενημέρωσης, οι εκπρόσωποι της κυριαρχίας, μας δείχνουν μόνο τις θετικές πτυχές αυτής της εξέλιξης, αλλά είναι συγκλονιστικό το γεγονός ότι σχεδόν κανείς δεν αμφισβητεί αυτή την άποψη. Είναι ίσως το πιο τρελό όνειρο κάθε κυβερνήτη: να μπορεί να παρακολουθεί τις σκέψεις και τις πράξεις του καθενός ανά πάσα στιγμή και να παρεμβαίνει αμέσως σε περίπτωση οποιασδήποτε διαταραχής. Απόλυτα ελεγχόμενες και επιτηρούμενες εργατικές μέλισσες που τους επιτρέπεται να διασκεδάζουν (εικονικά) ως ανταμοιβή, ενώ κάποιοι λίγοι κερδίζουν.
+
+Με τις τεράστιες ποσότητες δεδομένων που είναι πλέον τόσο άμεσα διαθέσιμες από οποιονδήποτε και από όλους οποιαδήποτε στιγμή της ημέρας, ο κοινωνικός έλεγχος και η επιτήρηση έχουν επίσης φτάσει σε ένα εντελώς νέο επίπεδο. Αυτό τώρα πηγαίνει πολύ πέρα από την παρακολούθηση κινητών τηλεφώνων ή το κοσκίνισμα μηνυμάτων (όπως κατά τη διάρκεια των ταραχών του 2011 στο Ηνωμένο Βασίλειο). Με πρόσβαση σε έναν απίστευτο όγκο πληροφοριών, οι υπηρεσίες πληροφοριών είναι σε θέση να ορίσουν τι είναι «φυσιολογικό». Μπορούν να καθορίσουν ποιες τοποθεσίες είναι «φυσιολογικές» για εμάς, ποιες επαφές είναι «φυσιολογικές» κ.λπ. Εν ολίγοις, μπορούν γρήγορα να διαπιστώσουν και σχεδόν σε πραγματικό χρόνο εάν οι άνθρωποι αποκλίνουν από την «κανονική» συμπεριφορά τους. Αυτό δίνει σε μερικούς ανθρώπους τεράστια δύναμη, η οποία χρησιμοποιείται όποτε υπάρχει η ευκαιρία να επωφεληθούν από αυτή τη δύναμη (δηλαδή να παρακολουθούν τους ανθρώπους).
+
+Η τεχνολογία είναι μέρος της εξουσίας, προέρχεται από την εξουσία και χρειάζεται εξουσία. Χρειάζεται ένας κόσμος στον οποίο οι άνθρωποι έχουν ακραία εξουσία για να καταστεί δυνατή η παραγωγή κάτι σαν το smartphone. Όλη η τεχνολογία είναι προϊόν του σημερινού καταπιεστικού κόσμου, είναι μέρος του και θα τον ενισχύσει. Στον σημερινό κόσμο, τίποτα δεν είναι ουδέτερο. Μέχρι σήμερα, όλα όσα έχουν αναπτυχθεί ή αναπτύσσονται έχουν σχεδιαστεί για να επεκτείνουν τον έλεγχο και να κερδίσουν χρήματα. Πολλές από τις καινοτομίες των τελευταίων δεκαετιών (όπως το GPS, η πυρηνική ενέργεια ή το διαδίκτυο) προέρχονται ακόμη και απευθείας από τον στρατό. Τις περισσότερες φορές αυτές οι δύο πτυχές πάνε χέρι-χέρι, αλλά η «ευημερία της ανθρωπότητας» σίγουρα δεν αποτελεί κίνητρο, ειδικά όταν αναπτύσσεται από τον στρατό.
+
+Ίσως παίρνοντας το παράδειγμα της αρχιτεκτονικής μπορεί να απεικονίσει καλύτερα κάτι τόσο περίπλοκο όσο η τεχνολογία: ας πάρουμε μια άδεια και εγκαταλελειμμένη φυλακή, τι πρέπει να γίνει με αυτή τη δομή εκτός από το να την γκρεμίσουμε; Η ίδια η αρχιτεκτονική του, οι τοίχοι του, τα παρατηρητήρια του, τα κελιά του, περιέχουν ήδη τον σκοπό αυτού του κτιρίου: να φυλακίσει τους ανθρώπους και να τους καταστρέψει ψυχολογικά. Θα ήταν αδύνατο για μένα να ζήσω εκεί, απλά επειδή το κτίριο είναι καταπιεστικό. Είναι το ίδιο με όλες τις τεχνολογίες του σήμερα που μας παρουσιάζονται ως πρόοδος και ως κάτι που κάνει τη ζωή ευκολότερη. Σχεδιάστηκαν με την πρόθεση να βγάλουν χρήματα και να μας ελέγξουν, και πάντα θα το φέρουν αυτό. Ανεξάρτητα από το πόσα υποτιθέμενα οφέλη σας προσφέρει το smartphone σας, όσοι πλουτίζουν συλλέγοντας τα δεδομένα σας και παρακολουθώντας σας θα επωφελούνται πάντα περισσότερο από εσάς.
