Commit eb00a4ac authored by Tails developers's avatar Tails developers

Merge branch 'master' of ssh://webmasters.boum.org/~/wiki

parents dcccf162 b7d946a8
......@@ -8,10 +8,9 @@ msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2015-01-14 16:01+0100\n"
"PO-Revision-Date: 2014-11-10 17:34+0100\n"
"PO-Revision-Date: 2015-01-18 12:44-0000\n"
"Last-Translator: amnesia <amnesia@boum.org>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
"Language: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
......@@ -586,14 +585,12 @@ msgid "Immediately shut down computer"
msgstr "Éteindre immédiatement l'ordinateur"
#: ../config/chroot_local-includes/usr/share/applications/tor-browser.desktop.in.h:1
#, fuzzy
msgid "Tor Browser"
msgstr "Démarre Tor Browser"
msgstr "Démarre le navigateur Tor"
#: ../config/chroot_local-includes/usr/share/applications/tor-browser.desktop.in.h:2
#, fuzzy
msgid "Anonymous Web Browser"
msgstr "Navigateur Web Non-sécurisé"
msgstr "Navigateur Web Anonyme"
#: ../config/chroot_local-includes/usr/share/applications/unsafe-browser.desktop.in.h:2
msgid "Browse the World Wide Web without anonymity"
......
......@@ -61,8 +61,7 @@ In the folowing scenario:
0. topic branches are named branch T
0. base branches are named branch B
0. Builds are ran on merges which don't raise a conflict, and this is the topic
branch's dev to take care of that.
0. builds are ran on merges which don't raise a conflict. If the merge raises a conflict, then the topic branch's developpes should take care of resolving it.
## Scenario 1 : reviewer
......@@ -76,9 +75,9 @@ In the folowing scenario:
I might want to download the resulting ISO
I might want to get the pkg list
I want the redmine ticket to be notified (optional feature)
Otherwise if it fails I _need_ to see the build logs
And the developer who proposed the merge should be notified
And the ticket shouldn't be reassigned to the branch submitter
Otherwise if it fails the developer who proposed the merge should be notified
And the developper _need_ to see the build logs
And the ticket should be reassigned to the branch submitter
And QA check should be set to `Dev needed`
......@@ -88,15 +87,15 @@ In the folowing scenario:
When I'm working on branch T
Then I need to know if my branch builds after I've pushed
And I need to know if my branch build is broken by something else
possibly weeks after my last commit by e.g Debian changes,
changes in branch B...
possibly weeks after my last commit (by e.g Debian changes,
changes in branch B, ...)
And if the build succeeded
I might want to download the resulting ISO
I might want to get the pkg list
I want the redmine ticket to be notified (optional feature)
Otherwise if it fails I _need_ to see the build logs
And the developer who proposed the merge should be notified
And the ticket shouldn't be reassigned to the branch submitter
And the ticket should be reassigned to the branch submitter
And QA check should be set to `Dev needed`
......@@ -115,7 +114,7 @@ might want to consider it in the future.
## Scenario 1
As a tails developer working on branch B
As a Tails developer working on branch B
When I upload a package to APT suite B
Then I want to know if it broke the build ASAP
......@@ -126,7 +125,7 @@ might want to consider it in the future.
## Scenario 2
As the current RM
When I push new tag T on branch
When I push new tag T on branch B
Then I want the APT suite for tag T to be created
And I want the APT suite B to be copied into the APT suite T
And once this is done, I want a build from the checkout of tag T to be
......@@ -140,3 +139,9 @@ might want to consider it in the future.
When the test suite is ran on the ISO build from my last commit
I want to watch the TV and see the test video in HTML5 from a Torbrowser
## Scenario 4
As a Tails developper
When an ISO is build from my last commit
I want to access it throught remote desktop (VNC/Spice/...) over Tor
......@@ -73,39 +73,40 @@ Grsync is [packaged for debian](https://packages.debian.org/squeeze/grsync).
The documentation for the creation of the encrypted device [[is already written|doc/encryption_and_privacy/encrypted_volumes]].
