Veja todos os guias
diff --git a/content/contact/_index.pt.md b/content/contact/_index.pt.md
index cceb4eb..f947b9b 100644
--- a/content/contact/_index.pt.md
+++ b/content/contact/_index.pt.md
@@ -1,5 +1,5 @@
+++
-title = "Contact"
+title = "Contato"
sort_by = "date"
paginate_by = 5
+++
diff --git a/content/glossary/_index.fr.md b/content/glossary/_index.fr.md
index 9724856..9c750ff 100644
--- a/content/glossary/_index.fr.md
+++ b/content/glossary/_index.fr.md
@@ -20,7 +20,7 @@ Pour plus d'informations, voir [Encrypted Messaging for Anarchists](/posts/e2ee/
### Communication asynchrone
-Au contraire de la [communication synchrone](/fr/glossary/#communication-synchrone), les deux participant·e·s n'ont pas besoin d'être connecté·e·s au même moment. Cela grâce à un serveur qui stocke les messages jusqu'à ce que les destinataires des messages se connectent. C'est le type de communication le plus courant (email, Signal, etc.)
+Au contraire de la [communication synchrone](/fr/glossary/#communication-synchrone), les deux participant·e·s n'ont pas besoin d'être connecté·e·s au même moment. Cela grâce à un serveur qui stocke les messages jusqu'à ce que les destinataires des messages se connectent. C'est le type de communication le plus courant (email, etc.)
### Communication synchrone
@@ -64,21 +64,21 @@ An attacker who “simply” tries every possible key to access a service or dec
### Checksums / Fingerprints
-Checksums are digital fingerprints: small-sized blocks of data derived from another block of digital data for the purpose of detecting any changes that may have been made. For example, when you download an operating system .iso file, a checksum is listed that looks like: `sha512: 9f923361887ac4b1455bc5ae51c06f2457c6d(continued...)`. You can use [hash functions](https://open.oregonstate.education/defenddissent/chapter/cryptographic-hash/) like SHA512 to create fingerprints. Essentially, this mathematical operation converts the 0's and 1's of the file into a unique "fingerprint". Changing a single 1 or 0 results in a completely different fingerprint. It is often important to know if a file has changed, such as when downloading the image file for an operating system. Fingerprints are often used in cryptography (e.g. in certificates or to verify [public keys](/glossary/#public-key-cryptography) in general). GtkHash is a program that allows you to calculate checksums without using a command line interface.
+Checksums are digital fingerprints: small-sized blocks of data derived from another block of digital data for the purpose of detecting any changes that may have been made. For example, when you download an operating system .iso file, a checksum is listed that looks like: `sha512: 9f923361887ac4b1455bc5ae51c06f2457c6d(continued...)`. You can use [hash functions](https://open.oregonstate.education/defenddissent/chapter/cryptographic-hash/) like SHA512 to create fingerprints. Essentially, this mathematical operation converts the 0's and 1's of the file into a unique "fingerprint". Changing a single 1 or 0 results in a completely different fingerprint. It is often important to know if a file has changed, such as when downloading the image file for an operating system. Fingerprints are often used in cryptography (e.g. in certificates or to verify [public keys](/fr/glossary/#public-key-cryptography) in general). GtkHash is a program that allows you to calculate checksums without using a command line interface.
### Command Line Interface (CLI)
-The "command line" is an all-text alternative to the graphical "point and click" tool that most of us are more familiar with; the Command Line Interface (CLI) allows us to do some things that a Graphical User Interface (GUI) does not. Often, either a GUI or a CLI would work, and which you use is a matter of preference. For example, in [Tails](/glossary/#tails), you can verify the [checksum](/glossary/#checksums-fingerprints) of a file using either a GUI (the GtkHash program) or a CLI command (`sha256sum`).
+The "command line" is an all-text alternative to the graphical "point and click" tool that most of us are more familiar with; the Command Line Interface (CLI) allows us to do some things that a Graphical User Interface (GUI) does not. Often, either a GUI or a CLI would work, and which you use is a matter of preference. For example, in [Tails](/fr/glossary/#tails), you can verify the [checksum](/fr/glossary/#checksums-fingerprints) of a file using either a GUI (the GtkHash program) or a CLI command (`sha256sum`).
For more information, see [Linux Essentials](/posts/linux/#the-command-line-interface). The Tech Learning Collective's "Foundations: Linux Journey" course on the [command line](https://techlearningcollective.com/foundations/linux-journey/the-shell) is our recommended introduction to using the CLI/terminal.
### Correlation Attack
-An end-to-end correlation attack is a theoretical way that a global adversary could break the anonymity of the [Tor network](/glossary/#tor-network). For more information, see [Protecting against determined, skilled attackers](/posts/tails-best/#2-protecting-against-determined-skilled-attackers) and [Make Correlation Attacks More Difficult](/posts/tails/#make-correlation-attacks-more-difficult). For research papers on the subject, see [Thirteen Years of Tor Attacks](https://github.com/Attacks-on-Tor/Attacks-on-Tor#correlation-attacks) and the design proposal on [information leaks in Tor](https://spec.torproject.org/proposals/344-protocol-info-leaks.html).
+An end-to-end correlation attack is a theoretical way that a global adversary could break the anonymity of the [Tor network](/fr/glossary/#tor-network). For more information, see [Protecting against determined, skilled attackers](/posts/tails-best/#2-protecting-against-determined-skilled-attackers) and [Make Correlation Attacks More Difficult](/posts/tails/#make-correlation-attacks-more-difficult). For research papers on the subject, see [Thirteen Years of Tor Attacks](https://github.com/Attacks-on-Tor/Attacks-on-Tor#correlation-attacks) and the design proposal on [information leaks in Tor](https://spec.torproject.org/proposals/344-protocol-info-leaks.html).
### CVE
-CVE stands for Common Vulnerabilities and Exposures. It is a globally unique identifier for [security vulnerabilities](/glossary/#vulnerability) in software. Identifiers look like “CVE-YEAR-NUMBER.” The year in the identifier is the year the CVE ID was assigned, not the year the vulnerability was publicly disclosed.
+CVE stands for Common Vulnerabilities and Exposures. It is a globally unique identifier for [security vulnerabilities](/fr/glossary/#vulnerability) in software. Identifiers look like “CVE-YEAR-NUMBER.” The year in the identifier is the year the CVE ID was assigned, not the year the vulnerability was publicly disclosed.
### DDoS Attack
@@ -86,35 +86,35 @@ A Distributed Denial of Service (DDoS) attack attempts to overload or crash the
### Digital Signatures
-Digital signatures are based on [public-key cryptography](/glossary/#public-key-cryptography). A private key is used to digitally sign data, while the corresponding public key is used by third parties to verify the signature. Before a public key is used to verify a signature, its authenticity should be verified.
+Digital signatures are based on [public-key cryptography](/fr/glossary/#public-key-cryptography). A private key is used to digitally sign data, while the corresponding public key is used by third parties to verify the signature. Before a public key is used to verify a signature, its authenticity should be verified.
To learn more, [watch this video](https://www.youtube.com/watch?v=s22eJ1eVLTU&listen=false). For a more detailed look, see [Defend Dissent: Authenticity through Cryptographic Signing](https://open.oregonstate.education/defenddissent/chapter/cryptographic-signing/) or our [GPG explanation](/posts/tails-best/#appendix-gpg-explanation).
### Doxxing
-The publication of private information about an individual or organization is called doxxing. Before publication, the person doing the doxing may use public databases, social media, or [social engineering](/glossary/#social-engineering) to obtain information.
+The publication of private information about an individual or organization is called doxxing. Before publication, the person doing the doxing may use public databases, social media, or [social engineering](/fr/glossary/#social-engineering) to obtain information.
### Encryption
Encryption is the process of scrambling a message so that it can only be unscrambled (and read) by the intended parties. The method you use to scramble the original message, or *plaintext*, is called the *cipher* or *encryption protocol*. In almost all cases, the cipher is not intended to be kept secret. The scrambled, unreadable, encrypted message is called the ciphertext and can be safely shared. Most ciphers require an additional piece of information, called a *cryptographic key*, to encrypt and decrypt (scramble and unscramble) messages.
-For more information, see [symmetric cryptography](/glossary/#symmetric-cryptography), [asymmetric cryptography](/glossary/#public-key-cryptography), or [Defend Dissent: What is Encryption?](https://open.oregonstate.education/defenddissent/chapter/what-is-encryption/)
+For more information, see [symmetric cryptography](/fr/glossary/#symmetric-cryptography), [asymmetric cryptography](/fr/glossary/#public-key-cryptography), or [Defend Dissent: What is Encryption?](https://open.oregonstate.education/defenddissent/chapter/what-is-encryption/)
### Exploit
-An exploit is designed to take advantage of a [vulnerability](/glossary/#vulnerability). Even worse (or better, depending on whether you are the attacker or the target) are [zero-day exploits](/glossary/#zero-day-exploit).
+An exploit is designed to take advantage of a [vulnerability](/fr/glossary/#vulnerability). Even worse (or better, depending on whether you are the attacker or the target) are [zero-day exploits](/fr/glossary/#zero-day-exploit).
### Forward secrecy
-Forward secrecy (FS, also known as “Perfect Forward Secrecy”) combines a system of long-term keys and session keys to protect encrypted communications from future key compromise. An attacker who can record every encrypted message ([man-in-the-middle](/glossary/#man-in-the-middle-attack)) won’t be able to decrypt those messages if the keys are compromised in the future. Modern encryption protocols such as [TLS](/glossary/#https) 1.3 and the Signal Protocol provide FS. For more information, see [Anonymous Planet](https://anonymousplanet.org/guide.html#forward-secrecy).
+Forward secrecy (FS, also known as “Perfect Forward Secrecy”) combines a system of long-term keys and session keys to protect encrypted communications from future key compromise. An attacker who can record every encrypted message ([man-in-the-middle](/fr/glossary/#man-in-the-middle-attack)) won’t be able to decrypt those messages if the keys are compromised in the future. Modern encryption protocols such as [TLS](/fr/glossary/#https) 1.3 and the Signal Protocol provide FS. For more information, see [Anonymous Planet](https://anonymousplanet.org/guide.html#forward-secrecy).
### Full Disk Encryption (FDE)
-FDE means that the entire disk is [encrypted](/glossary/#encryption) until a password is entered when the device is powered on. Not all FDE is created equal. For example, the quality of how FDE is implemented on a phone depends not only on your operating system, but also on your hardware (the model of your phone). FDE uses [symmetric cryptography](/glossary/#symmetric-cryptography), and on Linux it typically uses the [LUKS specification](/glossary/#luks).
+FDE means that the entire disk is [encrypted](/fr/glossary/#encryption) until a password is entered when the device is powered on. Not all FDE is created equal. For example, the quality of how FDE is implemented on a phone depends not only on your operating system, but also on your hardware (the model of your phone). FDE uses [symmetric cryptography](/fr/glossary/#symmetric-cryptography), and on Linux it typically uses the [LUKS specification](/fr/glossary/#luks).
