Skip to content

GitLab

T
tails
Commit 90fe0cd6 authored by Tails developers's avatar Tails developers
Browse files
Options

Refresh wiki PO files, add new ones.

parent 4455d515
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 3079 additions and 1329 deletions
wiki/src/doc/encryption_and_privacy.index.de.po
View file @ 90fe0cd6
......@@ -6,7 +6,7 @@
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"POT-Creation-Date: 2012-07-22 16:32+0300\n"
"POT-Creation-Date: 2012-10-12 20:20+0300\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
......@@ -40,8 +40,9 @@ msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
" - Use OpenPGP\n"
" - [[!traillink Encrypt_text_with_a_passphrase_using_gpgApplet|encryption_and_privacy/openpgp_passphrase_encryption]]\n"
" - [[!traillink Encrypt_and_sign_text_with_a_public_key_using_gedit|encryption_and_privacy/openpgp_with_gedit]]\n"
" - [[!traillink Encrypt,_decrypt,_sign,_and_verify_text_using_OpenPGP_and_<span_class=\"application\">Tails_gpgApplet</span>|encryption_and_privacy/gpgapplet]]\n"
" - [[!traillink Encrypt_text_with_a_passphrase|encryption_and_privacy/gpgapplet/passphrase_encryption]]\n"
" - [[!traillink Encrypt_and_sign_text_using_public-key_cryptography|encryption_and_privacy/gpgapplet/public-key_cryptography]]\n"
" - [[!traillink Decrypt_and_verify_text|encryption_and_privacy/gpgapplet/decrypt_verify]]\n"
" - [[!traillink Securely_delete_files_and_clean_diskspace_using_Nautilus_Wipe|encryption_and_privacy/secure_deletion]]\n"
msgstr ""
wiki/src/doc/encryption_and_privacy.index.es.po
View file @ 90fe0cd6
......@@ -6,7 +6,7 @@
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"POT-Creation-Date: 2012-07-22 16:32+0300\n"
"POT-Creation-Date: 2012-10-12 20:20+0300\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
......@@ -40,8 +40,9 @@ msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
" - Use OpenPGP\n"
" - [[!traillink Encrypt_text_with_a_passphrase_using_gpgApplet|encryption_and_privacy/openpgp_passphrase_encryption]]\n"
" - [[!traillink Encrypt_and_sign_text_with_a_public_key_using_gedit|encryption_and_privacy/openpgp_with_gedit]]\n"
" - [[!traillink Encrypt,_decrypt,_sign,_and_verify_text_using_OpenPGP_and_<span_class=\"application\">Tails_gpgApplet</span>|encryption_and_privacy/gpgapplet]]\n"
" - [[!traillink Encrypt_text_with_a_passphrase|encryption_and_privacy/gpgapplet/passphrase_encryption]]\n"
" - [[!traillink Encrypt_and_sign_text_using_public-key_cryptography|encryption_and_privacy/gpgapplet/public-key_cryptography]]\n"
" - [[!traillink Decrypt_and_verify_text|encryption_and_privacy/gpgapplet/decrypt_verify]]\n"
" - [[!traillink Securely_delete_files_and_clean_diskspace_using_Nautilus_Wipe|encryption_and_privacy/secure_deletion]]\n"
msgstr ""
wiki/src/doc/encryption_and_privacy.index.fr.po
View file @ 90fe0cd6
......@@ -6,7 +6,7 @@
msgid ""
msgstr ""
"Project-Id-Version: SACKAGE VERSION\n"
"POT-Creation-Date: 2012-07-22 16:32+0300\n"
"POT-Creation-Date: 2012-10-12 20:20+0300\n"
"PO-Revision-Date: 2012-05-22 16:28+0200\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: SLANGUAGE <LL@li.org>\n"
......@@ -46,21 +46,20 @@ msgid "[[!traillink TrueCrypt|encryption_and_privacy/truecrypt]]"
msgstr "[[!traillink TrueCrypt|encryption_and_privacy/truecrypt]]"
#. type: Plain text
#, fuzzy, no-wrap
#| msgid ""
#| " - Use OpenPGP\n"
#| " - [[!traillink Encrypt_text_with_a_passphrase_using_gpgApplet|encryption_and_privacy/openpgp_passphrase_encryption]]\n"
#| " - [[!traillink Encrypt_and_sign_text_with_a_public_key_using_gedit|encryption_and_privacy/openpgp_with_gedit]]\n"