+
+Αν στο παρελθόν λεγόταν ότι «η γνώση είναι δύναμη», σήμερα πρέπει να ειπωθεί ότι «η πληροφορία είναι δύναμη». Όσο περισσότερα γνωρίζουν οι κυβερνήτες για τα ποίμνιά τους, τόσο καλύτερα μπορούν να τα κυριαρχήσουν – με αυτή την έννοια, η τεχνολογία στο σύνολό της είναι ένα ισχυρό εργαλείο ελέγχου για να προβλέψει και έτσι να αποτρέψει τους ανθρώπους από το να ενωθούν για να επιτεθούν σε αυτό που τους καταπιέζει.
+
+Αυτά τα smartphone φαίνεται να χρειάζονται λίγο περισσότερο από λίγη ηλεκτρική ενέργεια... Στη γενιά μας, η οποία τουλάχιστον γνώριζε έναν κόσμο χωρίς smartphones, μπορεί να υπάρχουν ακόμα μερικοί άνθρωποι που καταλαβαίνουν για τι πράγμα μιλάω, που εξακολουθούν να ξέρουν πώς είναι να έχεις μια συζήτηση χωρίς να κοιτάς το τηλέφωνό τους κάθε τριάντα δευτερόλεπτα, να χάνεσαι και να ανακαλύπτεις νέα μέρη με αυτόν τον τρόπο ή να συζητάς κάτι χωρίς να ρωτάς αμέσως την Google για την απάντηση. Αλλά δεν θέλω να επιστρέψω στο παρελθόν, παρόλο που δεν θα ήταν δυνατό ούτως ή άλλως, αλλά όσο περισσότερο η τεχνολογία διεισδύει στη ζωή μας, τόσο πιο δύσκολο γίνεται να την καταστρέψουμε. Τι γίνεται αν είμαστε μία από τις τελευταίες γενιές που μπορούν να σταματήσουν αυτή την εξέλιξη των ανθρώπων σε πλήρως ελεγχόμενα ρομπότ;
+
+Και τι γίνεται αν κάποια στιγμή δεν μπορέσουμε να αντιστρέψουμε αυτή την εξέλιξη; Η ανθρωπότητα έχει φτάσει σε ένα ιστορικά νέο στάδιο με την τεχνολογία. Ένα στάδιο όπου είναι σε θέση να εκμηδενίσει όλη την ανθρώπινη ζωή (πυρηνική ενέργεια) ή να την τροποποιήσει (γενετική τροποποίηση). Το γεγονός αυτό υπογραμμίζει για άλλη μια φορά την ανάγκη να δράσουμε σήμερα για να καταστρέψουμε αυτήν την κοινωνία. Για να γίνει αυτό, πρέπει να συναντήσουμε άλλους ανθρώπους και να επικοινωνήσουμε τις ιδέες μας.
+
+Δεν είναι προφανές ότι αν αντί να μιλάμε μεταξύ μας, επικοινωνούμε μόνο σε μηνύματα των πέντε προτάσεων ή λιγότερο, θα υπάρξουν μακροπρόθεσμες επιπτώσεις; Προφανώς όχι. Πρώτα απ 'όλα, ο τρόπος που σκεφτόμαστε επηρεάζει τον τρόπο που μιλάμε και αντίστροφα - ο τρόπος που μιλάμε και επικοινωνούμε επηρεάζει τον τρόπο που σκεφτόμαστε. Αν μπορούμε να ανταλλάσσουμε μόνο τα πιο σύντομα και συνοπτικά μηνύματα, πώς μπορούμε να μιλάμε για έναν εντελώς διαφορετικό κόσμο; Και αν δεν μπορούμε καν να μιλήσουμε για έναν άλλο κόσμο, πώς μπορούμε να τον φτάσουμε;
+
+Η άμεση επικοινωνία μεταξύ αυτόνομων ατόμων είναι η βάση κάθε κοινής εξέγερσης, είναι το σημείο εκκίνησης κοινών ονείρων και κοινών αγώνων. Χωρίς αδιαμεσολάβητη επικοινωνία, ένας αγώνας ενάντια σε αυτόν τον κόσμο και για την ελευθερία είναι αδύνατος. Ας ξεφορτωθούμε λοιπόν τα smartphones και ας συναντηθούμε πρόσωπο με πρόσωπο σε μια εξέγερση εναντίον αυτού του κόσμου! Ας γίνουμε ανεξέλεγκτοι!
