Commit ecebc7fb authored by sajolida's avatar sajolida
Browse files

Last edits all over the place!

parent 18b83410
Pipeline #2747 failed with stage
in 3 minutes and 6 seconds
......@@ -3,12 +3,12 @@
<div class="caution">
<p>Tails is safer than a regular operating system. But neither Tails, nor any
<p>Tails is safer than any regular operating system. But neither Tails, nor any
software or operating system can protect you 100% from everything. Even if they
pretend to.</p>
<p>The recommendations and limitations below will keep you even safer,
especially if your use of Tails puts you at high risk.</p>
<p>The recommendations below will keep you even safer,
especially if you are at high risk.</p>
</div>
......
......@@ -10,13 +10,13 @@
</div>
<h2 id="software">Install Tails from a computer you trust</h2>
<h2 id="software">Install Tails from a computer that you trust</h2>
<p>Tails protects you from viruses and malware on your usual
operating system. This is because Tails runs independently from other operating systems.</p>
<p>If you install Tails from a compromised operating system, your
Tails might be corrupted. To reduce that risk:</p>
<p>But your Tails might be corrupted if you install from a compromised
operating system. To reduce that risk:</p>
<ul>
......@@ -47,34 +47,34 @@ installation, but one could be created in the future.</p>
<p>Your computer might be compromised if its physical components have been altered.
For example, if a keylogger has been physically installed on your computer,
your passwords, personal information, and other data typed on your keyboard could
be stored and accessed by someone else, even if youre using Tails.</p>
be stored and accessed by someone else, even if you are using Tails.</p>
<p>Always keep your personal computer in a safe location. Hardware alteration is more likely on public computers
(like those in internet cafés or libraries) and desktop computers, where a device is easier to hide.</p>
<p>Try to keep your computer in a safe location. Hardware alterations are more likely on public computers,
in internet cafés or libraries, and desktop computers, where a device is easier to hide.</p>
<p>If you worry that the computer that you use for Tails might be modified:</p>
<p>If you worry that a computer might be modified:</p>
<ul>
<li><p>Use a [[password manager|doc/encryption_and_privacy/manage_passwords]] to
paste saved passwords. That way, you don't have to type passwords that might
paste saved passwords. This way, you don't have to type passwords that might
be visible to people or cameras near you.</p></li>
<li><p>Use the [[Screen Keyboard|doc/encryption_and_privacy/virtual_keyboard]],
if you are using a public computer or worry that your computer might be
compromised with a keylogger.</p></li>
if you are using a public computer or worry that the computer might have
a keylogger.</p></li>
</ul>
<div class="attack">
<p>Keyloggers are easy to buy and use on desktop computers but not on
<p>Keyloggers are easy to buy and hide on desktop computers but not on
laptops. For an example, see
<a href="https://www.youtube.com/watch?v=6JJo8qCYE8M">KeeLog: KeyGrabber
forensic keylogger getting started</a>.</p>
<p>Other hardware alterations are much more complicated and expensive
to perform. For an example, see
to install. For an example, see
<a href="https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/">Ars
Technica: Photos of an NSA “upgrade” factory show Cisco router getting
implant</a>.</p>
......@@ -85,9 +85,9 @@ implant</a>.</p>
<p>Firmware includes the BIOS or UEFI and other code stored in electronic chips on the computer.
All operating systems, including Tails, depend on firmware to start and run, so no operating system
can protect you from a firmware attack. Like a car depends on the quality of the road it is driving on.</p>
can protect against a firmware attack. Like a car depends on the quality of the road it is driving on.</p>
<p>Keeping your computer physically secure can protect against some firmware
<p>Keeping your computer in a safe location can protect against some firmware
attacks, but some other firmware attacks can be performed remotely.</p>
<div class="attack">
......
......@@ -17,18 +17,17 @@
<ul>
<li><p>JPEG and other image files often contain information about
where a picture was taken and information about the
device used to take the picture.</p></li>
where a picture was taken and which camera was used.</p></li>
<li><p>Files created by word processing software often contain information
<li><p>Office documents often contain information
about the author of the document, and the date and time the document was
created.</p></li>
</ul>
<p>To help you clean metadata from your files, Tails comes with
[[<i>mat2</i>|doc/sensitive_documents/metadata]]</a>, a metadata removal tool
that supports a wide range of commonly used file formats.</p>
<p>To help you clean metadata, Tails includes
[[<i>mat2</i>|doc/sensitive_documents/metadata]]</a>, a tool to remove metadata
in a wide range of file formats.</p>
<div class="attack">
......@@ -43,15 +42,17 @@ Guatemala</a>.</p>
<h2 id="contextual">Use Tails sessions for only one purpose at a time</h2>
<p>If you use Tails sessions for more than one purpose at a time,
an adversary could correlate a relationship between your
activities.</p>
an adversary could link your different
activities together.</p>
<p>For example, if you log into different accounts on the same website in a
single Tails session, the website could determine that the accounts
are used by the same person, since the connections are coming from the same
Tor circuit.</p>
performing your different activities. For example, restart Tails between checking
<p>To prevent an adversary from linking your
activities together while using Tails, restart Tails between
different activities. For example, restart Tails between checking
your work email and your whistleblowing email.</p>
<div class="attack">
......@@ -61,8 +62,8 @@ used Tails for different purposes at a time.</p>
</div>
<p>If you are concerned that the files you have saved in your Persistent
Storage can be used to link your different activities together, you should
consider using a different Tails USB stick for each of your activities.