### Pros
* not that much things to code
* grsync can be easily preconfigurated, eventually with multiple profiles
* this solution separate backup and encryption work
* allows remote backups
### Cons
* seems not really actively developped
* not possible to do incremental backups
* needs a separate encrypted device for backups or reuse the "loopback LUKS"
solution
* does not check if enough space is available on the destination before running
### How to test?
* create an encrypted device.
* install the grsync package.
* paste [those lines](http://dustri.org/p/38e76b) in a .grsync file, then double-click on it.
* paste [those lines](https://paste.debian-facile.org/view/raw/a7a7fe3c) in a `.grsync` file, then double-click on it.
(grsync ask you first to confirm the profile you want to use. Just click on "Open")
* define the destination (i.e your encrypted device)
* test wildly! and please report your results
### Todo
### Pros
* not that much things to code
* grsync can be easily preconfigurated, eventually with multiple profiles
* this solution separates backup and encryption work
* allows remote backups
### Features to request
* grsync should check if enough space is available on the destination before running.
Update: rsync 3.1.0 [introduces](https://rsync.samba.org/ftp/rsync/src/rsync-3.1.0-NEWS) a `--preallocate` option.
(Tails actually ships rsync 3.0.9)
* grsync should ask for confirmation when the option "Delete on the destination" is activated
* when user double-click on a `.grsync` file, a window appears to confirm which file to open. This may be confusing.
### Misc
* some files are normally not readable by rsync (for example persistence.conf, apt/*)
Grsync can bypass that with the option "Run as superuser", we should investigate the consequences of using such an option.
We still have the possibility to ignore those files: we just have then to add `--exclude="apt"` in the preconfiguration file.
* decide if we activate the option `--delete` by default.
* test restoration (see File → Invert source and destination), then at least check files permissions.
* test restoration (see File → Invert source and destination). Then, at least, check files permissions.
* test backup + restoration with symlinks and hardlinks in the Persistent folder.
* eventually test remote backups.
* see the [thread on tails-dev](https://mailman.boum.org/pipermail/tails-dev/2015-January/007931.html)
rdup
----
......
......@@ -23,6 +23,21 @@ Bonus:
* Arch: 1.3.2
* Fedora: 1.3.0 flagged as stable, 1.3.2 in testing
API stability and backwards-compatibility
=========================================
- "all [Docker] containers are backwards compatible, pretty much to
the first version. [...] In general backwards compatibility is a
big deal in the Docker project"
([source](https://news.ycombinator.com/item?id=7985142), shykes
is a Docker developer)
- Apparently the Docker 1.0 release broke older stuff, see e.g. the
0.6 release in
[the jenkins plugin changelog](https://wiki.jenkins-ci.org/display/JENKINS/Docker+Plugin).
- Environment replacement was formalized in Docker 1.3, and the new
behavior ["will be
preserved"](https://docs.docker.com/reference/builder/#environment-replacement).
Random notes
============
......@@ -47,3 +62,55 @@ Random notes
[[dedicated blueprint|blueprint/Linux_containers]].
* [overclockix](https://github.com/mbentley/overclockix) uses
live-build and provides a Dockerfile for easier building.
* overlayfs support was added in Docker 1.4.0; we'll need that when
using Debian Stretch/sid once Linux 3.18 lands in there after
Jessie is released.
Test run
========
(20150120, Debian sid host, `feature/7530-docker` Git branch)
sudo apt --no-install-recommends install docker.io aufs-tools
sudo adduser "$(whoami)" docker
su - "$(whoami)"
make
* `TAILS_BUILD_OPTIONS="noproxy"` => run [apt-cacher-ng in a different
container](https://docs.docker.com/examples/apt-cacher-ng/)
* Even with `--cache false`, some directories (`chroot`, `cache`) are
saved and retrieved from the container upon shutdown; same for
live-config -generated `config/*` files. That's because the current
directory is shared read-write with the container somehow.
This bind-mount should be read-only, but we still need to get the
build artifacts back on the host:
- see [Managing data in
containers](https://docs.docker.com/userguide/dockervolumes/)
- use `VOLUME` to share (read-write) the place where the build
artifacts shall be copied
* We're currently using the `debian:wheezy` template, that likely we
should not trust. How should we build, maintain, publish and use
our own?
