# SOME DESCRIPTIVE TITLE. # Copyright (C) Micah Lee, et al. # This file is distributed under the same license as the OnionShare package. # FIRST AUTHOR <EMAIL@ADDRESS>, 2020. # #, fuzzy msgid "" msgstr "" "Project-Id-Version: OnionShare 2.3\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2020-09-03 11:37-0700\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" "Generated-By: Babel 2.8.0\n" #: ../../source/security.rst:2 msgid "Security design" msgstr "" #: ../../source/security.rst:4 msgid "" "First read :ref:`how_it_works` to understand the basics of how OnionShare" " works." msgstr "" #: ../../source/security.rst:6 msgid "Like all software, OnionShare may contain bugs or vulnerabilities." msgstr "" #: ../../source/security.rst:9 msgid "What OnionShare protects against" msgstr "" #: ../../source/security.rst:11 msgid "" "**Third parties don't have access to anything that happens in " "OnionShare.** When you use OnionShare, you host services directly on your" " computer. For example, when you share files with OnionShare, you don't " "upload these files to any server, and when you start an OnionShare chat " "room, your computer is the chat room server itself. Traditional ways of " "sharing files or setting up websites and chat rooms require trusting a " "service with access to your data." msgstr "" #: ../../source/security.rst:13 msgid "" "**Network eavesdroppers can't spy on anything that happens in OnionShare " "in transit.** Because connections between Tor onion services and Tor " "Browser are end-to-end encrypted, no network attackers can eavesdrop on " "what happens in an OnionShare service. If the eavesdropper is positioned " "on the OnionShare user's end, the Tor Browser user's end, or is a " "malicious Tor node, they will only see Tor traffic. If the eavesdropper " "is a malicious rendezvous node used to connect Tor Browser with " "OnionShare's onion service, the traffic will be encrypted using the onion" " service key." msgstr "" #: ../../source/security.rst:15 msgid "" "**Anonymity of OnionShare users are protected by Tor.** OnionShare and " "Tor Browser protect the anonymity of the users. As long as the OnionShare" " user anonymously communicates the OnionShare address with the Tor " "Browser users, the Tor Browser users and eavesdroppers can't learn the " "identity of the OnionShare user." msgstr "" #: ../../source/security.rst:17 msgid "" "**If an attacker learns about the onion service, they still can't access " "anything.** There have been attacks against the Tor network that can " "enumerate onion services. Even if someone discovers the .onion address of" " an OnionShare onion service, they can't access it without also knowing " "the service's random password (unless, of course, the OnionShare users " "chooses to disable the password and make it public). The password is " "generated by choosing two random words from a list of 6800 words, meaning" " there are 6800^2, or about 46 million possible password. But they can " "only make 20 wrong guesses before OnionShare stops the server, preventing" " brute force attacks against the password." msgstr "" #: ../../source/security.rst:20 msgid "What OnionShare doesn't protect against" msgstr "" #: ../../source/security.rst:22 msgid "" "**Communicating the OnionShare address might not be secure.** The " "OnionShare user is responsible for securely communicating the OnionShare " "address with people. If they send it insecurely (such as through an email" " message, and their email is being monitored by an attacker), the " "eavesdropper will learn that they're using OnionShare. If the attacker " "loads the address in Tor Browser before the legitimate recipient gets to " "it, they can access the service. If this risk fits the user's threat " "model, they must find a more secure way to communicate the address, such " "as in an encrypted email, chat, or voice call. This isn't necessary in " "cases where OnionShare is being used for something that isn't secret." msgstr "" #: ../../source/security.rst:24 msgid "" "**Communicating the OnionShare address might not be anonymous.** While " "OnionShare and Tor Browser allow for anonymity, if the user wishes to " "remain anonymous they must take extra steps to ensure this while " "communicating the OnionShare address. For example, they might need to use" " Tor to create a new anonymous email or chat account, and only access it " "over Tor, to use for sharing the address. This isn't necessary in cases " "where there's no need to protect anonymity, such as co-workers who know " "each other sharing work documents." msgstr ""