### GnuPG / OpenPGP
-GnuPG (GPG) is a program that implements the OpenPGP (Pretty Good Privacy) standard. GPG provides cryptographic functions for encrypting, decrypting, and signing text and files. It is a classic example of [public-key cryptography](/glossary/#public-key-cryptography). When used with email, [metadata](/glossary/#metadata) (such as email addresses) remains unencrypted. It does not provide [forward secrecy](/glossary/#forward-secrecy).
+GnuPG (GPG) is a program that implements the OpenPGP (Pretty Good Privacy) standard. GPG provides cryptographic functions for encrypting, decrypting, and signing text and files. It is a classic example of [public-key cryptography](/fr/glossary/#public-key-cryptography). When used with email, [metadata](/fr/glossary/#metadata) (such as email addresses) remains unencrypted. It does not provide [forward secrecy](/fr/glossary/#forward-secrecy).
For more information, see [this primer](https://github.com/AnarchoTechNYC/meta/wiki/Pretty-Good-Privacy-%28PGP%29). We don't recommend it for encrypted communications, [here's why](/posts/e2ee/#pgp-email).
@@ -124,17 +124,17 @@ Hardening is a general term for the process of securing systems against attacks.
### HTTPS
-The "S" in HTTPS stands for "secure"; which means that your Internet connection is encrypted using the [Transport Layer Security (TLS)](https://www.youtube.com/watch?v=0TLDTodL7Lc&listen=false) protocol. This involves the website generating a certificate using [public-key cryptography](/glossary/#public-key-cryptography) that can be used to verify its authenticity — that you are actually connecting to the web server you intended, and that this connection is encrypted.
+The "S" in HTTPS stands for "secure"; which means that your Internet connection is encrypted using the [Transport Layer Security (TLS)](https://www.youtube.com/watch?v=0TLDTodL7Lc&listen=false) protocol. This involves the website generating a certificate using [public-key cryptography](/fr/glossary/#public-key-cryptography) that can be used to verify its authenticity — that you are actually connecting to the web server you intended, and that this connection is encrypted.
For more information, see [our explanation](/posts/tails/#what-is-https) or [Defend Dissent: Protecting Your Communications](https://open.oregonstate.education/defenddissent/chapter/protecting-your-communications/).
### Linux
-Linux is an [open-source](/glossary/#open-source) "kernel" upon which operating systems are built. Unlike Windows or macOS, there are many flavors of Linux operating systems. For example, Ubuntu, Kali, and Tails are based on Debian. Manjaro is based on Arch. For more information, see [Linux Essentials](/posts/linux).
+Linux is an [open-source](/fr/glossary/#open-source) "kernel" upon which operating systems are built. Unlike Windows or macOS, there are many flavors of Linux operating systems. For example, Ubuntu, Kali, and Tails are based on Debian. Manjaro is based on Arch. For more information, see [Linux Essentials](/posts/linux).
### LUKS
-The [Linux Unified Key Setup (LUKS)](https://gitlab.com/cryptsetup/cryptsetup) is a platform-independent specification for disk encryption. It is the standard used in [Tails](/glossary/#tails), [Qubes OS](/glossary/#qubes-os), Ubuntu, etc. LUKS encryption is only effective when the device is powered off. LUKS should use [Argon2id](/posts/tails-best/#passwords) to make it less vulnerable to brute-force attacks.
+The [Linux Unified Key Setup (LUKS)](https://gitlab.com/cryptsetup/cryptsetup) is a platform-independent specification for disk encryption. It is the standard used in [Tails](/fr/glossary/#tails), [Qubes OS](/fr/glossary/#qubes-os), Ubuntu, etc. LUKS encryption is only effective when the device is powered off. LUKS should use [Argon2id](/posts/tails-best/#passwords) to make it less vulnerable to brute-force attacks.
### Malware
@@ -152,7 +152,7 @@ The only software we can trust because the "source code" that it is written in i
### Passphrase
-A passphrase is similar to a [password](/glossary/#password), but is made up of words instead of random characters.
+A passphrase is similar to a [password](/fr/glossary/#password), but is made up of words instead of random characters.
### Password
@@ -162,11 +162,11 @@ For more information, see [Defend Dissent: Passwords](https://open.oregonstate.e
### Phishing
-Phishing is a technique of [social engineering](/glossary/#social-engineering). Attackers send SMS messages, emails, chat messages, etc. to their targets to get their personal information. The attackers can then try to impersonate their victims. It can also be used to get the victim to download [malware](/glossary/#malware) onto a system, which can be used as a starting point for hacking. [Spear phishing](/glossary/#spear-phishing) is a more sophisticated form of phishing. For more information, see the [Kicksecure documentation](https://www.kicksecure.com/wiki/Social_Engineering).
+Phishing is a technique of [social engineering](/fr/glossary/#social-engineering). Attackers send SMS messages, emails, chat messages, etc. to their targets to get their personal information. The attackers can then try to impersonate their victims. It can also be used to get the victim to download [malware](/fr/glossary/#malware) onto a system, which can be used as a starting point for hacking. [Spear phishing](/fr/glossary/#spear-phishing) is a more sophisticated form of phishing. For more information, see the [Kicksecure documentation](https://www.kicksecure.com/wiki/Social_Engineering).
### Physical attacks
-A physical attack is a situation where an adversary first gains physical access to your device through loss, theft, or confiscation. For example, your phone may be confiscated when you cross a border or are arrested. This is in contrast to a [remote attack](/glossary/#remote-attacks).
+A physical attack is a situation where an adversary first gains physical access to your device through loss, theft, or confiscation. For example, your phone may be confiscated when you cross a border or are arrested. This is in contrast to a [remote attack](/fr/glossary/#remote-attacks).
For more information, see [Making Your Electronics Tamper-Evident](/posts/tamper), the [Threat Library](https://notrace.how/threat-library/techniques/targeted-digital-surveillance/physical-access.html), the [KickSecure documentation](https://www.kicksecure.com/wiki/Protection_Against_Physical_Attacks), and [Defend Dissent: Protecting Your Devices](https://open.oregonstate.education/defenddissent/chapter/protecting-your-devices/).
@@ -176,25 +176,25 @@ Plausible deniability can be a security objective. It is achieved when you can
### Public-key cryptography
-Public-key cryptography (or asymmetric cryptography) is the opposite of [symmetric cryptography](/glossary/#symmetric-cryptography). Each party has two keys (public and private). The private key must be kept secret and is used for decryption; the public key must be made public, and is used for encryption. This is the model used for encrypted communication, since the public key cannot be used for decryption. All other parties must verify that a published public key belongs to its intended owner to avoid [man-in-the-middle attacks](/glossary/#man-in-the-middle-attack).
+Public-key cryptography (or asymmetric cryptography) is the opposite of [symmetric cryptography](/fr/glossary/#symmetric-cryptography). Each party has two keys (public and private). The private key must be kept secret and is used for decryption; the public key must be made public, and is used for encryption. This is the model used for encrypted communication, since the public key cannot be used for decryption. All other parties must verify that a published public key belongs to its intended owner to avoid [man-in-the-middle attacks](/fr/glossary/#man-in-the-middle-attack).
-There are several approaches to public-key cryptography. For example, some cryptosystems are based on the algebraic structure of elliptic curves over finite fields (ECC). Others are based on the difficulty of factoring the product of two large prime numbers (RSA). Public-key cryptography can also be used for [digital signatures](/glossary/#digital-signatures).
+There are several approaches to public-key cryptography. For example, some cryptosystems are based on the algebraic structure of elliptic curves over finite fields (ECC). Others are based on the difficulty of factoring the product of two large prime numbers (RSA). Public-key cryptography can also be used for [digital signatures](/fr/glossary/#digital-signatures).
To learn more, watch [this video](https://www.youtube.com/watch?v=GSIDS_lvRv4), or for a more detailed look, see [Defend Dissent: Public-Key Cryptography](https://open.oregonstate.education/defenddissent/chapter/public-key-cryptography/).
### Qubes OS
-You can think of [Qubes OS](https://www.qubes-os.org/) as Linux + [virtual machines](/glossary/#virtual-machine-vm). We [recommend](/recommendations) it as an everyday operating system for intermediate Linux users.
+You can think of [Qubes OS](https://www.qubes-os.org/) as Linux + [virtual machines](/fr/glossary/#virtual-machine-vm). We [recommend](/recommendations) it as an everyday operating system for intermediate Linux users.
### Remote attacks
-By remote attack, we mean that an adversary would access the data on your phone or laptop through an Internet or data connection. There are companies that develop and sell the ability to infect your device (usually focusing on smartphones) with [malware](/glossary/#malware) that would allow their customer (your adversary, be it a corporate or state agent) to remotely access some or all of your information. This is in contrast to a [physical attack](/glossary/#physical-attacks).
+By remote attack, we mean that an adversary would access the data on your phone or laptop through an Internet or data connection. There are companies that develop and sell the ability to infect your device (usually focusing on smartphones) with [malware](/fr/glossary/#malware) that would allow their customer (your adversary, be it a corporate or state agent) to remotely access some or all of your information. This is in contrast to a [physical attack](/fr/glossary/#physical-attacks).
For a more detailed look, see [Defend Dissent: Protecting Your Devices](https://open.oregonstate.education/defenddissent/chapter/protecting-your-devices/).
### Sandboxing
-Sandboxing is the software-based isolation of applications to mitigate system failures or vulnerabilities. For example, if an attacker hacks an application that is "sandboxed", the attacker must escape the sandbox to hack the entire system. [Virtualization](/glossary/#virtualization) is the most powerful implementation of sandboxing.
+Sandboxing is the software-based isolation of applications to mitigate system failures or vulnerabilities. For example, if an attacker hacks an application that is "sandboxed", the attacker must escape the sandbox to hack the entire system. [Virtualization](/fr/glossary/#virtualization) is the most powerful implementation of sandboxing.
### Security goal
@@ -202,11 +202,11 @@ Security goals are concepts in information security that define what needs to be
### Social engineering
-Social engineering is a general term for the psychological manipulation of people to perform actions. Social engineering doesn't depend on technology; it's quite common in everyday life. For example, children cry to manipulate their parents; commercials manipulate their viewers. In information security, [phishing](/glossary/#phishing) is a common social engineering technique.
+Social engineering is a general term for the psychological manipulation of people to perform actions. Social engineering doesn't depend on technology; it's quite common in everyday life. For example, children cry to manipulate their parents; commercials manipulate their viewers. In information security, [phishing](/fr/glossary/#phishing) is a common social engineering technique.
### Spear phishing
-Spear phishing is more sophisticated than regular [phishing](/glossary/#phishing), which casts a wide net. In spear phishing, attackers customize their forged messages and send them to a smaller number of potential victims. Spear phishing requires more research on the part of the attacker; however, the success rate of spear phishing attacks is higher than the success rate of regular phishing attacks.
+Spear phishing is more sophisticated than regular [phishing](/fr/glossary/#phishing), which casts a wide net. In spear phishing, attackers customize their forged messages and send them to a smaller number of potential victims. Spear phishing requires more research on the part of the attacker; however, the success rate of spear phishing attacks is higher than the success rate of regular phishing attacks.
