# SOME DESCRIPTIVE TITLE. # Copyright (C) Micah Lee, et al. # This file is distributed under the same license as the OnionShare package. # FIRST AUTHOR , 2020. # msgid "" msgstr "" "Project-Id-Version: OnionShare 2.3\n" "Report-Msgid-Bugs-To: onionshare-dev@lists.riseup.net\n" "POT-Creation-Date: 2020-12-13 15:48-0800\n" "PO-Revision-Date: 2023-04-15 05:52+0000\n" "Last-Translator: jxt \n" "Language-Team: zh_TW \n" "Language: zh_TW\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=1; plural=0;\n" "X-Generator: Weblate 4.17-dev\n" "Generated-By: Babel 2.9.0\n" #: ../../source/security.rst:2 msgid "Security Design" msgstr "安全設計" #: ../../source/security.rst:4 msgid "Read :ref:`how_it_works` first to get a handle on how OnionShare works." msgstr "首先閱讀:ref:`how_it_works` 來了解基礎的 OnionShare 運作原理。" #: ../../source/security.rst:6 msgid "Like all software, OnionShare may contain bugs or vulnerabilities." msgstr "就像所有的應用程式,OnionShare 可能有錯誤或弱點。" #: ../../source/security.rst:9 msgid "What OnionShare protects against" msgstr "OnionShare 保護與防止" #: ../../source/security.rst:11 msgid "" "**Third parties don't have access to anything that happens in OnionShare.** " "Using OnionShare means hosting services directly on your computer. When " "sharing files with OnionShare, they are not uploaded to any server. If you " "make an OnionShare chat room, your computer acts as a server for that too. " "This avoids the traditional model of having to trust the computers of others." msgstr "" #: ../../source/security.rst:13 ../../source/security.rst:17 msgid "" "**Network eavesdroppers can't spy on anything that happens in OnionShare in " "transit.** The connection between the Tor onion service and Tor Browser is " "end-to-end encrypted. This means network attackers can't eavesdrop on " "anything except encrypted Tor traffic. Even if an eavesdropper is a " "malicious rendezvous node used to connect the Tor Browser with OnionShare's " "onion service, the traffic is encrypted using the onion service's private " "key." msgstr "" "**網路竊聽者無法偵察 OnionShare 傳輸中發生的情況。** Tor 洋蔥服務與 Tor 瀏覽" "器之間的連接為端到端加密,這代表 網路攻擊者除了加密的 Tor 流量無法竊聽任何東" "西,即便攻擊者是 Tor 瀏覽器與 OnionShare 洋蔥服務連接的惡意會合節點,其流量也" "使用洋蔥服務私鑰加密。" #: ../../source/security.rst:15 ../../source/security.rst:23 msgid "" "**Anonymity of OnionShare users are protected by Tor.** OnionShare and Tor " "Browser protect the anonymity of the users. As long as the OnionShare user " "anonymously communicates the OnionShare address with the Tor Browser users, " "the Tor Browser users and eavesdroppers can't learn the identity of the " "OnionShare user." msgstr "" "**OnionShare 使用者的匿名受到 Tor 保護。** OnionShare 與 Tor 瀏覽器保護使用者" "匿名,只要使用 OnionShare 地址與 Tor 瀏覽器進行匿名通訊,Tor 瀏覽器使用者與竊" "聽者無法知道 OnionShare 使用者的身份。" #: ../../source/security.rst:17 msgid "" "**If an attacker learns about the onion service, it still can't access " "anything.** Prior attacks against the Tor network to enumerate onion " "services allowed the attacker to discover private .onion addresses. If an " "attack discovers a private OnionShare address, a password will be prevent " "them from accessing it (unless the OnionShare user chooses to turn it off " "and make it public). The password is generated by choosing two random words " "from a list of 6800 words, making 6800², or about 46 million possible " "passwords. Only 20 wrong guesses can be made before OnionShare stops the " "server, preventing brute force attacks against the password." msgstr "" #: ../../source/security.rst:20 ../../source/security.rst:33 msgid "What OnionShare doesn't protect against" msgstr "OnionShare 無法保護的部份" #: ../../source/security.rst:22 msgid "" "**Communicating the OnionShare address might not be secure.** Communicating " "the OnionShare address to people is the responsibility of the OnionShare " "user. If sent insecurely (such as through an email message monitored by an " "attacker), an eavesdropper can tell that OnionShare is being used. If the " "eavesdropper loads the address in Tor Browser while the service is still up, " "they can access it. To avoid this, the address must be communicateed " "securely, via encrypted text message (probably with disappearing messages " "enabled), encrypted email, or in person. This isn't necessary when using " "OnionShare for something that isn't secret." msgstr "" #: ../../source/security.rst:24 msgid "" "**Communicating the OnionShare address might not be anonymous.** Extra " "precautions must be taken to ensure the OnionShare address is communicated " "anonymously. A new email or chat account, only accessed over Tor, can be " "used to share the address. This isn't necessary unless anonymity is a goal." msgstr "" #: ../../source/security.rst:11 msgid "" "**Third parties don't have access to anything that happens in OnionShare.** " "Using OnionShare means hosting services directly on your computer. When " "sharing your files with OnionShare, they are not uploaded to any third-party " "server. If you make an OnionShare chat room, your computer acts as a server " "for that too. This avoids the traditional model of having to trust the " "computers of others." msgstr "" #: ../../source/security.rst:28 msgid "" "**If an attacker learns about the onion service, they still can't access " "anything.** Prior attacks against the Tor network to enumerate onion " "services allowed attackers to discover private ``.onion`` addresses. To " "access an OnionShare service from its address, the private key used for " "client authentication must be guessed (unless the service is already made " "public by turning off the private key -- see :ref:`turn_off_private_key`)." msgstr "" #: ../../source/security.rst:35 msgid "" "**Communicating the OnionShare address and private key might not be secure." "** Communicating the OnionShare address to people is the responsibility of " "the OnionShare user. If sent insecurely (such as through an e-mail message " "monitored by an attacker), an eavesdropper can tell that OnionShare is being " "used. Eavesdroppers can access services that are still up by loading their " "addresses and/or lost key in the Tor Browser. Avoid this by communicating " "the address securely, via encrypted text message (probably with disappearing " "messages enabled), encrypted e-mail, or in person. This isn't necessary when " "using OnionShare for something that isn't secret." msgstr "" #: ../../source/security.rst:42 msgid "" "**Communicating the OnionShare address and private key might not be " "anonymous.** Extra precaution must be taken to ensure the OnionShare address " "is communicated anonymously. A new e-mail or chat account, only accessed " "over Tor, can be used to share the address. This isn't necessary unless " "anonymity is a goal." msgstr ""