#| " - [[!traillink Securely_delete_files_and_clean_diskspace_using_Nautilus_Wipe|encryption_and_privacy/secure_deletion]]\n"
msgid ""
" - Use OpenPGP\n"
" - [[!traillink Encrypt_text_with_a_passphrase_using_gpgApplet|"
"encryption_and_privacy/openpgp_passphrase_encryption]]\n"
" - [[!traillink Encrypt_and_sign_text_with_a_public_key_using_gedit|"
"encryption_and_privacy/openpgp_with_gedit]]\n"
" - [[!traillink "
"Securely_delete_files_and_clean_diskspace_using_Nautilus_Wipe|"
"encryption_and_privacy/secure_deletion]]\n"
" - [[!traillink Encrypt,_decrypt,_sign,_and_verify_text_using_OpenPGP_and_<span_class=\"application\">Tails_gpgApplet</span>|encryption_and_privacy/gpgapplet]]\n"
" - [[!traillink Encrypt_text_with_a_passphrase|encryption_and_privacy/gpgapplet/passphrase_encryption]]\n"
" - [[!traillink Encrypt_and_sign_text_using_public-key_cryptography|encryption_and_privacy/gpgapplet/public-key_cryptography]]\n"
" - [[!traillink Decrypt_and_verify_text|encryption_and_privacy/gpgapplet/decrypt_verify]]\n"
" - [[!traillink Securely_delete_files_and_clean_diskspace_using_Nautilus_Wipe|encryption_and_privacy/secure_deletion]]\n"
msgstr ""
" - Utiliser OpenPGP\n"
" - [[!traillink Chiffrer_du_texte_avec_une_phrase_secrète|"
"encryption_and_privacy/openpgp_passphrase_encryption]]\n"
" - [[!traillink Chiffrer_et_signer_du_texte_avec_une_clé_publique_et_gedit|"
"encryption_and_privacy/openpgp_with_gedit]]\n"
" - [[!traillink "
"Effacer_des_fichiers_de_façon_sécurisée_et_nettoyer_l'espace_disque_avec_Nautilus_Wipe|"
"encryption_and_privacy/secure_deletion]]\n"
" - [[!traillink Chiffrer_du_texte_avec_une_phrase_secrète|encryption_and_privacy/openpgp_passphrase_encryption]]\n"
" - [[!traillink Chiffrer_et_signer_du_texte_avec_une_clé_publique_et_gedit|encryption_and_privacy/openpgp_with_gedit]]\n"
" - [[!traillink Effacer_des_fichiers_de_façon_sécurisée_et_nettoyer_l'espace_disque_avec_Nautilus_Wipe|encryption_and_privacy/secure_deletion]]\n"
wiki/src/doc/encryption_and_privacy.index.pt.po
View file @ 90fe0cd6
......@@ -7,7 +7,7 @@
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"POT-Creation-Date: 2012-07-22 16:32+0300\n"
"POT-Creation-Date: 2012-10-12 20:20+0300\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
......@@ -20,36 +20,46 @@ msgstr ""
msgid ""
"[[!traillink Your_data_won't_be_saved_unless_explicitly_asked|"
"encryption_and_privacy/your_data_wont_be_saved_unless_explicitly_asked]]"
msgstr "[[!traillink Seus_dados_não_serão_salvos_a_não_ser_que_você_peça_"
"explicitamente|encryption_and_privacy/your_data_wont_be_saved_unless_explicitly_asked]]"
msgstr ""
"[[!traillink "
"Seus_dados_não_serão_salvos_a_não_ser_que_você_peça_explicitamente|"
"encryption_and_privacy/your_data_wont_be_saved_unless_explicitly_asked]]"
#. type: Bullet: ' - '
msgid ""
"[[!traillink Type_passwords_securely_on_an_untrusted_computer|"
"encryption_and_privacy/virtual_keyboard]]"
msgstr "[[!traillink Digite_senhas_de_forma_segura_em_computadores_não_"
"confiáveis|encryption_and_privacy/virtual_keyboard]]"
msgstr ""
"[[!traillink Digite_senhas_de_forma_segura_em_computadores_não_confiáveis|"
"encryption_and_privacy/virtual_keyboard]]"
#. type: Bullet: ' - '
msgid ""
"[[!traillink Create_and_use_encrypted_volumes|encryption_and_privacy/"
"encrypted_volumes]]"
msgstr "[[!traillink Crie_e_use_volumes_criptografados|encryption_and_privacy/encrypted_volumes]]"
msgstr ""
"[[!traillink Crie_e_use_volumes_criptografados|encryption_and_privacy/"
"encrypted_volumes]]"
#. type: Bullet: ' - '
msgid "[[!traillink TrueCrypt|encryption_and_privacy/truecrypt]]"
msgstr ""
#. type: Plain text
#, no-wrap
#, fuzzy, no-wrap
#| msgid ""
#| " - Use OpenPGP\n"