* Being in the `docker` group is basically equivalent to having full
root access. Do we want to encourage contributors to do that, or
to run `docker` commands with `sudo`, or to use Docker in
a virtual machine?
* We currently pass `--privileged` to `docker run`. Should we remove
it, and if yes, how?
- According to
<https://docs.docker.com/articles/dockerfile_best-practices/>,
"many of the “essential” packages from the base images will fail
to upgrade inside an unprivileged container". It seems that
the best practice is to publish _and regularly update_ a base
image, so that the most common usecases can avoid the APT upgrade
steps, and then run unprivileged.
* Adding `.git` to the `.dockerignore` file would speed up the build,
but some code in our build process wants to know what branch or
commit we're building from => maybe we could pre-compute this
information, and pass it to the build command in some way?
* What execution environment do we want to support? Only LXC
via libcontainer? Any usecase for e.g. the systemd- or
libvirt-based ones?
* Move more stuff from `Makefile` to `Dockerfile`? E.g. `DOCKER_MOUNT`
could be specified as `VOLUME`. Can we specify the build command as
`CMD`?
......@@ -11,9 +11,10 @@ Goals of our Vagrant thing
2. Improve consistency between our various ways of building Tails ISOs
(Tails developers currently use at least 3 different build setups,
and our auto-builder yet another one).
3. Ideally, our "easy build" instructions should work at least on:
3. Our "easy build" instructions must work at least on:
- Debian stable + backports
- Debian testing
4. Ideally, our "easy build" instructions should also work at least on:
- latest Ubuntu LTS
- latest Ubuntu non-LTS
......@@ -38,7 +39,7 @@ What we have
- retrieve the build artifacts from the build VM onto the host system
* Vagrant hasn't been actively maintained in Debian for a while.
It'll likely be part of Jessie, but that's by a very short margin.
It'll be part of Jessie, but that was by a very short margin.
* VirtualBox vs. QEMU/KVM:
- One can't run both VirtualBox and QEMU/KVM on the same system.
......
[[!toc levels=2]]
Related pages
=============
* [[!tails_ticket 5525]]
* [[blueprint/Mandatory_Access_Control]]
* [[contribute/design/application_isolation]]
Status
======
## automated test passes
(needs to be run again with current status of the branch at some point)
* feature/i2p (unconfined)
* feature/torified_browsing
* feature/unsafe_browser (unconfined)
* feature/windows_camouflage
* open `https://` URL from Pidgin
* relevant bits of feature/usb_install
- view persistent bookmarks, in read-only persistence mode ([[!tails_ticket 8787]])
- persistent bookmarks, RW
## manual test OK
(needs to be tested again with current status of the branch at some point)
* add NoScript exception
* change stuff in about:prefs
* manually update AdBlock Plus lists
* add a bookmark, with persistent bookmarks feature enabled, in
read-only persistence mode
## manual test OK, maybe needs automated test
* download to non-persistent ~/Downloads
* YouTube audio and video playback
* non-YouTube HTML5 video playback
* "Tails documentation" link on the Desktop ([[!tails_ticket 8788]])
## broken
## needs testing
* download to persistent ~/Downloads, in read-write persistence mode
* download to persistent ~/Downloads, in read-only persistence mode
* upload from non-persistent ~/Downloads
* upload from persistent ~/Downloads, in read-write persistence mode
* upload from persistent ~/Downloads, in read-only persistence mode
* import OpenPGP key from website (if supported in 1.2.3)
* click email address on a website (if supported in 1.2.3)
* install a Firefox add-on (this does not mean we actively support that, right? :)
User experience matters
=======================
Downloading files
-----------------
Tor Browser will be allowed to save files in
`/home/amnesia/Downloads/` only.
doc++: where to download, how to upload
Usability issue: if not enough space in RAM for hosting ~/Downloads/
* added a persistence setting for Downloads
* added a GNOME bookmark called "Downloads" when the Downloads
persistence feature is enabled; remaining questions:
- Rename this bookmark "Persistent Downloads"? But then users may
lose data by mistake when they use read-only persistence option.