### Supply-chain attack
@@ -214,23 +214,23 @@ A supply-chain attack can affect any user of hardware or software components. At
### Symmetric cryptography
-Symmetric cryptography is the opposite of [public-key cryptography](/glossary/#public-key-cryptography). Two parties need the same private key to communicate with each other. They both use this key to encrypt and decrypt data. Symmetric cryptography is faster than public-key cryptography, but you must exchange keys securely. AES is a well-known example of symmetric cryptography. This is the model used for [Full Disk Encryption](/glossary/#full-disk-encryption-fde) (e.g. used by [LUKS](/glossary/#luks) in Linux Full Disk Encryption).
+Symmetric cryptography is the opposite of [public-key cryptography](/fr/glossary/#public-key-cryptography). Two parties need the same private key to communicate with each other. They both use this key to encrypt and decrypt data. Symmetric cryptography is faster than public-key cryptography, but you must exchange keys securely. AES is a well-known example of symmetric cryptography. This is the model used for [Full Disk Encryption](/fr/glossary/#full-disk-encryption-fde) (e.g. used by [LUKS](/fr/glossary/#luks) in Linux Full Disk Encryption).
### Tails
Tails is an operating system that makes secure and anonymous computer use accessible to everyone. Tails runs from a USB drive and is designed to leave no trace of your activity on your computer unless you explicitly want it to.
-Tails uses the [Tor anonymity network](/glossary/#tor-network) to protect your privacy online; all software is configured to connect to the Internet through Tor. If an application tries to connect to the Internet directly, it is automatically blocked for security reasons.
+Tails uses the [Tor anonymity network](/fr/glossary/#tor-network) to protect your privacy online; all software is configured to connect to the Internet through Tor. If an application tries to connect to the Internet directly, it is automatically blocked for security reasons.
For more information, see [Tails for Anarchists](/posts/tails).
### Virtualization
-Virtualization is a technology that creates a virtual version of something, including virtual computer hardware. A [Virtual Machine](/glossary/#virtual-machine-vm) takes advantage of this technology.
+Virtualization is a technology that creates a virtual version of something, including virtual computer hardware. A [Virtual Machine](/fr/glossary/#virtual-machine-vm) takes advantage of this technology.
### Virtual Machine (VM)
-A virtual machine is a [virtualization](/glossary/#virtualization)/emulation of a computer system. Virtual machines are based on computer architectures and provide the functionality of a physical computer. This can provide the security benefit of [sandboxing](/glossary/#sandboxing). [Qubes OS](/glossary/#qubes-os) consists of VMs that [run directly on the hardware](https://www.qubes-os.org/faq/#how-does-qubes-os-compare-to-running-vms-in-a-conventional-os) (referred to as "bare metal"). According to the Qubes project, "virtualization is currently the only practically viable approach to implementing strong isolation while simultaneously providing compatibility with existing applications and drivers."
+A virtual machine is a [virtualization](/fr/glossary/#virtualization)/emulation of a computer system. Virtual machines are based on computer architectures and provide the functionality of a physical computer. This can provide the security benefit of [sandboxing](/fr/glossary/#sandboxing). [Qubes OS](/fr/glossary/#qubes-os) consists of VMs that [run directly on the hardware](https://www.qubes-os.org/faq/#how-does-qubes-os-compare-to-running-vms-in-a-conventional-os) (referred to as "bare metal"). According to the Qubes project, "virtualization is currently the only practically viable approach to implementing strong isolation while simultaneously providing compatibility with existing applications and drivers."
### VPN (Virtual Private Network)
@@ -240,14 +240,14 @@ In other words, it is a technology that essentially makes it appear that you are
It is important to emphasize this to cut through the widespread marketing hype; [a VPN is not enough to keep you anonymous](https://www.ivpn.net/privacy-guides/will-a-vpn-protect-me/). Using a VPN can be thought of as simply shifting your trust from a local Internet Service Provider which is guaranteed to be a snitch to a remote company that claims to limit its ability to effectively snitch on you.
-For more information, see [Privacy Guides](https://www.privacyguides.org/en/basics/vpn-overview/), and for an excellent comparison of a VPN and [Tor](/glossary/#tor-network), see [Defend Dissent: Anonymous Routing](https://open.oregonstate.education/defenddissent/chapter/anonymous-routing/).
+For more information, see [Privacy Guides](https://www.privacyguides.org/en/basics/vpn-overview/), and for an excellent comparison of a VPN and [Tor](/fr/glossary/#tor-network), see [Defend Dissent: Anonymous Routing](https://open.oregonstate.education/defenddissent/chapter/anonymous-routing/).
### Vulnerability
-Vulnerabilities are [exploitable](/glossary/#exploit) security flaws in software or hardware. Well-known vulnerabilities have names like Heartbleed, Shellshock, Spectre, or Stagefright and at least one [CVE](/glossary/#cve) identifier. Vulnerabilities don't always have exploits. A popular vulnerability severity rating system is [CVSS](https://en.wikipedia.org/wiki/Common_Vulnerability_Scoring_System).
+Vulnerabilities are [exploitable](/fr/glossary/#exploit) security flaws in software or hardware. Well-known vulnerabilities have names like Heartbleed, Shellshock, Spectre, or Stagefright and at least one [CVE](/fr/glossary/#cve) identifier. Vulnerabilities don't always have exploits. A popular vulnerability severity rating system is [CVSS](https://en.wikipedia.org/wiki/Common_Vulnerability_Scoring_System).
### Zero-day exploit
-A zero-day [exploit](/glossary/#exploit) is unknown to the public, the vendor, or other parties that would normally mitigate it. As a result, it is extremely powerful and highly valued. Governments can either develop their own zero-day exploits or purchase them from a [zero-day broker](https://www.wired.com/story/untold-history-americas-zero-day-market/).
+A zero-day [exploit](/fr/glossary/#exploit) is unknown to the public, the vendor, or other parties that would normally mitigate it. As a result, it is extremely powerful and highly valued. Governments can either develop their own zero-day exploits or purchase them from a [zero-day broker](https://www.wired.com/story/untold-history-americas-zero-day-market/).
diff --git a/content/glossary/_index.md b/content/glossary/_index.md
index a6ab73e..a83e2aa 100644
--- a/content/glossary/_index.md
+++ b/content/glossary/_index.md
@@ -10,7 +10,7 @@ paginate_by = 5
### Asynchronous Communication
-Unlike [synchronous communication](/glossary/#synchronous-communication), both parties do not need to be online at the same time. This relies on some sort of server to store messages until the message recipients come online. This is the type of messaging that most people are familiar with (email, Signal, etc.).
+Unlike [synchronous communication](/glossary/#synchronous-communication), both parties do not need to be online at the same time. This relies on some sort of server to store messages until the message recipients come online. This is the type of messaging that most people are familiar with (email, etc.).
### Backdoor
diff --git a/content/glossary/_index.pt.md b/content/glossary/_index.pt.md
index a6ab73e..60bbb33 100644
--- a/content/glossary/_index.pt.md
+++ b/content/glossary/_index.pt.md
@@ -1,16 +1,58 @@
+++
-title = "Glossary"
+title = "Glossário"
sort_by = "date"
paginate_by = 5
+++
-> This glossary defines terms commonly used in AnarSec articles.
+> Este glossário define termos usados frequentemente em artigos da AnarSec
-### Asynchronous Communication
+### Autenticação de Dois Fatores (2FA)
-Unlike [synchronous communication](/glossary/#synchronous-communication), both parties do not need to be online at the same time. This relies on some sort of server to store messages until the message recipients come online. This is the type of messaging that most people are familiar with (email, Signal, etc.).
+A autentificação de dois fatores (ou “2FA”) é uma forma do usuário se autoidentificar para um serviço, pedindo a combinação de dois métodos diferentes de autenticação. Estes podem ser algo que o usuário saiba (como uma senha ou PIN) ou algo que o usuário possui (como um token de hardware ou telefone celular).
+
+### Comunicação Assíncrona
+
+Diferente da [comunicação sincrônica](/pt/glossary/#comunicacao-sincronica), ambas as partes não precisam estar online ao mesmo tempo. Isso depende de algum tipo de servidor para armazenar as mensagens até que o recipiente esteja online. A maioria das pessoas conhecem bem este tipo de mensageiro (e-mail, etc.).
+
+### Comunicação Sincrônica
+
+Diferente de [comunicações assíncronas](/pt/glossary/#comunicacao-assincrona), ambas as partes devem estar online ao mesmo tempo. Isso não exige servidores para comunicação e geralmente é chamado de “par a par”.
+
+### Criptografia de Ponta A ponta
+
+Dados são [criptografados](/pt/glossary/#encryption) conforme viajam de um dispositivo para o outro — de ponta a ponta — e não pode ser descriptografado por nenhum intermediário. A criptografia só pode ser realizada por uma das pontas. Isso é diferente de “criptografia passiva”, como a [Criptografia Total de Disco](/pt/glossary/#full-disk-encryption-fde), onde os dados armazenados no seu dispositivo é criptografado quando seu dispositivo é desligado. Ambos são importantes!
+
+Para mais informações, confira [Encrypted Messaging for Anarchists](/posts/e2ee), e [Defend Dissent: Protecting Your Communications](https://open.oregonstate.education/defenddissent/chapter/protecting-your-communications/).
+
+### Metadados
+
+Metadados são dados que oferecem informações sobre outros dados. Por exemplo, um arquivo JPG contém a imagem (JPG) mas pode também conter metadados como a data que o arquivo foi criado, o tipo de câmera, coordenadas de GPS, e afins. Metadados podem ser valiosos para inimigos (para encontrar brechas em softwares desatualizados que o alvo esteja utilizando), agências do governo (para coletar informações sobre pessoas, para criar gráficos estatísticos), e outros grupos (para publicidade direcionada baseada na localização).Toda vez que você está usando um computador. Você provavelmente está deixando metadados para trás.
+
+Para mais informações, veja [Remove Identifying Metadata From Files](/posts/metadata) e [Defend Dissent: Metadata](https://open.oregonstate.education/defenddissent/chapter/metadata/).
+
+### Modelagem de Ameaças
+
+Modelagem de ameaças são um conjunto de atividades para melhorar a segurança através da identificação de uma série de adversários e [objetivos de segurança](/pt/glossary/#security-goal), e [vulnerabilidades](/pt/glossary/#vulnerability), e então definindo contramedidas para prevenir ou mitigar os efeitos das ameaças ao sistema. Uma ameaça é um evento indesejável, real ou potencial, que pode sr malicioso (como um [ataque DDoS](/pt/glossary/#ddos-attack)) ou acidental (como a falha de um drive). Modelagem de ameças é a atividade pensada para identificar e acessar ameaças e vulnerabilidades.
+
+Para mais informações, veja a [Biblioteca de Riscos do No Trace Project](https://notrace.how/threat-library/), [Defend Dissent: Digital Threats to Social Movements](https://open.oregonstate.education/defenddissent/chapter/digital-threats/) e [Defending against Surveillance and Suppression](https://open.oregonstate.education/defenddissent/chapter/surveillance-and-suppression/).
+
+### Rede Tor
+
+[Tor](https://www.torproject.org/) (sigla para The Onion Router) é uma rede aberta e distribuída que ajuda na defesa ontra anáalise de tráfego. O Tor te protege ao enviar suas comunicações através de uma rede de repetidores de sinais mantidos por voluntários ao redor do mundo: isso previne que alguém monitore sua conexão de Internet para descobrir quais sites você visita, e impede o operador destes sites de descobrirem sua localização física.
+
+Todo site visitado através da rede Tor passa por três repetidores. Repetidores são servidores hospedados por diversas pessoas e organizações ao redor do mundo. Nenhum repetidor sabe de onde a conexão criptografada está vindo ou para onde está indo. Um trecho de um relatório altamente confidencial vazado da NSA, chama o Tor de “o rei da alta segurança, e anonimidade na internet” e “sem competidores para o trono”. A rede Tor pode ser acessada através do Navegador Tor em qualquer sistema operacional. O sistema operacional do [Tails](/pt/glossary/#tails) força todos os programas a usarem a rede Tor quando acessa a Internet.
+
+Para mais informações, veja [Tails for Anarchists](/posts/tails/#tor) e [Privacy Guides](https://www.privacyguides.org/en/advanced/tor-overview/). Para compreender as limitações do Tor, veja a documentação do [Whonix](https://www.whonix.org/wiki/Warning).
+
+### Sistemas Operacionais (OS)
+
+Os sistemas de software que operam seu dispositivo antes de qualquer outro software. Alguns exemplos comuns incluem Windows, macOS, Linux, Android, e iOS. Linux e algumas versões do Android são as únicas opções de código aberto nesta lista.
+
+### VoIP (Voice over Internet Protocol)
+
+Google Voice é um serviço VoIP bastante conhecido e pouco seguro; essa tecnologia dirige suas chamadas para internet (como o Signal faz) invés de usar as transmissões normais de torres de celular. Diferente do Signal, o VoIP permite que você receba chamadas de qualquer um, não apenas de outros usuários do Signal. A vantagem de usar VoIP para chamadas, invés de plano de dados, é que você pode criar diferentes números para diferentes atividades (um para contas, um para logar m uma conta do Signal, etc.), e você nunca precisa desligar o Modo Avião. A vantagem de usar plano de dados, é que você pode usá-lo fora do Wi-Fi, às custas da geolocalização (ou seja, será possível que sua operadora e possivelmente outras partes, descubram onde seu serviço está a qualquer momento).
### Backdoor
@@ -22,21 +64,21 @@ An attacker who “simply” tries every possible key to access a service or dec
### Checksums / Fingerprints
-Checksums are digital fingerprints: small-sized blocks of data derived from another block of digital data for the purpose of detecting any changes that may have been made. For example, when you download an operating system .iso file, a checksum is listed that looks like: `sha512: 9f923361887ac4b1455bc5ae51c06f2457c6d(continued...)`. You can use [hash functions](https://open.oregonstate.education/defenddissent/chapter/cryptographic-hash/) like SHA512 to create fingerprints. Essentially, this mathematical operation converts the 0's and 1's of the file into a unique "fingerprint". Changing a single 1 or 0 results in a completely different fingerprint. It is often important to know if a file has changed, such as when downloading the image file for an operating system. Fingerprints are often used in cryptography (e.g. in certificates or to verify [public keys](/glossary/#public-key-cryptography) in general). GtkHash is a program that allows you to calculate checksums without using a command line interface.
+Checksums are digital fingerprints: small-sized blocks of data derived from another block of digital data for the purpose of detecting any changes that may have been made. For example, when you download an operating system .iso file, a checksum is listed that looks like: `sha512: 9f923361887ac4b1455bc5ae51c06f2457c6d(continued...)`. You can use [hash functions](https://open.oregonstate.education/defenddissent/chapter/cryptographic-hash/) like SHA512 to create fingerprints. Essentially, this mathematical operation converts the 0's and 1's of the file into a unique "fingerprint". Changing a single 1 or 0 results in a completely different fingerprint. It is often important to know if a file has changed, such as when downloading the image file for an operating system. Fingerprints are often used in cryptography (e.g. in certificates or to verify [public keys](/pt/glossary/#public-key-cryptography) in general). GtkHash is a program that allows you to calculate checksums without using a command line interface.
### Command Line Interface (CLI)
-The "command line" is an all-text alternative to the graphical "point and click" tool that most of us are more familiar with; the Command Line Interface (CLI) allows us to do some things that a Graphical User Interface (GUI) does not. Often, either a GUI or a CLI would work, and which you use is a matter of preference. For example, in [Tails](/glossary/#tails), you can verify the [checksum](/glossary/#checksums-fingerprints) of a file using either a GUI (the GtkHash program) or a CLI command (`sha256sum`).
+The "command line" is an all-text alternative to the graphical "point and click" tool that most of us are more familiar with; the Command Line Interface (CLI) allows us to do some things that a Graphical User Interface (GUI) does not. Often, either a GUI or a CLI would work, and which you use is a matter of preference. For example, in [Tails](/pt/glossary/#tails), you can verify the [checksum](/pt/glossary/#checksums-fingerprints) of a file using either a GUI (the GtkHash program) or a CLI command (`sha256sum`).
For more information, see [Linux Essentials](/posts/linux/#the-command-line-interface). The Tech Learning Collective's "Foundations: Linux Journey" course on the [command line](https://techlearningcollective.com/foundations/linux-journey/the-shell) is our recommended introduction to using the CLI/terminal.
### Correlation Attack
-An end-to-end correlation attack is a theoretical way that a global adversary could break the anonymity of the [Tor network](/glossary/#tor-network). For more information, see [Protecting against determined, skilled attackers](/posts/tails-best/#2-protecting-against-determined-skilled-attackers) and [Make Correlation Attacks More Difficult](/posts/tails/#make-correlation-attacks-more-difficult). For research papers on the subject, see [Thirteen Years of Tor Attacks](https://github.com/Attacks-on-Tor/Attacks-on-Tor#correlation-attacks) and the design proposal on [information leaks in Tor](https://spec.torproject.org/proposals/344-protocol-info-leaks.html).
+An end-to-end correlation attack is a theoretical way that a global adversary could break the anonymity of the [Tor network](/pt/glossary/#tor-network). For more information, see [Protecting against determined, skilled attackers](/posts/tails-best/#2-protecting-against-determined-skilled-attackers) and [Make Correlation Attacks More Difficult](/posts/tails/#make-correlation-attacks-more-difficult). For research papers on the subject, see [Thirteen Years of Tor Attacks](https://github.com/Attacks-on-Tor/Attacks-on-Tor#correlation-attacks) and the design proposal on [information leaks in Tor](https://spec.torproject.org/proposals/344-protocol-info-leaks.html).
### CVE
-CVE stands for Common Vulnerabilities and Exposures. It is a globally unique identifier for [security vulnerabilities](/glossary/#vulnerability) in software. Identifiers look like “CVE-YEAR-NUMBER.” The year in the identifier is the year the CVE ID was assigned, not the year the vulnerability was publicly disclosed.
+CVE stands for Common Vulnerabilities and Exposures. It is a globally unique identifier for [security vulnerabilities](/pt/glossary/#vulnerability) in software. Identifiers look like “CVE-YEAR-NUMBER.” The year in the identifier is the year the CVE ID was assigned, not the year the vulnerability was publicly disclosed.
### DDoS Attack
@@ -44,41 +86,35 @@ A Distributed Denial of Service (DDoS) attack attempts to overload or crash the
### Digital Signatures
-Digital signatures are based on [public-key cryptography](/glossary/#public-key-cryptography). A private key is used to digitally sign data, while the corresponding public key is used by third parties to verify the signature. Before a public key is used to verify a signature, its authenticity should be verified.
+Digital signatures are based on [public-key cryptography](/pt/glossary/#public-key-cryptography). A private key is used to digitally sign data, while the corresponding public key is used by third parties to verify the signature. Before a public key is used to verify a signature, its authenticity should be verified.
To learn more, [watch this video](https://www.youtube.com/watch?v=s22eJ1eVLTU&listen=false). For a more detailed look, see [Defend Dissent: Authenticity through Cryptographic Signing](https://open.oregonstate.education/defenddissent/chapter/cryptographic-signing/) or our [GPG explanation](/posts/tails-best/#appendix-gpg-explanation).
### Doxxing
-The publication of private information about an individual or organization is called doxxing. Before publication, the person doing the doxing may use public databases, social media, or [social engineering](/glossary/#social-engineering) to obtain information.
+The publication of private information about an individual or organization is called doxxing. Before publication, the person doing the doxing may use public databases, social media, or [social engineering](/pt/glossary/#social-engineering) to obtain information.
### Encryption
Encryption is the process of scrambling a message so that it can only be unscrambled (and read) by the intended parties. The method you use to scramble the original message, or *plaintext*, is called the *cipher* or *encryption protocol*. In almost all cases, the cipher is not intended to be kept secret. The scrambled, unreadable, encrypted message is called the ciphertext and can be safely shared. Most ciphers require an additional piece of information, called a *cryptographic key*, to encrypt and decrypt (scramble and unscramble) messages.
-For more information, see [symmetric cryptography](/glossary/#symmetric-cryptography), [asymmetric cryptography](/glossary/#public-key-cryptography), or [Defend Dissent: What is Encryption?](https://open.oregonstate.education/defenddissent/chapter/what-is-encryption/)
-
-### End-to-end encryption (e2ee)
-
-Data is [encrypted](/glossary/#encryption) as it travels from one device to another — endpoint to endpoint — and cannot be decrypted by any intermediary. It can only be decrypted by the endpoints. This is different from "encryption at rest", such as [Full Disk Encryption](/glossary/#full-disk-encryption-fde), where the data stored on your device is encrypted when the device is turned off. Both are important!
-
-For more information, check out [Encrypted Messaging for Anarchists](/posts/e2ee), and [Defend Dissent: Protecting Your Communications](https://open.oregonstate.education/defenddissent/chapter/protecting-your-communications/).
+For more information, see [symmetric cryptography](/pt/glossary/#symmetric-cryptography), [asymmetric cryptography](/pt/glossary/#public-key-cryptography), or [Defend Dissent: What is Encryption?](https://open.oregonstate.education/defenddissent/chapter/what-is-encryption/)
### Exploit
-An exploit is designed to take advantage of a [vulnerability](/glossary/#vulnerability). Even worse (or better, depending on whether you are the attacker or the target) are [zero-day exploits](/glossary/#zero-day-exploit).
+An exploit is designed to take advantage of a [vulnerability](/pt/glossary/#vulnerability). Even worse (or better, depending on whether you are the attacker or the target) are [zero-day exploits](/pt/glossary/#zero-day-exploit).
### Forward secrecy
-Forward secrecy (FS, also known as “Perfect Forward Secrecy”) combines a system of long-term keys and session keys to protect encrypted communications from future key compromise. An attacker who can record every encrypted message ([man-in-the-middle](/glossary/#man-in-the-middle-attack)) won’t be able to decrypt those messages if the keys are compromised in the future. Modern encryption protocols such as [TLS](/glossary/#https) 1.3 and the Signal Protocol provide FS. For more information, see [Anonymous Planet](https://anonymousplanet.org/guide.html#forward-secrecy).
