# SOME DESCRIPTIVE TITLE. # Copyright (C) Micah Lee, et al. # This file is distributed under the same license as the OnionShare package. # FIRST AUTHOR , 2020. # msgid "" msgstr "" "Project-Id-Version: OnionShare 2.3\n" "Report-Msgid-Bugs-To: onionshare-dev@lists.riseup.net\n" "POT-Creation-Date: 2020-12-13 15:48-0800\n" "PO-Revision-Date: 2023-04-13 06:53+0000\n" "Last-Translator: jxt \n" "Language-Team: zh_TW \n" "Language: zh_TW\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=1; plural=0;\n" "X-Generator: Weblate 4.17-dev\n" "Generated-By: Babel 2.9.0\n" #: ../../source/security.rst:2 msgid "Security Design" msgstr "安全設計" #: ../../source/security.rst:4 msgid "Read :ref:`how_it_works` first to get a handle on how OnionShare works." msgstr "首先閱讀:ref:`how_it_works` 來了解基礎的 OnionShare 運作原理。" #: ../../source/security.rst:6 msgid "Like all software, OnionShare may contain bugs or vulnerabilities." msgstr "就像所有的應用程式,OnionShare 可能有錯誤或弱點。" #: ../../source/security.rst:9 msgid "What OnionShare protects against" msgstr "OnionShare 可保護的東西" #: ../../source/security.rst:11 msgid "" "**Third parties don't have access to anything that happens in " "OnionShare.** Using OnionShare means hosting services directly on your " "computer. When sharing files with OnionShare, they are not uploaded to " "any server. If you make an OnionShare chat room, your computer acts as a " "server for that too. This avoids the traditional model of having to trust" " the computers of others." msgstr "" #: ../../source/security.rst:13 msgid "" "**Network eavesdroppers can't spy on anything that happens in OnionShare " "in transit.** The connection between the Tor onion service and Tor " "Browser is end-to-end encrypted. This means network attackers can't " "eavesdrop on anything except encrypted Tor traffic. Even if an " "eavesdropper is a malicious rendezvous node used to connect the Tor " "Browser with OnionShare's onion service, the traffic is encrypted using " "the onion service's private key." msgstr "" "**網路竊聽者無法偵察 OnionShare 傳輸中發生的情況。** Tor 洋蔥服務與 Tor " "瀏覽器之間的連接為端到端加密,這代表 網路攻擊者除了加密的 Tor " "流量無法竊聽任何東西,即便攻擊者是 Tor 瀏覽器與 OnionShare " "洋蔥服務連接的惡意會合節點,其流量也使用洋蔥服務私鑰加密。" #: ../../source/security.rst:15 msgid "" "**Anonymity of OnionShare users are protected by Tor.** OnionShare and " "Tor Browser protect the anonymity of the users. As long as the OnionShare" " user anonymously communicates the OnionShare address with the Tor " "Browser users, the Tor Browser users and eavesdroppers can't learn the " "identity of the OnionShare user." msgstr "" "**OnionShare 使用者的匿名受到 Tor 保護。** OnionShare 與 Tor " "瀏覽器保護使用者匿名,只要使用 OnionShare 地址與 Tor 瀏覽器進行匿名通訊,Tor " "瀏覽器使用者與竊聽者無法知道 OnionShare 使用者的身份。" #: ../../source/security.rst:17 msgid "" "**If an attacker learns about the onion service, it still can't access " "anything.** Prior attacks against the Tor network to enumerate onion " "services allowed the attacker to discover private .onion addresses. If an" " attack discovers a private OnionShare address, a password will be " "prevent them from accessing it (unless the OnionShare user chooses to " "turn it off and make it public). The password is generated by choosing " "two random words from a list of 6800 words, making 6800², or about 46 " "million possible passwords. Only 20 wrong guesses can be made before " "OnionShare stops the server, preventing brute force attacks against the " "password." msgstr "" #: ../../source/security.rst:20 msgid "What OnionShare doesn't protect against" msgstr "OnionShare 無法保護的部份" #: ../../source/security.rst:22 msgid "" "**Communicating the OnionShare address might not be secure.** " "Communicating the OnionShare address to people is the responsibility of " "the OnionShare user. If sent insecurely (such as through an email message" " monitored by an attacker), an eavesdropper can tell that OnionShare is " "being used. If the eavesdropper loads the address in Tor Browser while " "the service is still up, they can access it. To avoid this, the address " "must be communicateed securely, via encrypted text message (probably with" " disappearing messages enabled), encrypted email, or in person. This " "isn't necessary when using OnionShare for something that isn't secret." msgstr "" #: ../../source/security.rst:24 msgid "" "**Communicating the OnionShare address might not be anonymous.** Extra " "precautions must be taken to ensure the OnionShare address is " "communicated anonymously. A new email or chat account, only accessed over" " Tor, can be used to share the address. This isn't necessary unless " "anonymity is a goal." msgstr "" #~ msgid "" #~ "**Third parties don't have access to " #~ "anything that happens in OnionShare.