OTOH, we have had a "Persistent" bookmark for years, even in
read-only persistence mode, and nobody complains.
- Rename this persistent directory and the corresponding bookmark to
include the "Uploading files" use case? (see below)
Uploading files
---------------
Basically the same problem as for downloading files. Is it better to
share a common whitelisted directory, or to add a different one to
the whitelist?
Document that one should put files in the `/home/amnesia/Downloads`
folder before uploading them, and make sure that it's the folder
selected by default when clicking a "Browse" upload button on
a website?
......@@ -20,7 +20,7 @@ msgstr ""
#, no-wrap
#| msgid "[[!meta title=\"bugs\"]]"
msgid "[[!meta title=\"Bugs\"]]\n"
msgstr "[[!meta title=\"Bugs\"]]"
msgstr "[[!meta title=\"Bugs\"]]\n"
#. type: Plain text
#| msgid ""
......
......@@ -2,6 +2,13 @@
[[!toc levels=2]]
Git repository and branches
===========================
You will need to clone the Tails Git repository, and to checkout the
branch that you want to build (most likely, _not_ `master`): learn
more about [[our Git branches layout|contribute/git#main-repo]].
<a id="vagrant"></a>
Using Vagrant
......
......@@ -2,9 +2,28 @@
* 2015-02-03: [[Monthly meeting|contribute/meetings]]
* 2015-03-12: [[Low-hanging fruits session|contribute/low-hanging_fruit_sessions]]
* 2015-02-24: Release 1.3. anonym is [[contribute/working_together/roles/release_manager]]
* 2015-02-11:
- Feature freeze for Tails 1.3.
- Translation window starts for Tails 1.3.
- Build and upload Tails 1.3~rc1 ISO image and IUKs.
- Start testing Tails 1.3~rc1 during late CET?
* 2015-02-12:
- Finish testing Tails 1.3~rc1 by the afternoon, CET.
- Release Tails 1.3~rc1 during late CET.
* 2015-02-12: [[Low-hanging fruits session|contribute/low-hanging_fruit_sessions]]
* 2015-02-23:
- All translations and bug fixes targeting Tails 1.3 must be merged
into the 'testing' branch.
- Tor Browser 4.x, based on Firefox 31.5.0esr is *hopefully* out.
- Build and upload Tails 1.3 ISO image and IUKs.
- Start testing Tails 1.3 during late CET?
* 2015-02-24:
- Finish testing Tails 1.3 by the afternoon, CET.
- Release Tails 1.3 during late CET.
* 2015-03-03: [[Monthly meeting|contribute/meetings]]
......
......@@ -577,6 +577,15 @@ Both with the old and new Tails upgrade systems, mounting such an
attack requires either to take control of the Tails website or to
break the SSL/TLS connection between the client and the server.
This attack is slightly mitigated by the fact that we are announcing
new releases in other ways:
* one that does not rely on our website at all (Twitter);
* one that does not rely on our website to be safe at the time Tails
Upgrader checks for available upgrades, as long as it was safe at
the time the new release was published (<amnesia-news@boum.org>
announce mailing-list).
The move to a secure upgrade system, such as TUF, would make this
stronger, thanks to short-lived signatures on meta-data.
......@@ -599,6 +608,10 @@ The upgrade-description files downloader and verifier could refuse to
download upgrade-description files bigger than some reasonable
constant, but this is not implemented yet.
This attack, when performed against the upgrade-description files
downloader and verifier is slightly mitigated in the same way as
"Indefinite freeze attacks" are.
### Slow retrieval attacks
> An attacker responds to clients with a very slow stream of data that
......
......@@ -78,6 +78,8 @@ Creating a new repository
Repositories
============
<a id="main-repo"></a>
Main repository
---------------
......
......@@ -40,20 +40,22 @@ up/down, you can add those lines in .vimrc:
Check the validity of PO files
==============================
Use the tool [i18nspector](http://jwilk.net/software/i18nspector).
