Try to trim and simplify the download warning text.
Mike Perry

Mike Perry commited on 2011-12-24 21:39:54
Zeige 2 geänderte Dateien mit 84 Einfügungen und 74 Löschungen.

... ...
@@ -148,56 +148,61 @@
148 148
 
149 149
 <ol>
150 150
 <li>
151
-Tor only protects Internet applications that are configured to send
152
-their traffic through Tor &mdash; it doesn't magically anonymize all
153
-your traffic just because you install it.  We recommend you use the
154
-<a href="<page projects/torbrowser>">Tor Browser Bundle</a>. It is
155
-pre-configured to protect your privacy and anonymity on the web as long
156
-as you are browsing with Tor Browser.
151
+
152
+Tor only protects Internet applications that are configured to send their
153
+traffic through Tor &mdash; it doesn't magically anonymize all of your traffic
154
+just because you install it. We strongly recommend you use the <a href="<page
155
+projects/torbrowser>">Tor Browser Bundle</a>. It is pre-configured to protect
156
+your privacy and anonymity on the web as long as you're browsing with Tor
157
+Browser itself. Almost any other web browser configuration is likely to be
158
+unsafe. Similarly, we do not recommend installing additional addons into the
159
+Tor Browser, as these may bypass Tor or otherwise impede your anonymity.
160
+
157 161
 </li>
158 162
 
159 163
 <li>
160
-Tor Browser and Torbutton block browser plugins such as Java, Flash,
164
+
165
+The Tor Browser will block browser plugins such as Java, Flash,
161 166
 ActiveX, RealPlayer, Quicktime, Adobe's PDF plugin, and others: they
162 167
 can be manipulated into revealing your IP address. For example, that
163
-means Youtube is disabled. If you really need your Youtube, you can <a
164
-href="<page torbutton/torbutton-faq>#noflash">reconfigure Torbutton</a>
168
+means Youtube is disabled. If you really need your Youtube, you can
169
+<a href="<page torbutton/torbutton-faq>#noflash">reconfigure Torbutton</a>
165 170
 to allow it; but be aware that you're opening yourself up to potential
166
-attack. Also, extensions like Google toolbar look up more information
167
-about the websites you type in: they may bypass Tor and/or broadcast
168
-sensitive information. Some people prefer using two browsers (one for Tor,
169
-one for non-Tor browsing).
170
-</li>
171
+attack.
171 172
 
172
-<li>
173
-Beware of cookies: if you ever browse without Tor and a site gives
174
-you a cookie, that cookie could identify you even when you start
175
-using Tor again. Torbutton tries to handle your cookies safely. <a
176
-href="https://addons.mozilla.org/firefox/82/">CookieCuller</a> can help
177
-protect any cookies you do not want to lose.
178 173
 </li>
179 174
 
180 175
 <li>
181
-Tor anonymizes the origin of your traffic, and it encrypts everything
182
-between you and the Tor network and everything inside the Tor network,
183
-but <a href="<wikifaq>#SoImtotallyanonymousifIuseTor">it
184
-can't encrypt your traffic between the Tor network and its final
185
-destination.</a> If you are communicating sensitive information, you
186
-should use as much care as you would on the normal scary Internet &mdash;
187
-use HTTPS or other end-to-end encryption and authentication.  <a
188
-href="https://www.eff.org/https-everywhere">HTTPS Everywhere</a> is a
189
-Firefox extension produced as a collaboration between The Tor Project
190
-and the Electronic Frontier Foundation. It encrypts your communications
191
-with a number of major websites.
176
+
177
+Similarly, the Tor Browser Bundle will warn you before automatically opening
178
+documents that are handled by external applications. <b>DO NOT IGNORE THIS
179
+WARNING</b>. You should be very careful when downloading documents via Tor
180
+(especially DOC and PDF files) as these documents can contain Internet
181
+resources that will be downloaded outside of Tor by the application that
182
+opens them. These documents can be modified by malicious exit nodes, or by
183
+someone who is trying to trick you into revealing your non-Tor IP address. If
184
+you must work with DOC and/or PDF files, we strongly recommend using a
185
+disconnected computer, a <a href="https://www.virtualbox.org/">VirtualBox</a>
186
+free <a href="http://virtualboxes.org/">image</a> with networking disabled, or 
187
+<a href="http://tails.boum.org/">Tails</a>.
188
+
192 189
 </li>
193 190
 
194 191
 <li>
195
-While Tor blocks attackers on your local network from discovering
196
-or influencing your destination, it opens new risks: malicious or
197
-misconfigured Tor exit nodes can send you the wrong page, or even send
198
-you embedded Java applets disguised as domains you trust. Be careful
199
-opening documents or applications you download through Tor, unless you've
200
-verified their integrity.
192
+
193
+Tor anonymizes the origin of your traffic, and it encrypts everything between
194
+you and the Tor network and everything inside the Tor network, but 
195
+<a href="<wikifaq>#SoImtotallyanonymousifIuseTor">it can't encrypt your traffic
196
+between the Tor network and its final destination.</a> To help ensure
197
+privacy for this last leg, the Tor Browser Bundle includes 
198
+<a href="https://www.eff.org/https-everywhere">HTTPS Everywhere</a> to encrypt
199
+your communications with a number of major websites, but you should still
200
+watch the browser URL bar to ensure that websites you provide sensitive information
201
+to display a 
202
+<a href="https://support.mozilla.com/en-US/kb/Site%20Identity%20Button">blue or
203
+green validation</a>, include <b>https://</b> in the URL bar, 
204
+and display the proper name for the current website.
205
+
201 206
 </li>
202 207
 