#| " - [[!traillink Encrypt_text_with_a_passphrase_using_gpgApplet|encryption_and_privacy/openpgp_passphrase_encryption]]\n"
#| " - [[!traillink Encrypt_and_sign_text_with_a_public_key_using_gedit|encryption_and_privacy/openpgp_with_gedit]]\n"
#| " - [[!traillink Securely_delete_files_and_clean_diskspace_using_Nautilus_Wipe|encryption_and_privacy/secure_deletion]]\n"
msgid ""
" - Use OpenPGP\n"
" - [[!traillink Encrypt_text_with_a_passphrase_using_gpgApplet|encryption_and_privacy/openpgp_passphrase_encryption]]\n"
" - [[!traillink Encrypt_and_sign_text_with_a_public_key_using_gedit|encryption_and_privacy/openpgp_with_gedit]]\n"
" - [[!traillink Encrypt,_decrypt,_sign,_and_verify_text_using_OpenPGP_and_<span_class=\"application\">Tails_gpgApplet</span>|encryption_and_privacy/gpgapplet]]\n"
" - [[!traillink Encrypt_text_with_a_passphrase|encryption_and_privacy/gpgapplet/passphrase_encryption]]\n"
" - [[!traillink Encrypt_and_sign_text_using_public-key_cryptography|encryption_and_privacy/gpgapplet/public-key_cryptography]]\n"
" - [[!traillink Decrypt_and_verify_text|encryption_and_privacy/gpgapplet/decrypt_verify]]\n"
" - [[!traillink Securely_delete_files_and_clean_diskspace_using_Nautilus_Wipe|encryption_and_privacy/secure_deletion]]\n"
msgstr ""
" - Use OpenPGP\n"
" - [[!traillink Criptografe_textos_com_uma_senha_usando_o_gpgApplet|encryption_and_privacy/openpgp_passphrase_encryption]]\n"
" - [[!traillink Criptografe_e_assine_textos_com_uma_chave_pública_usando_gedit|encryption_and_privacy/openpgp_with_gedit]]\n"
" - [[!traillink Apague_arquivos_de_forma_segura_e_limpe_o_espaço_em_disco_usando_o_"
"Nautilus_Wipe|encryption_and_privacy/secure_deletion]]\n"
" - [[!traillink Apague_arquivos_de_forma_segura_e_limpe_o_espaço_em_disco_usando_o_Nautilus_Wipe|encryption_and_privacy/secure_deletion]]\n"
wiki/src/doc/encryption_and_privacy/FireGPG_susceptible_to_devastating_attacks.de.po
View file @ 90fe0cd6
......@@ -7,7 +7,7 @@
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"POT-Creation-Date: 2011-12-18 10:38+0100\n"
"POT-Creation-Date: 2012-10-12 20:20+0300\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
......@@ -27,14 +27,24 @@ msgid "**FireGPG is no more shipped in Tails.**\n"
msgstr ""
#. type: Plain text
msgid "You should instead use:"
msgid "You should instead use our custom GPG applet to:"
msgstr ""
#. type: Plain text
#. type: Bullet: ' - '
msgid ""
"[[Encrypt text with a passphrase|encryption_and_privacy/gpgapplet/"
"passphrase_encryption]]"
msgstr ""
#. type: Bullet: ' - '
msgid ""
"[[Encrypt and sign text using public-key cryptography|encryption_and_privacy/"
"gpgapplet/public-key_cryptography]]"
msgstr ""
#. type: Bullet: ' - '
msgid ""
"- our custom GPG applet to [[encrypt text with a passphrase|"
"openpgp_passphrase_encryption]] - the gedit text editor to [[encrypt text "
"with a public key|openpgp_with_gedit]]"
"[[Decrypt and verify text|encryption_and_privacy/gpgapplet/decrypt_verify]]"
msgstr ""
#. type: Plain text
......@@ -52,12 +62,12 @@ msgid ""
"[FireGPG](http://getfirefox.com) is a Firefox addon that allows users to "
"easily perform cryptographic actions on the contents of HTML pages, e.g. to "
"verify signatures appearing as HTML text, or encrypt texts written inside "
"HTML text boxes (i.e. &lt;textarea&gt;). Webmail interfaces commonly use text "
"boxes for email composition, so FireGPG is a natural fit for this use case: "
"the user writes his or her email plaintext in the text box, selects the "
"plaintext and uses one of the \"Encrypt\" or \"Sign and encrypt\" actions "
"available from the FireGPG menu to transform the selection to its encrypted "
"counterpart."