To copy, install and run it issue the following commands in the folder where
you want to download it:
To check the validity of PO files, install [i18nspector](http://jwilk.net/software/i18nspector)
by running the following command line, as root:
apt-get install i18nspector/unstable
You can then check a single file:
i18nspector <PO file>
Run i18nspector on the whole wiki
=================================
or the whole wiki:
cd wiki/src
contribute/l10n_tricks/check_po.sh
You can get an explaination of each error message on the [[following documentation|https://readthedocs.org/projects/i18nspector/downloads/pdf/latest/]]
Rewrap files
============
......
......@@ -37,6 +37,7 @@ no-package-name-in-project-id-version
no-plural-forms-header-field
no-report-msgid-bugs-to-header-field
no-version-in-project-id-version
stray-previous-msgid
unable-to-determine-language
unknown-poedit-language
" | grep -v '^$' > "$PATTERNS_FILE"
......
......@@ -787,6 +787,15 @@ Tor weekly news
Write a short announcement for the Tor weekly news, or find someone
who's happy to do it.
Amnesia news
------------
The release notes should have been automatically sent to
`amensia-news@` (thanks to the `announce` flag) but it will be stuck
in the moderation
queue. [Log in](https://mailman.boum.org/admindb/amnesia-news) and
accept it.
Prepare for the next release
============================
......
......@@ -574,6 +574,11 @@ Enable Windows camouflage via the Tails Greeter checkbox and:
# Documentation
* The "Tails documentation" desktop launcher should open the
[[getting started]] page (automate: [[!tails_ticket 8788]]):
- in English
- in one language to which the website is translated
- in one language to which the website is not translated (=> English)
* Browse around in the documentation shipped in the image. Internal
links should be fine.
......
......@@ -22,6 +22,9 @@
* Create a ticket for the release your shift is about, so that we
update the CA bundle that's used by Tails Upgrader and the
security check.
- Check when our OpenPGP signing key expires.
If that's before, or soon after, the scheduled date for the release
_after_ the one your shift is about, then shout.
## Around two weeks before the freeze
......
......@@ -7,10 +7,9 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"POT-Creation-Date: 2014-12-02 16:30+0100\n"
"PO-Revision-Date: 2014-10-09 16:12-0000\n"
"PO-Revision-Date: 2015-01-18 11:01-0000\n"
"Last-Translator: \n"
"Language-Team: LANGUAGE <LL@li.org>\n"
"Language: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
......@@ -104,7 +103,7 @@ msgstr ""
" - l'interface graphique [Vidalia](https://www.torproject.org/projects/vidalia)\n"
"* [NetworkManager](http://projects.gnome.org/NetworkManager/) pour une\n"
" configuration réseau simple\n"
"* Le [Tor Browser](https://www.torproject.org/projects/torbrowser.html.en), un navigateur\n"
"* Le [navigateur Tor](https://www.torproject.org/projects/torbrowser.html.en), un navigateur\n"
" web basé sur [Mozilla Firefox](http://getfirefox.com) et modifié pour protéger votre anonymat, avec :\n"
" - [Torbutton](https://www.torproject.org/torbutton) pour\n"
" l'anonymat et la protection contre JavaScript\n"
......