+Forward secrecy (FS, also known as “Perfect Forward Secrecy”) combines a system of long-term keys and session keys to protect encrypted communications from future key compromise. An attacker who can record every encrypted message ([man-in-the-middle](/pt/glossary/#man-in-the-middle-attack)) won’t be able to decrypt those messages if the keys are compromised in the future. Modern encryption protocols such as [TLS](/pt/glossary/#https) 1.3 and the Signal Protocol provide FS. For more information, see [Anonymous Planet](https://anonymousplanet.org/guide.html#forward-secrecy).
### Full Disk Encryption (FDE)
-FDE means that the entire disk is [encrypted](/glossary/#encryption) until a password is entered when the device is powered on. Not all FDE is created equal. For example, the quality of how FDE is implemented on a phone depends not only on your operating system, but also on your hardware (the model of your phone). FDE uses [symmetric cryptography](/glossary/#symmetric-cryptography), and on Linux it typically uses the [LUKS specification](/glossary/#luks).
+FDE means that the entire disk is [encrypted](/pt/glossary/#encryption) until a password is entered when the device is powered on. Not all FDE is created equal. For example, the quality of how FDE is implemented on a phone depends not only on your operating system, but also on your hardware (the model of your phone). FDE uses [symmetric cryptography](/pt/glossary/#symmetric-cryptography), and on Linux it typically uses the [LUKS specification](/pt/glossary/#luks).
### GnuPG / OpenPGP
-GnuPG (GPG) is a program that implements the OpenPGP (Pretty Good Privacy) standard. GPG provides cryptographic functions for encrypting, decrypting, and signing text and files. It is a classic example of [public-key cryptography](/glossary/#public-key-cryptography). When used with email, [metadata](/glossary/#metadata) (such as email addresses) remains unencrypted. It does not provide [forward secrecy](/glossary/#forward-secrecy).
+GnuPG (GPG) is a program that implements the OpenPGP (Pretty Good Privacy) standard. GPG provides cryptographic functions for encrypting, decrypting, and signing text and files. It is a classic example of [public-key cryptography](/pt/glossary/#public-key-cryptography). When used with email, [metadata](/pt/glossary/#metadata) (such as email addresses) remains unencrypted. It does not provide [forward secrecy](/pt/glossary/#forward-secrecy).
For more information, see [this primer](https://github.com/AnarchoTechNYC/meta/wiki/Pretty-Good-Privacy-%28PGP%29). We don't recommend it for encrypted communications, [here's why](/posts/e2ee/#pgp-email).
@@ -88,17 +124,17 @@ Hardening is a general term for the process of securing systems against attacks.
### HTTPS
-The "S" in HTTPS stands for "secure"; which means that your Internet connection is encrypted using the [Transport Layer Security (TLS)](https://www.youtube.com/watch?v=0TLDTodL7Lc&listen=false) protocol. This involves the website generating a certificate using [public-key cryptography](/glossary/#public-key-cryptography) that can be used to verify its authenticity — that you are actually connecting to the web server you intended, and that this connection is encrypted.
+The "S" in HTTPS stands for "secure"; which means that your Internet connection is encrypted using the [Transport Layer Security (TLS)](https://www.youtube.com/watch?v=0TLDTodL7Lc&listen=false) protocol. This involves the website generating a certificate using [public-key cryptography](/pt/glossary/#public-key-cryptography) that can be used to verify its authenticity — that you are actually connecting to the web server you intended, and that this connection is encrypted.
For more information, see [our explanation](/posts/tails/#what-is-https) or [Defend Dissent: Protecting Your Communications](https://open.oregonstate.education/defenddissent/chapter/protecting-your-communications/).
### Linux
-Linux is an [open-source](/glossary/#open-source) "kernel" upon which operating systems are built. Unlike Windows or macOS, there are many flavors of Linux operating systems. For example, Ubuntu, Kali, and Tails are based on Debian. Manjaro is based on Arch. For more information, see [Linux Essentials](/posts/linux).
+Linux is an [open-source](/pt/glossary/#open-source) "kernel" upon which operating systems are built. Unlike Windows or macOS, there are many flavors of Linux operating systems. For example, Ubuntu, Kali, and Tails are based on Debian. Manjaro is based on Arch. For more information, see [Linux Essentials](/posts/linux).
### LUKS
-The [Linux Unified Key Setup (LUKS)](https://gitlab.com/cryptsetup/cryptsetup) is a platform-independent specification for disk encryption. It is the standard used in [Tails](/glossary/#tails), [Qubes OS](/glossary/#qubes-os), Ubuntu, etc. LUKS encryption is only effective when the device is powered off. LUKS should use [Argon2id](/posts/tails-best/#passwords) to make it less vulnerable to brute-force attacks.
+The [Linux Unified Key Setup (LUKS)](https://gitlab.com/cryptsetup/cryptsetup) is a platform-independent specification for disk encryption. It is the standard used in [Tails](/pt/glossary/#tails), [Qubes OS](/pt/glossary/#qubes-os), Ubuntu, etc. LUKS encryption is only effective when the device is powered off. LUKS should use [Argon2id](/posts/tails-best/#passwords) to make it less vulnerable to brute-force attacks.
### Malware
@@ -110,23 +146,13 @@ An example of a man-in-the-middle attack is when Alice communicates with Bob ove
For a more detailed look, see [Defend Dissent: The Man in the Middle](https://open.oregonstate.education/defenddissent/chapter/the-man-in-the-middle/) and the [Whonix documentation](https://www.whonix.org/wiki/Warning#Man-in-the-middle_Attacks).
-### Metadata
-
-Metadata is data that provides information about other data. For example, a JPG file contains the actual image (data) but it may also contain metadata such as the date the file was created, the type of camera, GPS coordinates, and so on. Metadata can be valuable to attackers (to find appropriate exploits for outdated software the target is using), government agencies (to collect information about people to create social graphs), and other parties (to target location-based advertising). Whenever you use a computer, you are likely leaving metadata behind.
-
-For more information, see [Remove Identifying Metadata From Files](/posts/metadata) and [Defend Dissent: Metadata](https://open.oregonstate.education/defenddissent/chapter/metadata/).
-
### Open-source
The only software we can trust because the "source code" that it is written in is "open" for anyone to examine.
-### Operating system (OS)
-
-The system software that runs your device before any other software. Some common examples include Windows, macOS, Linux, Android, and iOS. Linux and some versions of Android are the only open-source options on this list.
-
### Passphrase
-A passphrase is similar to a [password](/glossary/#password), but is made up of words instead of random characters.
+A passphrase is similar to a [password](/pt/glossary/#password), but is made up of words instead of random characters.
### Password
@@ -136,11 +162,11 @@ For more information, see [Defend Dissent: Passwords](https://open.oregonstate.e
### Phishing
-Phishing is a technique of [social engineering](/glossary/#social-engineering). Attackers send SMS messages, emails, chat messages, etc. to their targets to get their personal information. The attackers can then try to impersonate their victims. It can also be used to get the victim to download [malware](/glossary/#malware) onto a system, which can be used as a starting point for hacking. [Spear phishing](/glossary/#spear-phishing) is a more sophisticated form of phishing. For more information, see the [Kicksecure documentation](https://www.kicksecure.com/wiki/Social_Engineering).
+Phishing is a technique of [social engineering](/pt/glossary/#social-engineering). Attackers send SMS messages, emails, chat messages, etc. to their targets to get their personal information. The attackers can then try to impersonate their victims. It can also be used to get the victim to download [malware](/pt/glossary/#malware) onto a system, which can be used as a starting point for hacking. [Spear phishing](/pt/glossary/#spear-phishing) is a more sophisticated form of phishing. For more information, see the [Kicksecure documentation](https://www.kicksecure.com/wiki/Social_Engineering).
### Physical attacks
-A physical attack is a situation where an adversary first gains physical access to your device through loss, theft, or confiscation. For example, your phone may be confiscated when you cross a border or are arrested. This is in contrast to a [remote attack](/glossary/#remote-attacks).
+A physical attack is a situation where an adversary first gains physical access to your device through loss, theft, or confiscation. For example, your phone may be confiscated when you cross a border or are arrested. This is in contrast to a [remote attack](/pt/glossary/#remote-attacks).
For more information, see [Making Your Electronics Tamper-Evident](/posts/tamper), the [Threat Library](https://notrace.how/threat-library/techniques/targeted-digital-surveillance/physical-access.html), the [KickSecure documentation](https://www.kicksecure.com/wiki/Protection_Against_Physical_Attacks), and [Defend Dissent: Protecting Your Devices](https://open.oregonstate.education/defenddissent/chapter/protecting-your-devices/).
@@ -150,25 +176,25 @@ Plausible deniability can be a security objective. It is achieved when you can
### Public-key cryptography
-Public-key cryptography (or asymmetric cryptography) is the opposite of [symmetric cryptography](/glossary/#symmetric-cryptography). Each party has two keys (public and private). The private key must be kept secret and is used for decryption; the public key must be made public, and is used for encryption. This is the model used for encrypted communication, since the public key cannot be used for decryption. All other parties must verify that a published public key belongs to its intended owner to avoid [man-in-the-middle attacks](/glossary/#man-in-the-middle-attack).
+Public-key cryptography (or asymmetric cryptography) is the opposite of [symmetric cryptography](/pt/glossary/#symmetric-cryptography). Each party has two keys (public and private). The private key must be kept secret and is used for decryption; the public key must be made public, and is used for encryption. This is the model used for encrypted communication, since the public key cannot be used for decryption. All other parties must verify that a published public key belongs to its intended owner to avoid [man-in-the-middle attacks](/pt/glossary/#man-in-the-middle-attack).
-There are several approaches to public-key cryptography. For example, some cryptosystems are based on the algebraic structure of elliptic curves over finite fields (ECC). Others are based on the difficulty of factoring the product of two large prime numbers (RSA). Public-key cryptography can also be used for [digital signatures](/glossary/#digital-signatures).
+There are several approaches to public-key cryptography. For example, some cryptosystems are based on the algebraic structure of elliptic curves over finite fields (ECC). Others are based on the difficulty of factoring the product of two large prime numbers (RSA). Public-key cryptography can also be used for [digital signatures](/pt/glossary/#digital-signatures).
To learn more, watch [this video](https://www.youtube.com/watch?v=GSIDS_lvRv4), or for a more detailed look, see [Defend Dissent: Public-Key Cryptography](https://open.oregonstate.education/defenddissent/chapter/public-key-cryptography/).
### Qubes OS
-You can think of [Qubes OS](https://www.qubes-os.org/) as Linux + [virtual machines](/glossary/#virtual-machine-vm). We [recommend](/recommendations) it as an everyday operating system for intermediate Linux users.
+You can think of [Qubes OS](https://www.qubes-os.org/) as Linux + [virtual machines](/pt/glossary/#virtual-machine-vm). We [recommend](/recommendations) it as an everyday operating system for intermediate Linux users.
### Remote attacks
-By remote attack, we mean that an adversary would access the data on your phone or laptop through an Internet or data connection. There are companies that develop and sell the ability to infect your device (usually focusing on smartphones) with [malware](/glossary/#malware) that would allow their customer (your adversary, be it a corporate or state agent) to remotely access some or all of your information. This is in contrast to a [physical attack](/glossary/#physical-attacks).
