Mike Perry commited on 2011-12-25 02:10:12
Zeige 2 geänderte Dateien mit 106 Einfügungen und 100 Löschungen.
... | ... |
@@ -153,13 +153,14 @@ you are used to. </p> |
153 | 153 |
|
154 | 154 |
<p> |
155 | 155 |
|
156 |
-Tor only protects Internet applications that are configured to send their |
|
157 |
-traffic through Tor — it doesn't magically anonymize all of your traffic |
|
158 |
-just because you install it. We strongly recommend you use the <a href="<page |
|
159 |
-projects/torbrowser>">Tor Browser Bundle</a>. It is pre-configured to protect |
|
160 |
-your privacy and anonymity on the web as long as you're browsing with Tor |
|
156 |
+Tor does not protect all of your computer's Internet traffic when you |
|
157 |
+run it. Tor only protects your applications that are properly configured to |
|
158 |
+send their Internet traffic through Tor. To avoid problems with Tor |
|
159 |
+configuration, we strongly recommend you use the |
|
160 |
+<a href="<page projects/torbrowser>">Tor Browser Bundle</a>. It is pre-configured to protect |
|
161 |
+your privacy and anonymity on the web as long as you're browsing with the Tor |
|
161 | 162 |
Browser itself. Almost any other web browser configuration is likely to be |
162 |
-unsafe. |
|
163 |
+unsafe to use with Tor. |
|
163 | 164 |
|
164 | 165 |
</p> |
165 | 166 |
|
... | ... |
@@ -169,17 +170,14 @@ unsafe. |
169 | 170 |
|
170 | 171 |
<p> |
171 | 172 |
|
172 |
-The Tor Browser will block browser plugins such as Java, Flash, ActiveX, |
|
173 |
-RealPlayer, Quicktime, Adobe's PDF plugin, and others: they can be manipulated |
|
174 |
-into revealing your IP address. Similarly, we do not recommend installing |
|
175 |
-additional addons or plugins into the Tor Browser, as these may bypass Tor or |
|
176 |
-otherwise impede your anonymity. This means Youtube is disabled by default. |
|
177 |
-Youtube provides an experimental |
|
178 |
-<a href="https://www.youtube.com/html5">non-Flash HTML5 mode</a> that works for |
|
179 |
-many videos, but you must visit that link to opt-in manually. Youtube's |
|
180 |
-support for the HTML5 feature is buggy and incomplete, so we are also working |
|
181 |
-to provide a safe way to temporarily enable Flash in future Tor Browser |
|
182 |
-versions. |
|
173 |
+The Tor Browser will block browser plugins such as Flash, RealPlayer, |
|
174 |
+Quicktime, and others: they can be manipulated into revealing your IP address. |
|
175 |
+Similarly, we do not recommend installing additional addons or plugins into |
|
176 |
+the Tor Browser, as these may bypass Tor or otherwise harm your anonymity and |
|
177 |
+privacy. The lack of plugins means that Youtube videos are blocked by default, |
|
178 |
+but Youtube does provide an experimental opt-in feature |
|
179 |
+<a href="https://www.youtube.com/html5">(enable it here)</a> that works for some |
|
180 |
+videos. |
|
183 | 181 |
|
184 | 182 |
</p> |
185 | 183 |
|
... | ... |
@@ -188,18 +186,20 @@ versions. |
188 | 186 |
<li><b>Use HTTPS versions of websites</b> |
189 | 187 |
|
190 | 188 |
<p> |
191 |
-Tor anonymizes the origin of your traffic, and it encrypts everything between |
|
192 |
-you and the Tor network and everything inside the Tor network, but |
|
193 |
-<a href="<wikifaq>#SoImtotallyanonymousifIuseTor">it can't encrypt your traffic |
|
194 |
-between the Tor network and its final destination.</a> To help ensure |
|
195 |
-privacy for the last leg, the Tor Browser Bundle includes |
|
196 |
-<a href="https://www.eff.org/https-everywhere">HTTPS Everywhere</a> to force |
|
197 |
-the use of HTTPS with a number of major websites, but you should still |
|
198 |
-watch the browser URL bar to ensure that websites you provide sensitive information |
|
199 |
-to display a |
|
189 |
+ |
|
190 |
+Tor will encrypt your traffic |
|
191 |
+<a href="https://www.torproject.org/about/overview.html.en#thesolution">to and |
|
192 |
+within the Tor network</a>, but the encryption of your traffic to the final |
|
193 |
+destination website depends upon on that website. To help ensure private |
|
194 |
+encryption to websites, the Tor Browser Bundle includes <a |
|
195 |
+href="https://www.eff.org/https-everywhere">HTTPS Everywhere</a> to force the |
|
196 |
+use of HTTPS encryption with major websites that support it. However, you |
|
197 |
+should still watch the browser URL bar to ensure that websites you provide |