......@@ -7,10 +7,9 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"POT-Creation-Date: 2014-10-15 18:40+0300\n"
"PO-Revision-Date: 2014-05-10 20:53-0000\n"
"PO-Revision-Date: 2015-01-18 11:05-0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
"Language: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
......@@ -47,8 +46,8 @@ msgstr ""
"[[Comme expliqué sur notre page d'avertissements|warning#fingerprint]], en utilisant Tails\n"
"il est possible de savoir que vous utilisez Tor. Mais Tails essaye de rendre\n"
"**aussi difficile que possible de distinguer les utilisateurs de Tails de ceux de Tor**,\n"
"en particulier des personnes utilisant le <span class=\"application\">Tor Browser</span> en dehors de Tails.\n"
"La possibilité de savoir si vous êtes un utilisateur du <span class=\"application\">Tor Browser</span> dans Tails\n"
"en particulier des personnes utilisant le <span class=\"application\">navigateur Tor</span> en dehors de Tails.\n"
"La possibilité de savoir si vous êtes un utilisateur du <span class=\"application\">navigateur Tor</span> dans Tails\n"
"ou en dehors fournit plus d'informations sur vous et diminue d'autant plus votre\n"
"anonymat.\n"
......@@ -86,7 +85,7 @@ msgid ""
"order to have similar fingerprints.\n"
msgstr ""
"Pour rendre difficile de distinguer un utilisateur de Tails,\n"
"**le <span class=\"application\">Tor Browser</span> inclus dans Tails essaye de révéler des informations identiques à un <span class=\"application\">Tor Browser</span> utilisé sur un autre système d'exploitation**\n"
"**le <span class=\"application\">navigateur Tor</span> inclus dans Tails essaye de révéler des informations identiques à un <span class=\"application\">navigateur Tor</span> utilisé sur un autre système d'exploitation**\n"
"afin d'avoir des empreintes similaires.\n"
#. type: Plain text
......@@ -99,7 +98,7 @@ msgid ""
msgstr ""
"Voir la [[section empreinte des problèmes connus|support/known_issues#fingerprint]]\n"
"pour une liste des différences connues entre l'empreinte du navigateur\n"
"<span class=\"application\">Tor Browser</span> dans Tails et en dehors.\n"
"<span class=\"application\">navigateur Tor</span> dans Tails et en dehors.\n"
#. type: Plain text
#, no-wrap
......@@ -109,7 +108,7 @@ msgid ""
"specific to Tails**. More sophisticated\n"
"attacks can use those differences to distinguish Tails users.\n"
msgstr ""
"En plus de cela, **quelques extensions inclues dans le <span class=\"application\">Tor Browser</span> de Tails sont spécifiques à Tails*.\n"
"En plus de cela, **quelques extensions inclues dans le <span class=\"application\">navigateur Tor</span> de Tails sont spécifiques à Tails*.\n"
"Des attaques plus sophistiquées peuvent utiliser ces différences pour distinguer\n"
"les utilisateurs de Tails.\n"
......@@ -175,13 +174,13 @@ msgid ""
"generating only Tor traffic and so maybe using Tails."
msgstr ""
"Un système Tails ne **génère quasiment que du trafic Tor** sur le réseau. "
"Habituellement les utilisateurs du <span class=\"application\">Tor Browser</"
"span> ont également du trafic hors de Tor, que ce soit à travers un autre "
"navigateur web ou d'autres applications. Ce qui fait que la proportion de "
"trafic via Tor pourrait être utilisée pour savoir si un utilisateur du <span "
"class=\"application\">Tor Browser</span> utilise Tails ou non. Si vous "
"partagez une connexion Internet avec d'autres personnes qui n'utilisent pas "
"Tails, il est probablement plus difficile pour votre FAI de savoir si un "
"Habituellement les utilisateurs du <span class=\"application\">navigateur "
"Tor</span> ont également du trafic hors de Tor, que ce soit à travers un "
"autre navigateur web ou d'autres applications. Ce qui fait que la proportion "
"de trafic via Tor pourrait être utilisée pour savoir si un utilisateur du "
"<span class=\"application\">navigateur Tor</span> utilise Tails ou non. Si "
"vous partagez une connexion Internet avec d'autres personnes qui n'utilisent "
"pas Tails, il est probablement plus difficile pour votre FAI de savoir si un "
"utilisateur génère seulement du trafic Tor ou s'il utilise Tails."
#. type: Bullet: ' - '
......
......@@ -7,10 +7,9 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"POT-Creation-Date: 2014-06-08 19:38+0300\n"
"PO-Revision-Date: 2014-05-11 13:35-0000\n"
"PO-Revision-Date: 2015-01-18 11:06-0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
"Language: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
......@@ -181,7 +180,7 @@ msgstr ""
"Tails est un système d'exploitation complet qui utilise Tor en tant qu'application\n"
"réseau par défaut. The Tor Project recommande l'utilisation de Tails pour les cas\n"
"d'usages non pris en compte par leurs propres projets (par exemple le\n"