+By remote attack, we mean that an adversary would access the data on your phone or laptop through an Internet or data connection. There are companies that develop and sell the ability to infect your device (usually focusing on smartphones) with [malware](/pt/glossary/#malware) that would allow their customer (your adversary, be it a corporate or state agent) to remotely access some or all of your information. This is in contrast to a [physical attack](/pt/glossary/#physical-attacks).
For a more detailed look, see [Defend Dissent: Protecting Your Devices](https://open.oregonstate.education/defenddissent/chapter/protecting-your-devices/).
### Sandboxing
-Sandboxing is the software-based isolation of applications to mitigate system failures or vulnerabilities. For example, if an attacker hacks an application that is "sandboxed", the attacker must escape the sandbox to hack the entire system. [Virtualization](/glossary/#virtualization) is the most powerful implementation of sandboxing.
+Sandboxing is the software-based isolation of applications to mitigate system failures or vulnerabilities. For example, if an attacker hacks an application that is "sandboxed", the attacker must escape the sandbox to hack the entire system. [Virtualization](/pt/glossary/#virtualization) is the most powerful implementation of sandboxing.
### Security goal
@@ -176,11 +202,11 @@ Security goals are concepts in information security that define what needs to be
### Social engineering
-Social engineering is a general term for the psychological manipulation of people to perform actions. Social engineering doesn't depend on technology; it's quite common in everyday life. For example, children cry to manipulate their parents; commercials manipulate their viewers. In information security, [phishing](/glossary/#phishing) is a common social engineering technique.
+Social engineering is a general term for the psychological manipulation of people to perform actions. Social engineering doesn't depend on technology; it's quite common in everyday life. For example, children cry to manipulate their parents; commercials manipulate their viewers. In information security, [phishing](/pt/glossary/#phishing) is a common social engineering technique.
### Spear phishing
-Spear phishing is more sophisticated than regular [phishing](/glossary/#phishing), which casts a wide net. In spear phishing, attackers customize their forged messages and send them to a smaller number of potential victims. Spear phishing requires more research on the part of the attacker; however, the success rate of spear phishing attacks is higher than the success rate of regular phishing attacks.
+Spear phishing is more sophisticated than regular [phishing](/pt/glossary/#phishing), which casts a wide net. In spear phishing, attackers customize their forged messages and send them to a smaller number of potential victims. Spear phishing requires more research on the part of the attacker; however, the success rate of spear phishing attacks is higher than the success rate of regular phishing attacks.
### Supply-chain attack
@@ -188,49 +214,23 @@ A supply-chain attack can affect any user of hardware or software components. At
### Symmetric cryptography
-Symmetric cryptography is the opposite of [public-key cryptography](/glossary/#public-key-cryptography). Two parties need the same private key to communicate with each other. They both use this key to encrypt and decrypt data. Symmetric cryptography is faster than public-key cryptography, but you must exchange keys securely. AES is a well-known example of symmetric cryptography. This is the model used for [Full Disk Encryption](/glossary/#full-disk-encryption-fde) (e.g. used by [LUKS](/glossary/#luks) in Linux Full Disk Encryption).
-
-### Synchronous communication
-
-Unlike [asynchronous communication](/glossary/#asynchronous-communication), both parties must be online at the same time. This does not require servers for the communication and is often referred to as "peer to peer".
+Symmetric cryptography is the opposite of [public-key cryptography](/pt/glossary/#public-key-cryptography). Two parties need the same private key to communicate with each other. They both use this key to encrypt and decrypt data. Symmetric cryptography is faster than public-key cryptography, but you must exchange keys securely. AES is a well-known example of symmetric cryptography. This is the model used for [Full Disk Encryption](/pt/glossary/#full-disk-encryption-fde) (e.g. used by [LUKS](/pt/glossary/#luks) in Linux Full Disk Encryption).
### Tails
Tails is an operating system that makes secure and anonymous computer use accessible to everyone. Tails runs from a USB drive and is designed to leave no trace of your activity on your computer unless you explicitly want it to.
-Tails uses the [Tor anonymity network](/glossary/#tor-network) to protect your privacy online; all software is configured to connect to the Internet through Tor. If an application tries to connect to the Internet directly, it is automatically blocked for security reasons.
+Tails uses the [Tor anonymity network](/pt/glossary/#tor-network) to protect your privacy online; all software is configured to connect to the Internet through Tor. If an application tries to connect to the Internet directly, it is automatically blocked for security reasons.
For more information, see [Tails for Anarchists](/posts/tails).
-### Threat model
-
-Threat modeling is a family of activities for improving security by identifying a set of adversaries, [security goals](/glossary/#security-goal), and [vulnerabilities](/glossary/#vulnerability), and then defining countermeasures to prevent or mitigate the effects of threats to the system. A threat is a potential or actual undesirable event that can be malicious (such as a [DDoS attack](/glossary/#ddos-attack)) or accidental (such as a hard drive failure). Threat modeling is the deliberate activity of identifying and assessing threats and vulnerabilities.
-
-For more information, see [the No Trace Project Threat Library](https://notrace.how/threat-library/), [Defend Dissent: Digital Threats to Social Movements](https://open.oregonstate.education/defenddissent/chapter/digital-threats/) and [Defending against Surveillance and Suppression](https://open.oregonstate.education/defenddissent/chapter/surveillance-and-suppression/).
-
-### Tor network
-
-[Tor](https://www.torproject.org/) (short for The Onion Router) is an open and distributed network that helps defend against traffic analysis. Tor protects you by routing your communications through a network of relays run by volunteers around the world: it prevents someone monitoring your Internet connection from learning what sites you visit, and it prevents the operators of the sites you visit from learning your physical location.
-
-Every website visited through the Tor network passes through 3 relays. Relays are servers hosted by different people and organizations around the world. No single relay ever knows both where the encrypted connection is coming from and where it is going. An excerpt from a leaked top-secret NSA assessment calls Tor "the King of high secure, low latency Internet anonymity" with "no contenders for the throne in waiting". The Tor network can be accessed through the Tor Browser on any operating system. The [Tails](/glossary/#tails) operating system forces every program to use the Tor network when accessing the Internet.
-
-For more information, see [Tails for Anarchists](/posts/tails/#tor) and [Privacy Guides](https://www.privacyguides.org/en/advanced/tor-overview/). To understand the limitations of Tor, see the [Whonix documentation](https://www.whonix.org/wiki/Warning).
-
-### Two-Factor Authentication (2FA)
-
-Two-factor authentication (or “2FA”) is a way for a user to identify themselves to a service provider by requiring a combination of two different authentication methods. These can be something the user knows (such as a password or PIN) or something the user has (such as a hardware token or mobile phone).
-
### Virtualization
-Virtualization is a technology that creates a virtual version of something, including virtual computer hardware. A [Virtual Machine](/glossary/#virtual-machine-vm) takes advantage of this technology.
+Virtualization is a technology that creates a virtual version of something, including virtual computer hardware. A [Virtual Machine](/pt/glossary/#virtual-machine-vm) takes advantage of this technology.
### Virtual Machine (VM)
-A virtual machine is a [virtualization](/glossary/#virtualization)/emulation of a computer system. Virtual machines are based on computer architectures and provide the functionality of a physical computer. This can provide the security benefit of [sandboxing](/glossary/#sandboxing). [Qubes OS](/glossary/#qubes-os) consists of VMs that [run directly on the hardware](https://www.qubes-os.org/faq/#how-does-qubes-os-compare-to-running-vms-in-a-conventional-os) (referred to as "bare metal"). According to the Qubes project, "virtualization is currently the only practically viable approach to implementing strong isolation while simultaneously providing compatibility with existing applications and drivers."
-
-### VoIP (Voice over Internet Protocol)
-
-Google Voice is a well-known and insecure VoIP service; this technology routes your calls over the Internet (as Signal does) instead of using standard cell tower transmission. Unlike Signal, VoIP allows you to receive calls from anyone, not just other Signal users. The advantage of using VoIP for calls over a data plan is that you can create different numbers for different activities (one for bills, one for signing up for a Signal account, etc.), and you never need to turn off Airplane mode. The advantage of using a data plan instead is that you can use it away from Wi-Fi, at the cost of geolocation (i.e. it will be possible for your service provider and possibly other parties to know where your device is at any given time).
+A virtual machine is a [virtualization](/pt/glossary/#virtualization)/emulation of a computer system. Virtual machines are based on computer architectures and provide the functionality of a physical computer. This can provide the security benefit of [sandboxing](/pt/glossary/#sandboxing). [Qubes OS](/pt/glossary/#qubes-os) consists of VMs that [run directly on the hardware](https://www.qubes-os.org/faq/#how-does-qubes-os-compare-to-running-vms-in-a-conventional-os) (referred to as "bare metal"). According to the Qubes project, "virtualization is currently the only practically viable approach to implementing strong isolation while simultaneously providing compatibility with existing applications and drivers."
### VPN (Virtual Private Network)
@@ -240,14 +240,14 @@ In other words, it is a technology that essentially makes it appear that you are
It is important to emphasize this to cut through the widespread marketing hype; [a VPN is not enough to keep you anonymous](https://www.ivpn.net/privacy-guides/will-a-vpn-protect-me/). Using a VPN can be thought of as simply shifting your trust from a local Internet Service Provider which is guaranteed to be a snitch to a remote company that claims to limit its ability to effectively snitch on you.
-For more information, see [Privacy Guides](https://www.privacyguides.org/en/basics/vpn-overview/), and for an excellent comparison of a VPN and [Tor](/glossary/#tor-network), see [Defend Dissent: Anonymous Routing](https://open.oregonstate.education/defenddissent/chapter/anonymous-routing/).
+For more information, see [Privacy Guides](https://www.privacyguides.org/en/basics/vpn-overview/), and for an excellent comparison of a VPN and [Tor](/pt/glossary/#tor-network), see [Defend Dissent: Anonymous Routing](https://open.oregonstate.education/defenddissent/chapter/anonymous-routing/).
### Vulnerability
-Vulnerabilities are [exploitable](/glossary/#exploit) security flaws in software or hardware. Well-known vulnerabilities have names like Heartbleed, Shellshock, Spectre, or Stagefright and at least one [CVE](/glossary/#cve) identifier. Vulnerabilities don't always have exploits. A popular vulnerability severity rating system is [CVSS](https://en.wikipedia.org/wiki/Common_Vulnerability_Scoring_System).
+Vulnerabilities are [exploitable](/pt/glossary/#exploit) security flaws in software or hardware. Well-known vulnerabilities have names like Heartbleed, Shellshock, Spectre, or Stagefright and at least one [CVE](/pt/glossary/#cve) identifier. Vulnerabilities don't always have exploits. A popular vulnerability severity rating system is [CVSS](https://en.wikipedia.org/wiki/Common_Vulnerability_Scoring_System).
### Zero-day exploit
-A zero-day [exploit](/glossary/#exploit) is unknown to the public, the vendor, or other parties that would normally mitigate it. As a result, it is extremely powerful and highly valued. Governments can either develop their own zero-day exploits or purchase them from a [zero-day broker](https://www.wired.com/story/untold-history-americas-zero-day-market/).