+
+*από* [*athens.indymedia.org*](https://athens.indymedia.org/post/1631201)
+
diff --git a/content/posts/nophones/index.md b/content/posts/nophones/index.md
index 9c179b3..1e305d7 100644
--- a/content/posts/nophones/index.md
+++ b/content/posts/nophones/index.md
@@ -14,7 +14,7 @@ a4="nophones-a4-en.pdf"
letter="nophones-letter-en.pdf"
+++
-Effective [security culture and operational security](https://www.notrace.how/fr/blog/a-base-to-stand-on/a-base-to-stand-on.html) prevents the forces of repression from knowing about our specific criminal activities, but also about our lives, [relationships](https://notrace.how/threat-library/techniques/network-mapping.html), movement patterns, and so on. This knowledge is a huge advantage in narrowing down suspects and conducting targeted surveillance. This article will outline some strategies for killing the cop in your pocket.
+Effective [security culture and operational security](https://www.notrace.how/blog/a-base-to-stand-on/a-base-to-stand-on.html) prevents the forces of repression from knowing about our specific criminal activities, but also about our lives, [relationships](https://notrace.how/threat-library/techniques/network-mapping.html), movement patterns, and so on. This knowledge is a huge advantage in narrowing down suspects and conducting targeted surveillance. This article will outline some strategies for killing the cop in your pocket.
diff --git a/content/recommendations/_index.el.md b/content/recommendations/_index.el.md
new file mode 100644
index 0000000..54af7ab
--- /dev/null
+++ b/content/recommendations/_index.el.md
@@ -0,0 +1,35 @@
++++
+title = "Recommendations"
+sort_by = "date"
+paginate_by = 5
++++
+
+
+
+As anarchists, we must defend ourselves against police and intelligence agencies that conduct [targeted digital surveillance](https://notrace.how/threat-library/techniques/targeted-digital-surveillance.html) for the purposes of [incrimination](https://notrace.how/threat-library/tactics/incrimination.html) and [network mapping](https://notrace.how/threat-library/techniques/network-mapping.html). Our goal is to obscure the State's visibility into our lives and projects. Our recommendations are intended for all anarchists, and they are accompanied by guides to put the advice into practice.
+
+We agree with the conclusion of an overview of [targeted surveillance measures in France](https://actforfree.noblogs.org/post/2023/07/24/number-of-the-day-89502-preventive-surveillance-measures-france/): "So let’s be clear about our responsibilities: if we knowingly bring a networked device equipped with a microphone and/or a camera (cell phone, baby monitor, computer, car GPS, networked watch, etc.) close to a conversation in which “private or confidential words are spoken” and must remain so, even if it's switched off, we become a potential state informer…"
+
+You may also be interested in the Threat Library's ["Digital Best Practices"](https://www.notrace.how/threat-library/mitigations/digital-best-practices.html).
+
+## Your Phone
+
+>**[Operating system](/glossary#operating-system-os)**: **GrapheneOS** is the only reasonably secure choice for cell phones. See [GrapheneOS for Anarchists](/posts/grapheneos/). If you decide to have a phone, treat it like an "encrypted landline" and leave it at home when you are out of the house. See [Kill the Cop in Your Pocket](/posts/nophones/).
+
+## Your Computer
+
+>**[Operating system](/glossary#operating-system-os)**: **Tails** is unparalleled for sensitive computer use (writing and sending communiques, moderating a sketchy website, researching for actions, reading articles that may be criminalized, etc.). Tails runs from a USB drive and is designed with the anti-forensic property of leaving no trace of your activity on your computer, as well as forcing all Internet connections through the [Tor network](/glossary#tor-network). See [Tails for Anarchists](/posts/tails/) and [Tails Best Practices](/posts/tails-best/).