"HTML text boxes (i.e. &lt;textarea&gt;). Webmail interfaces commonly use "
"text boxes for email composition, so FireGPG is a natural fit for this use "
"case: the user writes his or her email plaintext in the text box, selects "
"the plaintext and uses one of the \"Encrypt\" or \"Sign and encrypt\" "
"actions available from the FireGPG menu to transform the selection to its "
"encrypted counterpart."
msgstr ""
#. type: Plain text
......@@ -69,40 +79,41 @@ msgid ""
"every second, thereby leaking the plaintext as it is written, effectively "
"bypassing any subsequent encryption. In fact, many non-malicious webmail "
"services do just that at longer intervals, to save a draft of a message in "
"case the user's browser crashes. The only way that a user can block this type "
"of attack is by completely disabling JavaScript, which is often not "
"desirable. In any case, FireGPG currently does nothing to make users aware of "
"this issue. To the contrary, by making encryption commands easily accessible "
"in the FireGPG context menu, it actively promotes this insecure usage."
"case the user's browser crashes. The only way that a user can block this "
"type of attack is by completely disabling JavaScript, which is often not "
"desirable. In any case, FireGPG currently does nothing to make users aware "
"of this issue. To the contrary, by making encryption commands easily "
"accessible in the FireGPG context menu, it actively promotes this insecure "
"usage."
msgstr ""
#. type: Plain text
msgid ""
"The situation is exactly the same if a user decrypts an OpenPGP block inside "
"a text box: the OpenPGP block is replaced with the plaintext within the text "
"box, so the same script can leak the plaintext when the timer fires less than "
"a second later. Luckily, webmail systems rarely present messages in text "
"boxes (although 'pastebins' often do). It is more common for received email "
"to be displayed as HTML text, and when the user decrypts it, FireGPG will "
"display the plaintext in a separate window that is safely out of reach of "
"JavaScript. FireGPG has an option, `extensions.firegpg."
"box, so the same script can leak the plaintext when the timer fires less "
"than a second later. Luckily, webmail systems rarely present messages in "
"text boxes (although 'pastebins' often do). It is more common for received "
"email to be displayed as HTML text, and when the user decrypts it, FireGPG "
"will display the plaintext in a separate window that is safely out of reach "
"of JavaScript. FireGPG has an option, `extensions.firegpg."
"result_always_in_new_window`, called \"Always display encryption and "
"signature results in a separate window\" in the FireGPG options window, that "
"forces this behaviour when decrypting OpenPGP blocks in text boxes as well, "
"but it is disabled by default. This option, however, does not in any way "
"prevent leaking of plaintext while the user is writing it as described in the "
"previous paragraph."
"prevent leaking of plaintext while the user is writing it as described in "
"the previous paragraph."
msgstr ""
#. type: Plain text
msgid ""
"FireGPG also has three commands to sign (but not encrypt) messages: \"Sign\", "
"\"Wrapped sign\" and \"Clearsign\". Simple JavaScript can replace the "
"contents of the text box when the user selects it, so if the user does not re-"
"read the text after selecting one of the 'sign' commands, the attacker will "
"be able to obtain the user's signature on an arbitrary message. Enabling the "
"`result_always_in_new_window` option does not prevent this attack; only user "
"acuity *may* be able to detect and block it."