|
198 |
+sensitive information to display a |
|
200 | 199 |
<a href="https://support.mozilla.com/en-US/kb/Site%20Identity%20Button">blue or |
201 |
-green validation</a>, include <b>https://</b> in the URL bar, |
|
202 |
-and display the proper name for the current website. |
|
200 |
+green URL bar button</a>, include <b>https://</b> in the URL, and display the |
|
201 |
+proper expected name for the website. |
|
202 |
+ |
|
203 | 203 |
</p> |
204 | 204 |
|
205 | 205 |
</li> |
... | ... |
@@ -208,20 +208,19 @@ and display the proper name for the current website. |
208 | 208 |
|
209 | 209 |
<p> |
210 | 210 |
|
211 |
-The Tor Browser will warn you before automatically opening documents |
|
212 |
-that are handled by external applications. <b>DO NOT IGNORE THIS WARNING</b>. |
|
213 |
-You should be very careful when downloading documents via Tor (especially DOC |
|
214 |
-and PDF files) as these documents can contain Internet resources that will be |
|
215 |
-downloaded outside of Tor by the application that opens them. These documents |
|
216 |
-can be modified by malicious exit nodes, or by a website that is trying to trick |
|
217 |
-you into revealing your non-Tor IP address. If you must work with DOC and/or |
|
218 |
-PDF files, we strongly recommend using a disconnected computer, a |
|
219 |
-<a href="https://www.virtualbox.org/">VirtualBox</a> free |
|
220 |
-<a href="http://virtualboxes.org/">image</a> with networking disabled, or |
|
221 |
-<a href="http://tails.boum.org/">Tails</a>. Under no circumstances is it safe to |
|
222 |
-use <a |
|
223 |
-href="https://blog.torproject.org/blog/bittorrent-over-tor-isnt-good-idea">BitTorrent |
|
224 |
-and Tor</a> together. |
|
211 |
+The Tor Browser will warn you before automatically opening documents that are |
|
212 |
+handled by external applications. <b>DO NOT IGNORE THIS WARNING</b>. You |
|
213 |
+should be very careful when downloading documents via Tor (especially DOC and |
|
214 |
+PDF files) as these documents can contain Internet resources that will be |
|
215 |
+downloaded outside of Tor by the application that opens them. This will reveal |
|
216 |
+your non-Tor IP address. If you must work with DOC and/or PDF files, we |
|
217 |
+strongly recommend either using a disconnected computer, |
|
218 |
+downloading the free <a href="https://www.virtualbox.org/">VirtualBox</a> and |
|
219 |
+using it with a <a href="http://virtualboxes.org/">virtual machine image</a> |
|
220 |
+with networking disabled, or using <a href="http://tails.boum.org/">Tails</a>. |
|
221 |
+Under no circumstances is it safe to use |
|
222 |
+<a href="https://blog.torproject.org/blog/bittorrent-over-tor-isnt-good-idea">BitTorrent |
|
223 |
+and Tor</a> together, however. |
|
225 | 224 |
|
226 | 225 |
</p> |
227 | 226 |
|
... | ... |
@@ -230,14 +229,18 @@ and Tor</a> together. |
230 | 229 |
<li><b>Use bridges and/or find company</b> |
231 | 230 |
|
232 | 231 |
<p> |
233 |
-Tor tries to prevent attackers from learning what destinations you connect |
|
234 |
-to. It doesn't prevent somebody watching your traffic from learning that |
|
235 |
-you're using Tor. You can mitigate (but not fully resolve) the risk |
|
236 |
-by using a <a href="<page docs/bridges>">Tor bridge relay</a> rather than |
|
237 |
-connecting directly to the public Tor network, but ultimately the best |
|
238 |
-protection here is a social approach: the more Tor users there are near |
|
239 |
-you and the more <a href="<page about/torusers>">diverse</a> their interests, |
|
240 |
-the less dangerous it will be that you are one of them. |
|
232 |
+ |
|
233 |
+Tor tries to prevent attackers from learning what destination websites you |
|
234 |
+connect to. However, by default, it does not prevent somebody watching your Internet |
|
235 |
+traffic from learning that you're using Tor. If this matters to you, you can |
|
236 |
+reduce this risk by configuring Tor to use a <a href="<page docs/bridges>">Tor |
|
237 |
+bridge relay</a> rather than connecting directly to the public Tor network. |
|
238 |
+Ultimately the best protection is a social approach: the more Tor |
|
239 |
+users there are near you and the more |
|
240 |
+<a href="<page about/torusers>">diverse</a> their interests, the less |
|
241 |
+dangerous it will be that you are one of them. Convince other people to use |
|
242 |
+Tor, too! |
|
243 |
+ |
|