+
+>**[Operating system](/glossary#operating-system-os)**: **Qubes OS** has better security than Tails for many use cases, but has a steeper learning curve and no anti-forensic features. However, it is accessible enough for journalists and other non-technical users. Basic knowledge of using Linux is required — see [Linux Essentials](/posts/linux). Qubes OS can even run Windows programs such as Adobe InDesign, but much more securely than a standard Windows computer. See [Qubes OS for Anarchists](/posts/qubes/).
+
+See [When to Use Tails vs. Qubes OS](/posts/qubes/#when-to-use-tails-vs-qubes-os). We do not offer "harm reduction" advice for Windows or macOS computers, as this is already widespread and gives a false sense of privacy and security.
+
+## Encrypted Messaging
+
+See [Encrypted Messaging for Anarchists](/posts/e2ee/)
+
+## Storing Electronic Devices
+
+See [Make Your Electronics Tamper-Evident](/posts/tamper/).
+
+
diff --git a/content/recommendations/_index.pt.md b/content/recommendations/_index.pt.md
new file mode 100644
index 0000000..54af7ab
--- /dev/null
+++ b/content/recommendations/_index.pt.md
@@ -0,0 +1,35 @@
++++
+title = "Recommendations"
+sort_by = "date"
+paginate_by = 5
++++
+
+
+
+As anarchists, we must defend ourselves against police and intelligence agencies that conduct [targeted digital surveillance](https://notrace.how/threat-library/techniques/targeted-digital-surveillance.html) for the purposes of [incrimination](https://notrace.how/threat-library/tactics/incrimination.html) and [network mapping](https://notrace.how/threat-library/techniques/network-mapping.html). Our goal is to obscure the State's visibility into our lives and projects. Our recommendations are intended for all anarchists, and they are accompanied by guides to put the advice into practice.
+
+We agree with the conclusion of an overview of [targeted surveillance measures in France](https://actforfree.noblogs.org/post/2023/07/24/number-of-the-day-89502-preventive-surveillance-measures-france/): "So let’s be clear about our responsibilities: if we knowingly bring a networked device equipped with a microphone and/or a camera (cell phone, baby monitor, computer, car GPS, networked watch, etc.) close to a conversation in which “private or confidential words are spoken” and must remain so, even if it's switched off, we become a potential state informer…"
+
+You may also be interested in the Threat Library's ["Digital Best Practices"](https://www.notrace.how/threat-library/mitigations/digital-best-practices.html).
+
+## Your Phone
+
+>**[Operating system](/glossary#operating-system-os)**: **GrapheneOS** is the only reasonably secure choice for cell phones. See [GrapheneOS for Anarchists](/posts/grapheneos/). If you decide to have a phone, treat it like an "encrypted landline" and leave it at home when you are out of the house. See [Kill the Cop in Your Pocket](/posts/nophones/).
+
+## Your Computer
+
+>**[Operating system](/glossary#operating-system-os)**: **Tails** is unparalleled for sensitive computer use (writing and sending communiques, moderating a sketchy website, researching for actions, reading articles that may be criminalized, etc.). Tails runs from a USB drive and is designed with the anti-forensic property of leaving no trace of your activity on your computer, as well as forcing all Internet connections through the [Tor network](/glossary#tor-network). See [Tails for Anarchists](/posts/tails/) and [Tails Best Practices](/posts/tails-best/).
+
+>**[Operating system](/glossary#operating-system-os)**: **Qubes OS** has better security than Tails for many use cases, but has a steeper learning curve and no anti-forensic features. However, it is accessible enough for journalists and other non-technical users. Basic knowledge of using Linux is required — see [Linux Essentials](/posts/linux). Qubes OS can even run Windows programs such as Adobe InDesign, but much more securely than a standard Windows computer. See [Qubes OS for Anarchists](/posts/qubes/).
+
+See [When to Use Tails vs. Qubes OS](/posts/qubes/#when-to-use-tails-vs-qubes-os). We do not offer "harm reduction" advice for Windows or macOS computers, as this is already widespread and gives a false sense of privacy and security.
+
+## Encrypted Messaging
+
+See [Encrypted Messaging for Anarchists](/posts/e2ee/)
+
+## Storing Electronic Devices
+
+See [Make Your Electronics Tamper-Evident](/posts/tamper/).