"FireGPG also has three commands to sign (but not encrypt) messages: \"Sign"
"\", \"Wrapped sign\" and \"Clearsign\". Simple JavaScript can replace the "
"contents of the text box when the user selects it, so if the user does not "
"re-read the text after selecting one of the 'sign' commands, the attacker "
"will be able to obtain the user's signature on an arbitrary message. "
"Enabling the `result_always_in_new_window` option does not prevent this "
"attack; only user acuity *may* be able to detect and block it."
msgstr ""
#. type: Plain text
......@@ -126,8 +137,8 @@ msgstr ""
#. type: Bullet: '2. '
msgid ""
"FireGPG should explicitly state that the FireGPG Text editor is the only safe "
"place to write plaintext that are to be encrypted and/or signed, or to "
"FireGPG should explicitly state that the FireGPG Text editor is the only "
"safe place to write plaintext that are to be encrypted and/or signed, or to "
"decrypt messages unless the `result_always_in_new_window` option is enabled. "
"Hopefully this will save users that have been misled by FireGPG for years "
"from risking their data again, and make them understand why this new, less "
......@@ -153,14 +164,14 @@ msgstr ""
#. type: Plain text
msgid ""
"After these changes, the only remaining actions in the FireGPG menu will be "
"\"Decrypt\" and \"Verify\". \"Decrypt\" is made safe by change 3, and \"Verify"
"\" is made safe by change 4. It may still be a good idea to remove these "
"actions as well to further promote the use of the FireGPG Text editor for all "
"cryptographic actions. If they are removed, points 3 and 4 above become "
"irrelevant and may be ignored. Per a discussion on #tor-dev and later #tails "
"with rransom and katmagic it came to light that FireGPG may have a few "
"serious security and anonymity issues (katmagic even claimed with \"85%\" "
"certainty that these issues were among the main reasons FireGPG was "
"\"Decrypt\" and \"Verify\". \"Decrypt\" is made safe by change 3, and "
"\"Verify\" is made safe by change 4. It may still be a good idea to remove "
"these actions as well to further promote the use of the FireGPG Text editor "
"for all cryptographic actions. If they are removed, points 3 and 4 above "
"become irrelevant and may be ignored. Per a discussion on #tor-dev and "
"later #tails with rransom and katmagic it came to light that FireGPG may "
"have a few serious security and anonymity issues (katmagic even claimed with "
"\"85%\" certainty that these issues were among the main reasons FireGPG was "
"discontinued):"
msgstr ""
......@@ -219,8 +230,8 @@ msgstr ""
#. type: Bullet: '- '
msgid ""
"[[tor-talk] Tor Browser Bundle: PGP encryption built-in?](http://www.mail-"
"archive.com/tor-talk@lists.torproject.org/msg02105.html)<br/> A thread on the "
"[tor-talk] list adressing the issues of supporting GPG inside a browser."
"archive.com/tor-talk@lists.torproject.org/msg02105.html)<br/> A thread on "
"the [tor-talk] list adressing the issues of supporting GPG inside a browser."
msgstr ""
#. type: Bullet: '- '
......
wiki/src/doc/encryption_and_privacy/FireGPG_susceptible_to_devastating_attacks.es.po
View file @ 90fe0cd6
......@@ -7,7 +7,7 @@
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"POT-Creation-Date: 2011-12-18 10:38+0100\n"
"POT-Creation-Date: 2012-10-12 20:20+0300\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
......@@ -27,14 +27,24 @@ msgid "**FireGPG is no more shipped in Tails.**\n"
msgstr ""
#. type: Plain text
msgid "You should instead use:"
msgid "You should instead use our custom GPG applet to:"
msgstr ""
#. type: Plain text
#. type: Bullet: ' - '
msgid ""
"[[Encrypt text with a passphrase|encryption_and_privacy/gpgapplet/"
"passphrase_encryption]]"
msgstr ""
#. type: Bullet: ' - '
msgid ""
"[[Encrypt and sign text using public-key cryptography|encryption_and_privacy/"
"gpgapplet/public-key_cryptography]]"
msgstr ""
#. type: Bullet: ' - '
msgid ""
"- our custom GPG applet to [[encrypt text with a passphrase|"
"openpgp_passphrase_encryption]] - the gedit text editor to [[encrypt text "
"with a public key|openpgp_with_gedit]]"
"[[Decrypt and verify text|encryption_and_privacy/gpgapplet/decrypt_verify]]"
msgstr ""
#. type: Plain text
......@@ -52,12 +62,12 @@ msgid ""
"[FireGPG](http://getfirefox.com) is a Firefox addon that allows users to "
"easily perform cryptographic actions on the contents of HTML pages, e.g. to "
"verify signatures appearing as HTML text, or encrypt texts written inside "
"HTML text boxes (i.e. &lt;textarea&gt;). Webmail interfaces commonly use text "
"boxes for email composition, so FireGPG is a natural fit for this use case: "
"the user writes his or her email plaintext in the text box, selects the "
"plaintext and uses one of the \"Encrypt\" or \"Sign and encrypt\" actions "
"available from the FireGPG menu to transform the selection to its encrypted "
"counterpart."