** " #~ "When you use OnionShare, you host " #~ "services directly on your computer. For" #~ " example, when you share files with" #~ " OnionShare, you don't upload these " #~ "files to any server, and when you" #~ " start an OnionShare chat room, your" #~ " computer is the chat room server " #~ "itself. Traditional ways of sharing " #~ "files or setting up websites and " #~ "chat rooms require trusting a service" #~ " with access to your data." #~ msgstr "" #~ msgid "" #~ "**Network eavesdroppers can't spy on " #~ "anything that happens in OnionShare in" #~ " transit.** Because connections between Tor" #~ " onion services and Tor Browser are" #~ " end-to-end encrypted, no network " #~ "attackers can eavesdrop on what happens" #~ " in an OnionShare service. If the " #~ "eavesdropper is positioned on the " #~ "OnionShare user's end, the Tor Browser" #~ " user's end, or is a malicious " #~ "Tor node, they will only see Tor" #~ " traffic. If the eavesdropper is a" #~ " malicious rendezvous node used to " #~ "connect Tor Browser with OnionShare's " #~ "onion service, the traffic will be " #~ "encrypted using the onion service key." #~ msgstr "" #~ msgid "" #~ "**If an attacker learns about the " #~ "onion service, they still can't access" #~ " anything.** There have been attacks " #~ "against the Tor network that can " #~ "enumerate onion services. Even if " #~ "someone discovers the .onion address of" #~ " an OnionShare onion service, they " #~ "can't access it without also knowing " #~ "the service's random password (unless, " #~ "of course, the OnionShare users chooses" #~ " to disable the password and make " #~ "it public). The password is generated" #~ " by choosing two random words from" #~ " a list of 6800 words, meaning " #~ "there are 6800^2, or about 46 " #~ "million possible password. But they can" #~ " only make 20 wrong guesses before" #~ " OnionShare stops the server, preventing" #~ " brute force attacks against the " #~ "password." #~ msgstr "" #~ msgid "" #~ "**Communicating the OnionShare address might" #~ " not be secure.** The OnionShare user" #~ " is responsible for securely communicating" #~ " the OnionShare address with people. " #~ "If they send it insecurely (such " #~ "as through an email message, and " #~ "their email is being monitored by " #~ "an attacker), the eavesdropper will " #~ "learn that they're using OnionShare. If" #~ " the attacker loads the address in" #~ " Tor Browser before the legitimate " #~ "recipient gets to it, they can " #~ "access the service. If this risk " #~ "fits the user's threat model, they " #~ "must find a more secure way to " #~ "communicate the address, such as in " #~ "an encrypted email, chat, or voice " #~ "call. This isn't necessary in cases " #~ "where OnionShare is being used for " #~ "something that isn't secret." #~ msgstr "" #~ msgid "" #~ "**Communicating the OnionShare address might" #~ " not be anonymous.** While OnionShare " #~ "and Tor Browser allow for anonymity, " #~ "if the user wishes to remain " #~ "anonymous they must take extra steps " #~ "to ensure this while communicating the" #~ " OnionShare address. For example, they " #~ "might need to use Tor to create" #~ " a new anonymous email or chat " #~ "account, and only access it over " #~ "Tor, to use for sharing the " #~ "address. This isn't necessary in cases" #~ " where there's no need to protect " #~ "anonymity, such as co-workers who " #~ "know each other sharing work documents." #~ msgstr "" #~ msgid "" #~ "**If an attacker learns about the " #~ "onion service, it still can't access " #~ "anything.** Prior attacks against the " #~ "Tor network to enumerate onion services" #~ " allowed the attacker to discover " #~ "private .onion addresses. If an attack" #~ " discovers a private OnionShare address," #~ " a password will be prevent them " #~ "from accessing it (unless the OnionShare" #~ " user chooses to turn it off " #~ "and make it public).. The password " #~ "is generated by choosing two random " #~ "words from a list of 6800 words," #~ " making 6800^2, or about 46 million" #~ " possible passwords. Only 20 wrong " #~ "guesses can be made before OnionShare" #~ " stops the server, preventing brute " #~ "force attacks against the password." #~ msgstr "" #~ msgid "" #~ "**Communicating the OnionShare address might" #~ " not be anonymous.** Extra steps must" #~ " be taken to ensure the OnionShare" #~ " address is communicated anonymously. A " #~ "new email or chat account, only " #~ "accessed over Tor, can be used to" #~ " share the address. This isn't " #~ "necessary unless anonymity is a goal." #~ msgstr ""