+
+
diff --git a/content/recommendations/_index.ru.md b/content/recommendations/_index.ru.md
new file mode 100644
index 0000000..54af7ab
--- /dev/null
+++ b/content/recommendations/_index.ru.md
@@ -0,0 +1,35 @@
++++
+title = "Recommendations"
+sort_by = "date"
+paginate_by = 5
++++
+
+
+
+As anarchists, we must defend ourselves against police and intelligence agencies that conduct [targeted digital surveillance](https://notrace.how/threat-library/techniques/targeted-digital-surveillance.html) for the purposes of [incrimination](https://notrace.how/threat-library/tactics/incrimination.html) and [network mapping](https://notrace.how/threat-library/techniques/network-mapping.html). Our goal is to obscure the State's visibility into our lives and projects. Our recommendations are intended for all anarchists, and they are accompanied by guides to put the advice into practice.
+
+We agree with the conclusion of an overview of [targeted surveillance measures in France](https://actforfree.noblogs.org/post/2023/07/24/number-of-the-day-89502-preventive-surveillance-measures-france/): "So let’s be clear about our responsibilities: if we knowingly bring a networked device equipped with a microphone and/or a camera (cell phone, baby monitor, computer, car GPS, networked watch, etc.) close to a conversation in which “private or confidential words are spoken” and must remain so, even if it's switched off, we become a potential state informer…"
+
+You may also be interested in the Threat Library's ["Digital Best Practices"](https://www.notrace.how/threat-library/mitigations/digital-best-practices.html).
+
+## Your Phone
+
+>**[Operating system](/glossary#operating-system-os)**: **GrapheneOS** is the only reasonably secure choice for cell phones. See [GrapheneOS for Anarchists](/posts/grapheneos/). If you decide to have a phone, treat it like an "encrypted landline" and leave it at home when you are out of the house. See [Kill the Cop in Your Pocket](/posts/nophones/).
+
+## Your Computer
+
+>**[Operating system](/glossary#operating-system-os)**: **Tails** is unparalleled for sensitive computer use (writing and sending communiques, moderating a sketchy website, researching for actions, reading articles that may be criminalized, etc.). Tails runs from a USB drive and is designed with the anti-forensic property of leaving no trace of your activity on your computer, as well as forcing all Internet connections through the [Tor network](/glossary#tor-network). See [Tails for Anarchists](/posts/tails/) and [Tails Best Practices](/posts/tails-best/).
+
+>**[Operating system](/glossary#operating-system-os)**: **Qubes OS** has better security than Tails for many use cases, but has a steeper learning curve and no anti-forensic features. However, it is accessible enough for journalists and other non-technical users. Basic knowledge of using Linux is required — see [Linux Essentials](/posts/linux). Qubes OS can even run Windows programs such as Adobe InDesign, but much more securely than a standard Windows computer. See [Qubes OS for Anarchists](/posts/qubes/).
+
+See [When to Use Tails vs. Qubes OS](/posts/qubes/#when-to-use-tails-vs-qubes-os). We do not offer "harm reduction" advice for Windows or macOS computers, as this is already widespread and gives a false sense of privacy and security.
+
+## Encrypted Messaging
+
+See [Encrypted Messaging for Anarchists](/posts/e2ee/)
+
+## Storing Electronic Devices
+
+See [Make Your Electronics Tamper-Evident](/posts/tamper/).
+
+
diff --git a/content/search/_index.el.md b/content/search/_index.el.md
new file mode 100644
index 0000000..fb1bc1b
--- /dev/null
+++ b/content/search/_index.el.md
@@ -0,0 +1,15 @@
++++
+title = "Search"
+sort_by = "date"
+paginate_by = 5
++++
+
+The search feature uses the external search engine DuckDuckGo.
+
+
+
+
diff --git a/content/search/_index.pt.md b/content/search/_index.pt.md
new file mode 100644
index 0000000..fb1bc1b
--- /dev/null
+++ b/content/search/_index.pt.md
@@ -0,0 +1,15 @@
++++
+title = "Search"
+sort_by = "date"
+paginate_by = 5
++++
+
+The search feature uses the external search engine DuckDuckGo.
+
+
+
+
diff --git a/content/search/_index.ru.md b/content/search/_index.ru.md
new file mode 100644
index 0000000..fb1bc1b
--- /dev/null
+++ b/content/search/_index.ru.md
@@ -0,0 +1,15 @@
++++
+title = "Search"
+sort_by = "date"
+paginate_by = 5
++++
+
+The search feature uses the external search engine DuckDuckGo.
+
+
+
+
diff --git a/content/series/_index.el.md b/content/series/_index.el.md
new file mode 100644
index 0000000..7d94894
--- /dev/null
+++ b/content/series/_index.el.md
@@ -0,0 +1,35 @@
++++
+title = "Series"
+description = ""
+sort_by = "date"
+paginate_by = 5
++++
+
+
+
+AnarSec is a resource designed to help anarchists navigate the hostile terrain of technology — defensive guides for digital security and anonymity, as well as offensive guides for hacking. All guides are available in booklet format for printing and will be kept up to date.