241 | 244 |
</p> |
242 | 245 |
|
243 | 246 |
</li> |
... | ... |
@@ -290,13 +290,14 @@ you are used to.</p> |
290 | 290 |
|
291 | 291 |
<p> |
292 | 292 |
|
293 |
-Tor only protects Internet applications that are configured to send their |
|
294 |
-traffic through Tor — it doesn't magically anonymize all of your traffic |
|
295 |
-just because you install it. We strongly recommend you use the <a href="<page |
|
296 |
-projects/torbrowser>">Tor Browser Bundle</a>. It is pre-configured to protect |
|
297 |
-your privacy and anonymity on the web as long as you're browsing with Tor |
|
293 |
+Tor does not protect all of your computer's Internet traffic when you |
|
294 |
+run it. Tor only protects your applications that are properly configured to |
|
295 |
+send their Internet traffic through Tor. To avoid problems with Tor |
|
296 |
+configuration, we strongly recommend you use the |
|
297 |
+<a href="<page projects/torbrowser>">Tor Browser Bundle</a>. It is pre-configured to protect |
|
298 |
+your privacy and anonymity on the web as long as you're browsing with the Tor |
|
298 | 299 |
Browser itself. Almost any other web browser configuration is likely to be |
299 |
-unsafe. |
|
300 |
+unsafe to use with Tor. |
|
300 | 301 |
|
301 | 302 |
</p> |
302 | 303 |
|
... | ... |
@@ -306,17 +307,14 @@ unsafe. |
306 | 307 |
|
307 | 308 |
<p> |
308 | 309 |
|
309 |
-The Tor Browser will block browser plugins such as Java, Flash, ActiveX, |
|
310 |
-RealPlayer, Quicktime, Adobe's PDF plugin, and others: they can be manipulated |
|
311 |
-into revealing your IP address. Similarly, we do not recommend installing |
|
312 |
-additional addons or plugins into the Tor Browser, as these may bypass Tor or |
|
313 |
-otherwise impede your anonymity. This means Youtube is disabled by default. |
|
314 |
-Youtube provides an experimental |
|
315 |
-<a href="https://www.youtube.com/html5">non-Flash HTML5 mode</a> that works for |
|
316 |
-many videos, but you you must visit that link opt-in manually. Youtube's |
|
317 |
-support for the HTML5 feature is buggy and incomplete, so we are also working |
|
318 |
-to provide a safe way to temporarily enable Flash in future Tor Browser |
|
319 |
-versions. |
|
310 |
+The Tor Browser will block browser plugins such as Flash, RealPlayer, |
|
311 |
+Quicktime, and others: they can be manipulated into revealing your IP address. |
|
312 |
+Similarly, we do not recommend installing additional addons or plugins into |
|
313 |
+the Tor Browser, as these may bypass Tor or otherwise harm your anonymity and |
|
314 |
+privacy. The lack of plugins means that Youtube videos are blocked by default, |
|
315 |
+but Youtube does provide an experimental opt-in feature |
|
316 |
+<a href="https://www.youtube.com/html5">(enable it here)</a> that works for some |
|
317 |
+videos. |
|
320 | 318 |
|
321 | 319 |
</p> |
322 | 320 |
|
... | ... |
@@ -325,18 +323,20 @@ versions. |
325 | 323 |
<li><b>Use HTTPS versions of websites</b> |
326 | 324 |
|
327 | 325 |
<p> |
328 |
-Tor anonymizes the origin of your traffic, and it encrypts everything between |
|
329 |
-you and the Tor network and everything inside the Tor network, but |
|
330 |
-<a href="<wikifaq>#SoImtotallyanonymousifIuseTor">it can't encrypt your traffic |
|
331 |
-between the Tor network and its final destination.</a> To help ensure |
|
332 |
-privacy for the last leg, the Tor Browser Bundle includes |
|
333 |
-<a href="https://www.eff.org/https-everywhere">HTTPS Everywhere</a> to force |
|
334 |
-the use of HTTPS with a number of major websites, but you should still |
|
335 |
-watch the browser URL bar to ensure that websites you provide sensitive information |
|
336 |
-to display a |
|
326 |
+ |
|
327 |
+Tor will encrypt your traffic |
|
328 |
+<a href="https://www.torproject.org/about/overview.html.en#thesolution">to and |
|
329 |
+within the Tor network</a>, but the encryption of your traffic to the final |
|
330 |
+destination website depends upon on that website. To help ensure private |
|
331 |
+encryption to websites, the Tor Browser Bundle includes <a |
|
332 |
+href="https://www.eff.org/https-everywhere">HTTPS Everywhere</a> to force the |
|
333 |
+use of HTTPS encryption with major websites that support it. However, you |
|
334 |
+should still watch the browser URL bar to ensure that websites you provide |
|
335 |
+sensitive information to display a |
|