+A zero-day [exploit](/pt/glossary/#exploit) is unknown to the public, the vendor, or other parties that would normally mitigate it. As a result, it is extremely powerful and highly valued. Governments can either develop their own zero-day exploits or purchase them from a [zero-day broker](https://www.wired.com/story/untold-history-americas-zero-day-market/).
diff --git a/content/posts/_index.pt.md b/content/posts/_index.pt.md
index e4bddf8..aab04af 100644
--- a/content/posts/_index.pt.md
+++ b/content/posts/_index.pt.md
@@ -1,6 +1,7 @@
+++
-title = "Guides"
+title = "Guias"
sort_by = "date"
paginate_by = 10
+description = "Outros guias disponíveis em Inglês."
aliases = ["/pt/posts/e2ee/","/pt/posts/grapheneos/","/pt/posts/linux/","/pt/posts/metadata/","/pt/posts/qubes/","/pt/posts/tails/","/pt/posts/tails-best/","/pt/posts/tamper/"]
+++
diff --git a/content/posts/nophones/index.pt.md b/content/posts/nophones/index.pt.md
index 463dc75..41a9da7 100644
--- a/content/posts/nophones/index.pt.md
+++ b/content/posts/nophones/index.pt.md
@@ -24,13 +24,13 @@ Em uma [recente operação repressiva](https://www.notrace.how/resources/pt-BR/#
Se você deixa seu celular em casa, a polícia vai precisar recorrer a vigilância física para determinar seu paradeiro, algo que consome muito mais recursos e é detectável. Se você for posto sob vigilância física, o primeiro passo dos investigadores é entender seu “perfil de movimento”, e o histórico da geolocalização do seu telefone oferece um retrato detalhado de seus padrões diários.
-Alguns anarquistas respondem a problemas com smartphones usando celulares flip ou telefones fixos para se comunicarem uns com os outros, mas essas não são boas soluções. Celulares flip e telefones fixos não suportam [comunicação criptografada](/pt/glossary/#end-to-end-encryption-e2ee), então o Estado descobre quem está falando com quem e sobre o que. Um dos principais objetivos da vigilância direcionada é mapear os círculos sociais do alvo para identificar outros alvos. A única forma de evitar entregar estas informações para nossos inimigos é usar somente [meios criptografados](/posts/e2ee/) para comunicação com outros anarquistas, quando ela for mediada por tecnologias.
+Alguns anarquistas respondem a problemas com smartphones usando celulares flip ou telefones fixos para se comunicarem uns com os outros, mas essas não são boas soluções. Celulares flip e telefones fixos não suportam [comunicação criptografada](/pt/glossary/#criptografia-de-ponta-a-ponta), então o Estado descobre quem está falando com quem e sobre o que. Um dos principais objetivos da vigilância direcionada é mapear os círculos sociais do alvo para identificar outros alvos. A única forma de evitar entregar estas informações para nossos inimigos é usar somente [meios criptografados](/posts/e2ee/) para comunicação com outros anarquistas, quando ela for mediada por tecnologias.
-A normalização da conectividade constante dentro da sociedade dominante levou alguns anarquistas a perceberem corretamente que [metadados](/pt/glossary/#metadata) são úteis para investigadores. Entretanto, a conclusão a que alguns chegam, de que deveríamos [“nunca desligar o telefone”](https://web.archive.org/web/20210126183740/https://325.nostate.net/2018/11/09/never-turn-off-the-phone-a-new-approach-to-security-culture), nos leva na direção contrária. A lógica deles é que suas interações com tecnologia formam um padrão básico de metadados, e os momentos que se desviam desta base se tornam suspeitos se coincidem com quando certas ações acontecem, que estes metadados podem ser usados por investigadores para chegar até os suspeitos. Por mais que seja verdade, a conclusão oposta tem muito mais sentido: anarquistas deveriam minimizar a criação de padrões de metadados acessíveis e úteis a investigadores.
+A normalização da conectividade constante dentro da sociedade dominante levou alguns anarquistas a perceberem corretamente que [metadados](/pt/glossary/#metadados) são úteis para investigadores. Entretanto, a conclusão a que alguns chegam, de que deveríamos [“nunca desligar o telefone”](https://web.archive.org/web/20210126183740/https://325.nostate.net/2018/11/09/never-turn-off-the-phone-a-new-approach-to-security-culture), nos leva na direção contrária. A lógica deles é que suas interações com tecnologia formam um padrão básico de metadados, e os momentos que se desviam desta base se tornam suspeitos se coincidem com quando certas ações acontecem, que estes metadados podem ser usados por investigadores para chegar até os suspeitos. Por mais que seja verdade, a conclusão oposta tem muito mais sentido: anarquistas deveriam minimizar a criação de padrões de metadados acessíveis e úteis a investigadores.
Nossas conexões com as infraestruturas de dominação devem permanecer opacas e imprevisíveis se pretendemos manter a habilidade de atacar o inimigo. E se reconhecimento de terreno exigido por uma ação envolver um fim de semana inteiro longe de nossos dispositivos eletrônicos? Vamos começar com o simples fato de que celulares devem ser deixados em casa durante uma ação – isso só se torna uma anomalia em um padrão se celulares te acompanham onde quer que você vá. Em uma vida normativamente “sempre conectada”, ambas mudanças de metadados se destacariam rapidamente, mas não é o caso se você se recusar a estar constantemente plugado. **Para minimizar suas pegadas de metadados, você deve se acostumar a deixar o celular em casa.**
-Celulares colonizaram a vida cotidiana, pois as pessoas foram incutidas com a crença de que elas precisam de comunicação *síncrona* a todo momento. [Sincronismo](/pt/glossary/#synchronous-communication) significa que duas ou mais partes se comunicam em tempo real, em oposição a algo [assíncrono](/pt/glossary/#asynchronous-communication) como e-mail, onde mensagens são enviadas em momentos diferentes. Essa “necessidade” foi normalizada, mas vale a pena resistir a ela dentro de espaços anarquistas. [O anarquismo só pode ser anti-industrial](https://theanarchistlibrary.org/library/bismuto-beyond-the-moment#toc1). Precisamos aprender a viver sem as conveniências vendidas pelas empresas de telecomunicação, devemos defender (ou reavivar) nossa habilidade de viver sem estarmos conectados a Internet a todo momento, sem instruções algorítmicas em tempo real, e em a flexibilidade infinita de mudar de planos no último minuto.
+Celulares colonizaram a vida cotidiana, pois as pessoas foram incutidas com a crença de que elas precisam de comunicação *síncrona* a todo momento. [Sincronismo](/pt/glossary/#comunicacao-sincronica) significa que duas ou mais partes se comunicam em tempo real, em oposição a algo [assíncrono](/pt/glossary/#comunicacao-assincrona) como e-mail, onde mensagens são enviadas em momentos diferentes. Essa “necessidade” foi normalizada, mas vale a pena resistir a ela dentro de espaços anarquistas. [O anarquismo só pode ser anti-industrial](https://theanarchistlibrary.org/library/bismuto-beyond-the-moment#toc1). Precisamos aprender a viver sem as conveniências vendidas pelas empresas de telecomunicação, devemos defender (ou reavivar) nossa habilidade de viver sem estarmos conectados a Internet a todo momento, sem instruções algorítmicas em tempo real, e em a flexibilidade infinita de mudar de planos no último minuto.
Se você decidir usar um celular, para dificultar o máximo possível que um adversário o geolocalize, intercepte suas mensagens, ou o raqueie, use [GrapheneOS](/posts/grapheneos/). Se conseguirmos concordar em **usar somente [comunicação criptografada](/posts/e2ee/) para nos comunicarmos com outros anarquistas**, isso exclui os celulares de flip e telefones fixos. GrapheneOS é o único sistema operacional de smartphone que oferece um nível aceitável de segurança e privacidade.
@@ -44,7 +44,7 @@ Muitas instituições burocráticas que somos forçados a conviver, dificultam u
Qualquer aplicativo VoIP disponível em um computador é assíncrono pois ele não toca quando o computador está desligado — você precisa do recuro de correio de voz para retornar ligações perdidas. Por exemplo, um serviço como [jmp.chat](https://www.kicksecure.com/wiki/Mobile_Phone_Security#Phone_Number_Registration_Unlinked_to_SIM_Card) te dá um número VoIP, que você pode pagar com Bitcoin, e você faz chamadas usando um aplicativo XMPP — [Cheogram](https://cheogram.com/) funciona bem.
-VoIP geralmente funciona para qualquer [autenticação de dois fatores](/pt/glossary/#two-factor-authentication-2fa) (2FA) que você precisar (quando um serviço exige que você recebe uma número aleatório para fazer login). [Números de telefone online](https://anonymousplanet.org/guide.html#online-phone-number) são outra opção.
+VoIP geralmente funciona para qualquer [autenticação de dois fatores](/pt/glossary/#autenticacao-de-dois-fatores-2fa) (2FA) que você precisar (quando um serviço exige que você recebe uma número aleatório para fazer login). [Números de telefone online](https://anonymousplanet.org/guide.html#online-phone-number) são outra opção.
Apesar de geralmente mais caro do que VoIP, um celular de flip ou linha fixa dedicada exclusivamente a isso também funciona bem para recepção de chamadas “burocráticas”, como as mencionadas anteriormente.
@@ -56,7 +56,7 @@ Usar uma “linha fixa criptografada” para fazer telefonemas e um computador p
Todos sairíamos ganhando se déssemos uma boa e longe olhada na monocultura de chats em grupo do Signal que foram substituídos por encontros cara a cara em algumas partes dos espaços anarquistas. Essa captura da organização de relacionamentos por celular nos trancafia numa reunião que nunca acaba e é relativamente fácil de se monitorar.
-Dito isso, comunicação criptografada pode ser útil para determinar uma data e hora para um encontro, ou para projetos compartilhados através de distâncias. Veja, [Encrypted Messaging for Anarchists](/posts/e2ee/) para várias opções apropriadas para um [modelo de ameaça](/pt/glossary/#threat-model) anarquista.
+Dito isso, comunicação criptografada pode ser útil para determinar uma data e hora para um encontro, ou para projetos compartilhados através de distâncias. Veja, [Encrypted Messaging for Anarchists](/posts/e2ee/) para várias opções apropriadas para um [modelo de ameaça](/pt/glossary/#modelagem-de-ameacas) anarquista.
## Chamadas de Emergência
diff --git a/content/recommendations/_index.pt.md b/content/recommendations/_index.pt.md
index 54af7ab..4e95f51 100644
--- a/content/recommendations/_index.pt.md
+++ b/content/recommendations/_index.pt.md
@@ -1,35 +1,35 @@
+++
-title = "Recommendations"
+title = "Recomendações"
sort_by = "date"
paginate_by = 5
+++
-As anarchists, we must defend ourselves against police and intelligence agencies that conduct [targeted digital surveillance](https://notrace.how/threat-library/techniques/targeted-digital-surveillance.html) for the purposes of [incrimination](https://notrace.how/threat-library/tactics/incrimination.html) and [network mapping](https://notrace.how/threat-library/techniques/network-mapping.html). Our goal is to obscure the State's visibility into our lives and projects. Our recommendations are intended for all anarchists, and they are accompanied by guides to put the advice into practice.