+
+## Defensive
+
+### Tails
+* [Tails for Anarchists](/posts/tails/)
+* [Tails Best Practices](/posts/tails-best/)
+
+### Qubes OS
+* [Qubes OS for Anarchists](/posts/qubes/)
+
+### Phones
+* [Kill the Cop in Your Pocket](/posts/nophones/)
+* [GrapheneOS for Anarchists](/posts/grapheneos/)
+
+### General
+* [Linux Essentials](/posts/linux/)
+* [Remove Identifying Metadata From Files](/posts/metadata/)
+* [Encrypted Messaging for Anarchists](/posts/e2ee/)
+* [Make Your Electronics Tamper-Evident](/posts/tamper/)
+
+## Offensive
+
+*Coming soon*
+
+
diff --git a/content/series/_index.pt.md b/content/series/_index.pt.md
new file mode 100644
index 0000000..7d94894
--- /dev/null
+++ b/content/series/_index.pt.md
@@ -0,0 +1,35 @@
++++
+title = "Series"
+description = ""
+sort_by = "date"
+paginate_by = 5
++++
+
+
+
+AnarSec is a resource designed to help anarchists navigate the hostile terrain of technology — defensive guides for digital security and anonymity, as well as offensive guides for hacking. All guides are available in booklet format for printing and will be kept up to date.
+
+## Defensive
+
+### Tails
+* [Tails for Anarchists](/posts/tails/)
+* [Tails Best Practices](/posts/tails-best/)
+
+### Qubes OS
+* [Qubes OS for Anarchists](/posts/qubes/)
+
+### Phones
+* [Kill the Cop in Your Pocket](/posts/nophones/)
+* [GrapheneOS for Anarchists](/posts/grapheneos/)
+
+### General
+* [Linux Essentials](/posts/linux/)
+* [Remove Identifying Metadata From Files](/posts/metadata/)
+* [Encrypted Messaging for Anarchists](/posts/e2ee/)
+* [Make Your Electronics Tamper-Evident](/posts/tamper/)
+
+## Offensive
+
+*Coming soon*
+
+
diff --git a/content/series/_index.ru.md b/content/series/_index.ru.md
new file mode 100644
index 0000000..7d94894
--- /dev/null
+++ b/content/series/_index.ru.md
@@ -0,0 +1,35 @@
++++
+title = "Series"
+description = ""
+sort_by = "date"
+paginate_by = 5
++++
+
+
+
+AnarSec is a resource designed to help anarchists navigate the hostile terrain of technology — defensive guides for digital security and anonymity, as well as offensive guides for hacking. All guides are available in booklet format for printing and will be kept up to date.
+
+## Defensive
+
+### Tails
+* [Tails for Anarchists](/posts/tails/)
+* [Tails Best Practices](/posts/tails-best/)
+
+### Qubes OS
+* [Qubes OS for Anarchists](/posts/qubes/)
+
+### Phones
+* [Kill the Cop in Your Pocket](/posts/nophones/)
+* [GrapheneOS for Anarchists](/posts/grapheneos/)
+
+### General
+* [Linux Essentials](/posts/linux/)
+* [Remove Identifying Metadata From Files](/posts/metadata/)
+* [Encrypted Messaging for Anarchists](/posts/e2ee/)
+* [Make Your Electronics Tamper-Evident](/posts/tamper/)
+
+## Offensive
+
+*Coming soon*
+
+
diff --git a/themes/DeepThought/sass/deep-thought.sass b/themes/DeepThought/sass/deep-thought.sass
index 1c1e828..e80b150 100644
--- a/themes/DeepThought/sass/deep-thought.sass
+++ b/themes/DeepThought/sass/deep-thought.sass
@@ -620,6 +620,7 @@ li.lang-switcher
padding-right: 0.5rem
padding-top: 0.5rem
padding-bottom: 0.5rem
+ cursor: default !important
code
color: #AE3B8B
@@ -675,7 +676,7 @@ body[theme="dark"] .navbar-item:focus
color: black !important
.navbar-item:hover>span>img[theme=dark]:not(.no-dark),
-.navbar-item:hover>details>summary>span>img[theme=dark]:not(.no-dark)
+.navbar-item:hover>summary>span>img[theme=dark]:not(.no-dark)
filter: invert(0) hue-rotate(0deg)
body[theme="dark"] p