337 | 336 |
<a href="https://support.mozilla.com/en-US/kb/Site%20Identity%20Button">blue or |
338 |
-green validation</a>, include <b>https://</b> in the URL bar, |
|
339 |
-and display the proper name for the current website. |
|
337 |
+green URL bar button</a>, include <b>https://</b> in the URL, and display the |
|
338 |
+proper expected name for the website. |
|
339 |
+ |
|
340 | 340 |
</p> |
341 | 341 |
|
342 | 342 |
</li> |
... | ... |
@@ -345,20 +345,19 @@ and display the proper name for the current website. |
345 | 345 |
|
346 | 346 |
<p> |
347 | 347 |
|
348 |
-The Tor Browser will warn you before automatically opening documents |
|
349 |
-that are handled by external applications. <b>DO NOT IGNORE THIS WARNING</b>. |
|
350 |
-You should be very careful when downloading documents via Tor (especially DOC |
|
351 |
-and PDF files) as these documents can contain Internet resources that will be |
|
352 |
-downloaded outside of Tor by the application that opens them. These documents |
|
353 |
-can be modified by malicious exit nodes, or by a website who is trying to trick |
|
354 |
-you into revealing your non-Tor IP address. If you must work with DOC and/or |
|
355 |
-PDF files, we strongly recommend using a disconnected computer, a |
|
356 |
-<a href="https://www.virtualbox.org/">VirtualBox</a> free |
|
357 |
-<a href="http://virtualboxes.org/">image</a> with networking disabled, or |
|
358 |
-<a href="http://tails.boum.org/">Tails</a>. Under no circumstances is it safe to |
|
359 |
-use <a |
|
360 |
-href="https://blog.torproject.org/blog/bittorrent-over-tor-isnt-good-idea">BitTorrent |
|
361 |
-and Tor</a> together. |
|
348 |
+The Tor Browser will warn you before automatically opening documents that are |
|
349 |
+handled by external applications. <b>DO NOT IGNORE THIS WARNING</b>. You |
|
350 |
+should be very careful when downloading documents via Tor (especially DOC and |
|
351 |
+PDF files) as these documents can contain Internet resources that will be |
|
352 |
+downloaded outside of Tor by the application that opens them. This will reveal |
|
353 |
+your non-Tor IP address. If you must work with DOC and/or PDF files, we |
|
354 |
+strongly recommend either using a disconnected computer, |
|
355 |
+downloading the free <a href="https://www.virtualbox.org/">VirtualBox</a> and |
|
356 |
+using it with a <a href="http://virtualboxes.org/">virtual machine image</a> |
|
357 |
+with networking disabled, or using <a href="http://tails.boum.org/">Tails</a>. |
|
358 |
+Under no circumstances is it safe to use |
|
359 |
+<a href="https://blog.torproject.org/blog/bittorrent-over-tor-isnt-good-idea">BitTorrent |
|
360 |
+and Tor</a> together, however. |
|
362 | 361 |
|
363 | 362 |
</p> |
364 | 363 |
|
... | ... |
@@ -367,14 +366,18 @@ and Tor</a> together. |
367 | 366 |
<li><b>Use bridges and/or find company</b> |
368 | 367 |
|
369 | 368 |
<p> |
370 |
-Tor tries to prevent attackers from learning what destinations you connect |
|
371 |
-to. It doesn't prevent somebody watching your traffic from learning that |
|
372 |
-you're using Tor. You can mitigate (but not fully resolve) the risk |
|
373 |
-by using a <a href="<page docs/bridges>">Tor bridge relay</a> rather than |
|
374 |
-connecting directly to the public Tor network, but ultimately the best |
|
375 |
-protection here is a social approach: the more Tor users there are near |
|
376 |
-you and the more <a href="<page about/torusers>">diverse</a> their interests, |
|
377 |
-the less dangerous it will be that you are one of them. |
|
369 |
+ |
|
370 |
+Tor tries to prevent attackers from learning what destination websites you |
|
371 |
+connect to. However, by default, it does not prevent somebody watching your Internet |
|
372 |
+traffic from learning that you're using Tor. If this matters to you, you can |
|
373 |
+reduce this risk by configuring Tor to use a <a href="<page docs/bridges>">Tor |
|
374 |
+bridge relay</a> rather than connecting directly to the public Tor network. |
|
375 |
+Ultimately the best protection is a social approach: the more Tor |
|
376 |
+users there are near you and the more |
|
377 |
+<a href="<page about/torusers>">diverse</a> their interests, the less |
|
378 |
+dangerous it will be that you are one of them. Convince other people to use |
|
379 |
+Tor, too! |
|
380 |
+ |
|
378 | 381 |
</p> |
379 | 382 |
|
380 | 383 |
</li> |
381 | 384 |