"HTML text boxes (i.e. &lt;textarea&gt;). Webmail interfaces commonly use "
"text boxes for email composition, so FireGPG is a natural fit for this use "
"case: the user writes his or her email plaintext in the text box, selects "
"the plaintext and uses one of the \"Encrypt\" or \"Sign and encrypt\" "
"actions available from the FireGPG menu to transform the selection to its "
"encrypted counterpart."
msgstr ""
#. type: Plain text
......@@ -69,40 +79,41 @@ msgid ""
"every second, thereby leaking the plaintext as it is written, effectively "
"bypassing any subsequent encryption. In fact, many non-malicious webmail "
"services do just that at longer intervals, to save a draft of a message in "
"case the user's browser crashes. The only way that a user can block this type "
"of attack is by completely disabling JavaScript, which is often not "
"desirable. In any case, FireGPG currently does nothing to make users aware of "
"this issue. To the contrary, by making encryption commands easily accessible "
"in the FireGPG context menu, it actively promotes this insecure usage."
"case the user's browser crashes. The only way that a user can block this "
"type of attack is by completely disabling JavaScript, which is often not "
"desirable. In any case, FireGPG currently does nothing to make users aware "
"of this issue. To the contrary, by making encryption commands easily "
"accessible in the FireGPG context menu, it actively promotes this insecure "
"usage."
msgstr ""
#. type: Plain text
msgid ""
"The situation is exactly the same if a user decrypts an OpenPGP block inside "
"a text box: the OpenPGP block is replaced with the plaintext within the text "
"box, so the same script can leak the plaintext when the timer fires less than "
"a second later. Luckily, webmail systems rarely present messages in text "
"boxes (although 'pastebins' often do). It is more common for received email "
"to be displayed as HTML text, and when the user decrypts it, FireGPG will "
"display the plaintext in a separate window that is safely out of reach of "
"JavaScript. FireGPG has an option, `extensions.firegpg."
"box, so the same script can leak the plaintext when the timer fires less "
"than a second later. Luckily, webmail systems rarely present messages in "
"text boxes (although 'pastebins' often do). It is more common for received "
"email to be displayed as HTML text, and when the user decrypts it, FireGPG "
"will display the plaintext in a separate window that is safely out of reach "
"of JavaScript. FireGPG has an option, `extensions.firegpg."
"result_always_in_new_window`, called \"Always display encryption and "
"signature results in a separate window\" in the FireGPG options window, that "
"forces this behaviour when decrypting OpenPGP blocks in text boxes as well, "
"but it is disabled by default. This option, however, does not in any way "
"prevent leaking of plaintext while the user is writing it as described in the "
"previous paragraph."
"prevent leaking of plaintext while the user is writing it as described in "
"the previous paragraph."
msgstr ""
#. type: Plain text
msgid ""
"FireGPG also has three commands to sign (but not encrypt) messages: \"Sign\", "
"\"Wrapped sign\" and \"Clearsign\". Simple JavaScript can replace the "
"contents of the text box when the user selects it, so if the user does not re-"
"read the text after selecting one of the 'sign' commands, the attacker will "
"be able to obtain the user's signature on an arbitrary message. Enabling the "
"`result_always_in_new_window` option does not prevent this attack; only user "
"acuity *may* be able to detect and block it."
"FireGPG also has three commands to sign (but not encrypt) messages: \"Sign"
"\", \"Wrapped sign\" and \"Clearsign\". Simple JavaScript can replace the "
"contents of the text box when the user selects it, so if the user does not "
"re-read the text after selecting one of the 'sign' commands, the attacker "
"will be able to obtain the user's signature on an arbitrary message. "
"Enabling the `result_always_in_new_window` option does not prevent this "
"attack; only user acuity *may* be able to detect and block it."
msgstr ""
#. type: Plain text
......@@ -126,8 +137,8 @@ msgstr ""
#. type: Bullet: '2. '
msgid ""
"FireGPG should explicitly state that the FireGPG Text editor is the only safe "
"place to write plaintext that are to be encrypted and/or signed, or to "
"FireGPG should explicitly state that the FireGPG Text editor is the only "
"safe place to write plaintext that are to be encrypted and/or signed, or to "
"decrypt messages unless the `result_always_in_new_window` option is enabled. "
"Hopefully this will save users that have been misled by FireGPG for years "
"from risking their data again, and make them understand why this new, less "
......@@ -153,14 +164,14 @@ msgstr ""
#. type: Plain text
msgid ""
"After these changes, the only remaining actions in the FireGPG menu will be "
"\"Decrypt\" and \"Verify\". \"Decrypt\" is made safe by change 3, and \"Verify"
"\" is made safe by change 4. It may still be a good idea to remove these "
"actions as well to further promote the use of the FireGPG Text editor for all "
"cryptographic actions. If they are removed, points 3 and 4 above become "
"irrelevant and may be ignored. Per a discussion on #tor-dev and later #tails "
"with rransom and katmagic it came to light that FireGPG may have a few "
"serious security and anonymity issues (katmagic even claimed with \"85%\" "
"certainty that these issues were among the main reasons FireGPG was "
"\"Decrypt\" and \"Verify\". \"Decrypt\" is made safe by change 3, and "
"\"Verify\" is made safe by change 4. It may still be a good idea to remove "
"these actions as well to further promote the use of the FireGPG Text editor "
"for all cryptographic actions. If they are removed, points 3 and 4 above "
"become irrelevant and may be ignored. Per a discussion on #tor-dev and "
"later #tails with rransom and katmagic it came to light that FireGPG may "
"have a few serious security and anonymity issues (katmagic even claimed with "
"\"85%\" certainty that these issues were among the main reasons FireGPG was "
"discontinued):"
msgstr ""
......@@ -219,8 +230,8 @@ msgstr ""
#. type: Bullet: '- '
msgid ""
"[[tor-talk] Tor Browser Bundle: PGP encryption built-in?](http://www.mail-"
"archive.com/tor-talk@lists.torproject.org/msg02105.html)<br/> A thread on the "
"[tor-talk] list adressing the issues of supporting GPG inside a browser."
"archive.com/tor-talk@lists.torproject.org/msg02105.html)<br/> A thread on "
"the [tor-talk] list adressing the issues of supporting GPG inside a browser."
msgstr ""
#. type: Bullet: '- '
......
wiki/src/doc/encryption_and_privacy/FireGPG_susceptible_to_devastating_attacks.pt.po
View file @ 90fe0cd6
......@@ -7,7 +7,7 @@
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"POT-Creation-Date: 2012-06-06 23:52+0300\n"
"POT-Creation-Date: 2012-10-12 20:20+0300\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
......@@ -27,14 +27,24 @@ msgid "**FireGPG is no more shipped in Tails.**\n"
msgstr ""
#. type: Plain text
msgid "You should instead use:"
msgid "You should instead use our custom GPG applet to:"
msgstr ""
#. type: Plain text
#. type: Bullet: ' - '
msgid ""
"[[Encrypt text with a passphrase|encryption_and_privacy/gpgapplet/"
"passphrase_encryption]]"
msgstr ""
#. type: Bullet: ' - '
msgid ""
"[[Encrypt and sign text using public-key cryptography|encryption_and_privacy/"
"gpgapplet/public-key_cryptography]]"
msgstr ""
#. type: Bullet: ' - '
msgid ""
"- our custom GPG applet to [[encrypt text with a "
"passphrase|openpgp_passphrase_encryption]] - the gedit text editor to "
"[[encrypt text with a public key|openpgp_with_gedit]]"
"[[Decrypt and verify text|encryption_and_privacy/gpgapplet/decrypt_verify]]"
msgstr ""
#. type: Plain text
......@@ -86,24 +96,24 @@ msgid ""
"text boxes (although 'pastebins' often do). It is more common for received "
"email to be displayed as HTML text, and when the user decrypts it, FireGPG "
"will display the plaintext in a separate window that is safely out of reach "
"of JavaScript. FireGPG has an option, "
"`extensions.firegpg.result_always_in_new_window`, called \"Always display "
"encryption and signature results in a separate window\" in the FireGPG "
"options window, that forces this behaviour when decrypting OpenPGP blocks in "
"text boxes as well, but it is disabled by default. This option, however, "
"does not in any way prevent leaking of plaintext while the user is writing "
"it as described in the previous paragraph."
"of JavaScript. FireGPG has an option, `extensions.firegpg."
"result_always_in_new_window`, called \"Always display encryption and "
"signature results in a separate window\" in the FireGPG options window, that "
"forces this behaviour when decrypting OpenPGP blocks in text boxes as well, "
"but it is disabled by default. This option, however, does not in any way "
"prevent leaking of plaintext while the user is writing it as described in "
"the previous paragraph."
msgstr ""
#. type: Plain text
msgid ""
"FireGPG also has three commands to sign (but not encrypt) messages: "
"\"Sign\", \"Wrapped sign\" and \"Clearsign\". Simple JavaScript can replace "
"the contents of the text box when the user selects it, so if the user does "
"not re-read the text after selecting one of the 'sign' commands, the "
"attacker will be able to obtain the user's signature on an arbitrary "
"message. Enabling the `result_always_in_new_window` option does not prevent "
"this attack; only user acuity *may* be able to detect and block it."
"FireGPG also has three commands to sign (but not encrypt) messages: \"Sign"
"\", \"Wrapped sign\" and \"Clearsign\". Simple JavaScript can replace the "
"contents of the text box when the user selects it, so if the user does not "
"re-read the text after selecting one of the 'sign' commands, the attacker "
"will be able to obtain the user's signature on an arbitrary message. "
"Enabling the `result_always_in_new_window` option does not prevent this "
"attack; only user acuity *may* be able to detect and block it."
msgstr ""
#. type: Plain text
......@@ -112,8 +122,7 @@ msgid ""
"cryptographic actions on the contents of text boxes is fundamentally flawed "
"and unsecurable. FireGPG's current design and interface is training users to "
"act as if the contents of text boxes are private until they are explicitly "
"submitted by the user (e.g. by pressing a \"Submit\"/\"Send\" "
"button). Hence:"
"submitted by the user (e.g. by pressing a \"Submit\"/\"Send\" button). Hence:"
msgstr ""
#. type: Bullet: '1. '
......@@ -130,13 +139,13 @@ msgstr ""
msgid ""
"FireGPG should explicitly state that the FireGPG Text editor is the only "
"safe place to write plaintext that are to be encrypted and/or signed, or to "
"decrypt messages unless the `result_always_in_new_window` option is "
"enabled. Hopefully this will save users that have been misled by FireGPG for "
"years from risking their data again, and make them understand why this new, "
"less convenient, mode of operation is necessary. Otherwise, they may "
"continue writing their plaintext in JavaScript-accessible text boxes, and "
"then copy-and-paste it into the FireGPG Text editor just to encrypt it, "
"instead of writing it there from the start."
"decrypt messages unless the `result_always_in_new_window` option is enabled. "
"Hopefully this will save users that have been misled by FireGPG for years "
"from risking their data again, and make them understand why this new, less "
"convenient, mode of operation is necessary. Otherwise, they may continue "
"writing their plaintext in JavaScript-accessible text boxes, and then copy-"
"and-paste it into the FireGPG Text editor just to encrypt it, instead of "
"writing it there from the start."
msgstr ""
#. type: Bullet: '3. '
......@@ -220,17 +229,15 @@ msgstr ""
#. type: Bullet: '- '
msgid ""
"[[tor-talk] Tor Browser Bundle: PGP encryption "
"built-in?](http://www.mail-archive.com/tor-talk@lists.torproject.org/msg02105.html)<br/> "
"A thread on the [tor-talk] list adressing the issues of supporting GPG "
"inside a browser."
"[[tor-talk] Tor Browser Bundle: PGP encryption built-in?](http://www.mail-"
"archive.com/tor-talk@lists.torproject.org/msg02105.html)<br/> A thread on "
"the [tor-talk] list adressing the issues of supporting GPG inside a browser."
msgstr ""
#. type: Bullet: '- '
msgid ""
"[Spoofing OpenPGP signatures against "
"FireGPG](http://lair.fifthhorseman.net/~dkg/firegpg-audit/spoof/)<br/> "
"Another possible attack on FireGPG."
"[Spoofing OpenPGP signatures against FireGPG](http://lair.fifthhorseman.net/"
"~dkg/firegpg-audit/spoof/)<br/> Another possible attack on FireGPG."
msgstr ""
#. type: Title =
......
wiki/src/doc/encryption_and_privacy/gpgapplet.de.po 0 → 100644
View file @ 90fe0cd6
# SOME DESCRIPTIVE TITLE
# Copyright (C) YEAR Free Software Foundation, Inc.
# This file is distributed under the same license as the PACKAGE package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"POT-Creation-Date: 2012-10-12 20:20+0300\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"