+Como anarquistas, nós devemos nos defender da polícia e agências de inteligência que conduzem [vigilância digital individualizada](https://notrace.how/threat-library/techniques/targeted-digital-surveillance.html) para os propósitos de [incriminação](https://notrace.how/threat-library/tactics/incrimination.html) e [mapeamento de redes de contatos](https://notrace.how/threat-library/techniques/network-mapping.html). Nosso objetivo é atrapalhar a capacidade do Estado de vigiar nossas vidas e projetos. Nossas recomendações são direcionadas a todos anarquistas, e são acompanhadas de guias e conselhos práticos.
-We agree with the conclusion of an overview of [targeted surveillance measures in France](https://actforfree.noblogs.org/post/2023/07/24/number-of-the-day-89502-preventive-surveillance-measures-france/): "So let’s be clear about our responsibilities: if we knowingly bring a networked device equipped with a microphone and/or a camera (cell phone, baby monitor, computer, car GPS, networked watch, etc.) close to a conversation in which “private or confidential words are spoken” and must remain so, even if it's switched off, we become a potential state informer…"
+Nós concordamos com a conclusão da análise sobre [vigilância digital individualizada na França](https://actforfree.noblogs.org/post/2023/07/24/number-of-the-day-89502-preventive-surveillance-measures-france/): "Sejamos claros sobre nossas responsabilidades: se nós nós conscientemente levamos um dispositivo equipado com microfone e/ou câmera (celular, babá eletrônica, computador, carro com gps, relógio ligado a internet), mesmo que desligados, para uma conversa na qual 'se fazem comentários e se usam palavras secretas e confidenciais' que devem permanecer secretas, nós nos tornamos possíveis informantes estatais..."
-You may also be interested in the Threat Library's ["Digital Best Practices"](https://www.notrace.how/threat-library/mitigations/digital-best-practices.html).
+Você talvez se interesse pelas ["Boas Práticas Digitais"](https://www.notrace.how/threat-library/mitigations/digital-best-practices.html) da nossa Biblioteca de Ameaças.
-## Your Phone
+## Seu Telefone
->**[Operating system](/glossary#operating-system-os)**: **GrapheneOS** is the only reasonably secure choice for cell phones. See [GrapheneOS for Anarchists](/posts/grapheneos/). If you decide to have a phone, treat it like an "encrypted landline" and leave it at home when you are out of the house. See [Kill the Cop in Your Pocket](/posts/nophones/).
+>**[Sistema Operacional](/pt/glossary#sistemas-operacionais-os)**: **GrapheneOS** é a única opção relmente segura para celulares. Veja [GrapheneOS for Anarchists](/posts/grapheneos/). Se você decidir ter um celular, trate-o como uma “linha telefônica criptografada fixa” e deixe-o em casa quando for sair. Vide [Mate o Policial no seu Bolso](/pt/posts/nophones/).
-## Your Computer
+## Seu computador
->**[Operating system](/glossary#operating-system-os)**: **Tails** is unparalleled for sensitive computer use (writing and sending communiques, moderating a sketchy website, researching for actions, reading articles that may be criminalized, etc.). Tails runs from a USB drive and is designed with the anti-forensic property of leaving no trace of your activity on your computer, as well as forcing all Internet connections through the [Tor network](/glossary#tor-network). See [Tails for Anarchists](/posts/tails/) and [Tails Best Practices](/posts/tails-best/).
+>**[Sistema Operacional](/pt/glossary#sistemas-operacionais-os)**: Não há nada que se compare ao **Tails**, para o manejo de informações sensíveis no computador (escrever e enviar comunicados, moderar um site suspeito, pesquisar para açõs, ler artigos que talvez venham a ser criminalizados, etc.). O Tails opera a partir de um USB e foi criado com uma propriedade anti-forense que o permite não deixar rastros no seu computador, assim como forçar que todas as conexões da internet aconteçam pela rede [Tor](/pt/glossary#rede-tor). Veja [Tails for Anarchists](/posts/tails/) e [Tails Best Practices](/posts/tails-best/).
->**[Operating system](/glossary#operating-system-os)**: **Qubes OS** has better security than Tails for many use cases, but has a steeper learning curve and no anti-forensic features. However, it is accessible enough for journalists and other non-technical users. Basic knowledge of using Linux is required — see [Linux Essentials](/posts/linux). Qubes OS can even run Windows programs such as Adobe InDesign, but much more securely than a standard Windows computer. See [Qubes OS for Anarchists](/posts/qubes/).
+>**[Sistema Operacional](/pt/glossary#sistemas-operacionais-os)**: **Qubes OS** para muitos usos de caso, tem uma segurança melhor que o Tails, mas sua curva de aprendizado é mais fechada e nenhuma ferramenta anti-forense. De todo modo é acessível o suficiente para jornalistas e outros usuários não técnicos. Conhecimento básico de Linux é necessário — veja a sessão de [Linux Essentials](/posts/linux). Qubes OS consegue até mesmo rodar alguns programas do Windows como Adobe InDesign, mas de forma muito mais segura. Vide [Qubes OS for Anarchists](/posts/qubes/).
-See [When to Use Tails vs. Qubes OS](/posts/qubes/#when-to-use-tails-vs-qubes-os). We do not offer "harm reduction" advice for Windows or macOS computers, as this is already widespread and gives a false sense of privacy and security.
+Veja quando [When to Use Tails vs. Qubes OS](/posts/qubes/#when-to-use-tails-vs-qubes-os). Nós não oferecemos dicas de “redução de danos” para o Windows ou macOS, já que esse tipo de material tende a ser popular e dá a falsa sensação de privacidade e segurança.
-## Encrypted Messaging
+## Mensagens Criptografadas
-See [Encrypted Messaging for Anarchists](/posts/e2ee/)
+Veja [Encrypted Messaging for Anarchists](/posts/e2ee/)
-## Storing Electronic Devices
+## Armazenando Dispositivos Eletrônicos
-See [Make Your Electronics Tamper-Evident](/posts/tamper/).
+Veja [Make Your Electronics Tamper-Evident](/posts/tamper/).
diff --git a/content/search/_index.pt.md b/content/search/_index.pt.md
index fb1bc1b..43e87c5 100644
--- a/content/search/_index.pt.md
+++ b/content/search/_index.pt.md
@@ -1,15 +1,15 @@
+++
-title = "Search"
+title = "Busca"
sort_by = "date"
paginate_by = 5
+++
-The search feature uses the external search engine DuckDuckGo.
+A ferramenta de busca faz buscas externas com a engine DuckDuckGo.
diff --git a/content/series/_index.pt.md b/content/series/_index.pt.md
index 5b3559f..c7b6cb3 100644
--- a/content/series/_index.pt.md
+++ b/content/series/_index.pt.md
@@ -1,5 +1,5 @@
+++
-title = "Series"
+title = "Séries"
description = ""
sort_by = "date"
paginate_by = 5
@@ -9,7 +9,7 @@ paginate_by = 5
AnarSec é um material criado para ajudar anarquistes navegarem o terreno hostil da tecnologia — guias defensivos para segurança digital e anonimidade, assim como guias ofensivos para hackeamentos. Todos os guias estão disponíveis em formato de livreto para impressão e serão mantidos atualizados.
-## Defensive
+## Defensivo
### Tails
* [Tails for Anarchists](/posts/tails/)
@@ -18,18 +18,18 @@ AnarSec é um material criado para ajudar anarquistes navegarem o terreno hostil
### Qubes OS
* [Qubes OS for Anarchists](/posts/qubes/)
-### Phones
+### Telefones
* [**Mate o Policial no seu Bolso**](/pt/posts/nophones/)
* [GrapheneOS for Anarchists](/posts/grapheneos/)
-### General
+### Geral
* [Linux Essentials](/posts/linux/)
* [Remove Identifying Metadata From Files](/posts/metadata/)
* [Encrypted Messaging for Anarchists](/posts/e2ee/)
* [Make Your Electronics Tamper-Evident](/posts/tamper/)
-## Offensive
+## Ofensiva
-*Coming soon*
+*Em Breve*
diff --git a/layout/anarsec_article.typ b/layout/anarsec_article.typ
index c2ce6e4..7ca28ce 100644
--- a/layout/anarsec_article.typ
+++ b/layout/anarsec_article.typ
@@ -58,6 +58,9 @@
#if lang == "ru" [
#text(18pt)[Серии: #category]
]
+ #if lang == "pt" [
+ #text(18pt)[Séries: #category]
+ ]
]
]
@@ -92,6 +95,13 @@
#text()[Символ #super[†] означает, что этот термин есть в словаре. Ai ferri corti.]
]
+ #if lang == "pt" [
+ #set align(center + bottom)
+
+ #text()[Essa versão do zine foi editada por último em #lastediteddate. Visite anarsec.guide/pt para consultar possíveis atualizações.]
+
+ #text()[O símbolo de adaga #super[†] significa que ela tem uma entrada no glossário. Ai ferri corti.]
+ ]
]
// set headings
@@ -142,6 +152,9 @@
else if lang == "ru" {
rec = "Приложение: Рекомендации"
}
+ else if lang == "pt" {
+ rec = "Apêndice: Recomendações"
+ }
let glossaryFootnote = state("x", [#footnote[anarsec.guide/glossary]])
show link: it => {
it.body
diff --git a/layout/python/anarsec_article_to_pdf.py b/layout/python/anarsec_article_to_pdf.py
index 9b79272..dd8d4ce 100644
--- a/layout/python/anarsec_article_to_pdf.py
+++ b/layout/python/anarsec_article_to_pdf.py
@@ -145,7 +145,7 @@ class Converter:
if self.post_lang == 'el':
markdown_content += f"\n\n# Παράρτημα: Προτάσεις\n\n{recommendations}\n\n"
if self.post_lang == 'pt':
- markdown_content += f"\n\n# Appendix: Recommendations\n\n{recommendations}\n\n"
+ markdown_content += f"\n\n# Apêndice: Recomendações\n\n{recommendations}\n\n"
if self.post_lang == 'ru':
markdown_content += f"\n\n# Приложение: Рекомендации\n\n{recommendations}\n\n"
@@ -170,7 +170,7 @@ class Converter:
if self.post_lang == 'el':
markdown_content += "\n\n# Παράρτημα: Γλωσσάρι\n\n"
if self.post_lang == 'pt':
- markdown_content += "\n\n# Appendix: Glossary\n\n"
+ markdown_content += "\n\n# Apêndice: Glossário\n\n"
if self.post_lang == 'ru':
markdown_content += "\n\n# Приложение: Словарь\n\n"
for entry, entry_content in glossary.items():
@@ -215,6 +215,11 @@ class Converter:
category = 'Защита'
if category == 'Offensive':
category = 'Нападение'
+ if self.post_lang == 'pt':
+ if category == 'Defensive':
+ category = 'Defensivo'
+ if category == 'Offensive':
+ category = 'Ofensiva'
# Build the full typst file
full_typst_path = pathlib.Path(workingDirectory) / f"{self.post_id}-full.typ"