203 208
 <li>
... ...
@@ -286,56 +286,61 @@
286 286
 
287 287
 <ol>
288 288
 <li>
289
-Tor only protects Internet applications that are configured to send
290
-their traffic through Tor &mdash; it doesn't magically anonymize all
291
-your traffic just because you install it.  We recommend you use the
292
-<a href="<page projects/torbrowser>">Tor Browser Bundle</a>. It is
293
-pre-configured to protect your privacy and anonymity on the web as long
294
-as you're browsing with Tor Browser.
289
+
290
+Tor only protects Internet applications that are configured to send their
291
+traffic through Tor &mdash; it doesn't magically anonymize all of your traffic
292
+just because you install it. We strongly recommend you use the <a href="<page
293
+projects/torbrowser>">Tor Browser Bundle</a>. It is pre-configured to protect
294
+your privacy and anonymity on the web as long as you're browsing with Tor
295
+Browser itself. Almost any other web browser configuration is likely to be
296
+unsafe. Similarly, we do not recommend installing additional addons into the
297
+Tor Browser, as these may bypass Tor or otherwise impede your anonymity.
298
+
295 299
 </li>
296 300
 
297 301
 <li>
298
-Tor Browser and Torbutton block browser plugins such as Java, Flash,
302
+
303
+The Tor Browser will block browser plugins such as Java, Flash,
299 304
 ActiveX, RealPlayer, Quicktime, Adobe's PDF plugin, and others: they
300 305
 can be manipulated into revealing your IP address. For example, that
301
-means Youtube is disabled. If you really need your Youtube, you can <a
302
-href="<page torbutton/torbutton-faq>#noflash">reconfigure Torbutton</a>
306
+means Youtube is disabled. If you really need your Youtube, you can
307
+<a href="<page torbutton/torbutton-faq>#noflash">reconfigure Torbutton</a>
303 308
 to allow it; but be aware that you're opening yourself up to potential
304
-attack. Also, extensions like Google toolbar look up more information
305
-about the websites you type in: they may bypass Tor and/or broadcast
306
-sensitive information. Some people prefer using two browsers (one for Tor,
307
-one for non-Tor browsing).
308
-</li>
309
+attack.
309 310
 
310
-<li>
311
-Beware of cookies: if you ever browse without Tor and a site gives
312
-you a cookie, that cookie could identify you even when you start
313
-using Tor again. Torbutton tries to handle your cookies safely. <a
314
-href="https://addons.mozilla.org/firefox/82/">CookieCuller</a> can help
315
-protect any cookies you do not want to lose.
316 311
 </li>
317 312
 
318 313
 <li>
319
-Tor anonymizes the origin of your traffic, and it encrypts everything
320
-between you and the Tor network and everything inside the Tor network,
321
-but <a href="<wikifaq>#SoImtotallyanonymousifIuseTor">it
322
-can't encrypt your traffic between the Tor network and its final
323
-destination.</a> If you are communicating sensitive information, you
324
-should use as much care as you would on the normal scary Internet &mdash;
325
-use HTTPS or other end-to-end encryption and authentication.  <a
326
-href="https://www.eff.org/https-everywhere">HTTPS Everywhere</a> is a
327
-Firefox extension produced as a collaboration between The Tor Project
328
-and the Electronic Frontier Foundation. It encrypts your communications
329
-with a number of major websites.
314
+
315
+Similarly, the Tor Browser Bundle will warn you before automatically opening
316
+documents that are handled by external applications. <b>DO NOT IGNORE THIS
317
+WARNING</b>. You should be very careful when downloading documents via Tor
318
+(especially DOC and PDF files) as these documents can contain Internet
319
+resources that will be downloaded outside of Tor by the application that
320
+opens them. These documents can be modified by malicious exit nodes, or by
321
+someone who is trying to trick you into revealing your non-Tor IP address. If
322
+you must work with DOC and/or PDF files, we strongly recommend using a
323
+disconnected computer, a <a href="https://www.virtualbox.org/">VirtualBox</a>
324
+free <a href="http://virtualboxes.org/">image</a> with networking disabled, or 
325
+<a href="http://tails.boum.org/">Tails</a>.
326
+
330 327
 </li>
331 328
 
332 329
 <li>
333
-While Tor blocks attackers on your local network from discovering
334
-or influencing your destination, it opens new risks: malicious or
335
-misconfigured Tor exit nodes can send you the wrong page, or even send
336
-you embedded Java applets disguised as domains you trust. Be careful
337
-opening documents or applications you download through Tor, unless you've
338
-verified their integrity.
330
+
331
+Tor anonymizes the origin of your traffic, and it encrypts everything between
332
+you and the Tor network and everything inside the Tor network, but 
333
+<a href="<wikifaq>#SoImtotallyanonymousifIuseTor">it can't encrypt your traffic
334
+between the Tor network and its final destination.</a> To help ensure
335
+privacy for this last leg, the Tor Browser Bundle includes 
336
+<a href="https://www.eff.org/https-everywhere">HTTPS Everywhere</a> to encrypt
337
+your communications with a number of major websites, but you should still
338
+watch the browser URL bar to ensure that websites you provide sensitive information
339
+to display a 
340
+<a href="https://support.mozilla.com/en-US/kb/Site%20Identity%20Button">blue or
341
+green validation</a>, include <b>https://</b> in the URL bar, 
342
+and display the proper name for the current website.
343
+
339 344
 </li>
340 345
 
341 346
 <li>
342 347