For example, you can use one Tails USB stick for activism work and one
Tails USB stick for journalism work.</p>
<p>If you worry that the files in your Persistent
Storage could be used to link your activities together,
consider using a different Tails USB stick for each activity.
For example, use one Tails USB stick for your activism work and another one
for your journalism work.</p>
......@@ -4,6 +4,6 @@
your identity:</p>
<ul>
<li>Sharing pictures containing metadata, such as date, time, location, and device information</li>
<li>Sharing files with metadata, such as date, time, location, and device information</li>
<li>Using Tails for more than one purpose at a time</li>
</ul>
......@@ -13,13 +13,13 @@
<h2 id="fingerprint">Tails makes it clear that you are using Tor and probably Tails</h2>
<p>Tor and Tails don't protect you by making you look like any random Internet
user, but by making all Tor and Tails users look the same. Then, it becomes
user, but by making all Tor and Tails users look the same. It becomes
impossible to know who is who among them.</p>
<ul>
<li><p>Your Internet service provider (ISP) or local network can
see when you connect to the Tor network. They still cannot know what sites you visit.
<li><p>Your Internet service provider (ISP) and local network can
see that you connect to the Tor network. They still cannot know what sites you visit.
To hide that you connect to Tor, you can use [[Tor bridges|first_steps/welcome_screen/bridge_mode]].</p></li>
<li><p>The sites that you visit can know that you are using Tor, because the
......@@ -31,7 +31,7 @@ nodes of the Tor network</a> is public.</p></li>
<div class="attack">
<p>Parental controls, Internet service providers, and countries
such as China and Iran can identify and block connections to the Tor
with heavy censorship can identify and block connections to the Tor
network that don't use Tor bridges.</p>
</div>
......@@ -43,11 +43,11 @@ network.</p>
</div>
<h2 id="exit">Tor exit traffic can be eavesdropped</h2>
<h2 id="exit">Exit nodes can intercept traffic to the destination server</h2>
<p>Tor hides your location from destination servers, but it does not encrypt
<i>all</i> your communication. The last relay on a Tor circuit, called the exit node,
establishes the actual connection to destination servers and that last step could be unsecure.</p>
<i>all</i> your communication. The last relay of a Tor circuit, called the <i>exit node</i>,
establishes the actual connection to the destination server. This last step can be unencrypted.</p>
[[!img htw2-tails.png link=no alt="A Tor connection usually goes through 3 relays with the last one establishing the actual connection to the final destination"]]
......@@ -61,7 +61,7 @@ encrypt as much as possible the connection between the exit node and the
destination server.</p></li>
<li><p>Pretend to be the destination server, a technique known as
<i>machine-in-the-middle attack</i> (MitM). That is why you should pay even
<i>machine-in-the-middle</i> attack (MitM). That is why you should pay even
more attention to the security warnings in <i>Tor Browser</i>. If you get such
a warning, try to disconnect and reconnect from your local network to restart
Tor and use a different exit node.</p></li>
......@@ -71,7 +71,7 @@ Tor and use a different exit node.</p></li>
[[!img ssl_warning.png link=no alt="Warning: Potential Security Risk Ahead"]]
<p>To learn more about what information is available to someone observing the different
parts of a Tor circuit, see the interactive infography at
parts of a Tor circuit, see the interactive graphics at
<a href="https://support.torproject.org/https/https-1/">Tor FAQ: Can exit nodes
eavesdrop on communications?</a>.</p>
......@@ -85,11 +85,11 @@ passwords</a>.</p>
</div>
<h2 id="correlation">Adversaries watching both Tor entrance and exit nodes might be able to identify users</h2>
<h2 id="correlation">Adversaries watching both ends of a Tor circuit could deanonymize users</h2>
<p>A powerful adversary, who could analyze the timing and shape of the traffic
entering and exiting the Tor network, might be able to deanonymize Tor users.
These attacks are called <i>end-to-end correlation attacks</i>, because the attacker
These attacks are called <i>end-to-end correlation</i> attacks, because the attacker
has to observe both ends of a Tor circuit at the same time.</p>
<p>No anonymity network that can be used for rapid connections, like browsing
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment