From: AndersonIsaac Date: Mon, 14 Dec 2020 22:13:48 +0000 (+0200) Subject: Revert "ua: Initial commit. Copied ua/ from en/. A few changes to the esd-ua.po.... X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=a0d24af7ccc8012b9292bdd6605f70d93cc293be;p=enc.git Revert "ua: Initial commit. Copied ua/ from en/. A few changes to the esd-ua.po. Getting the hang of the workflow." This reverts commit 5ec82b3fe2a7bd9aad702bf2e540c6da432a5be0. --- diff --git a/esd-ua.po b/esd-ua.po deleted file mode 100644 index 5328b5a1..00000000 --- a/esd-ua.po +++ /dev/null @@ -1,3704 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Free Software Foundation, Inc. -# This file is distributed under the same license as the PACKAGE package. -# FIRST AUTHOR , YEAR. -# -msgid "" -msgstr "" -"Project-Id-Version: emailselfdefense 4.0\n" -"POT-Creation-Date: 2020-06-25 17:51+0200\n" -"PO-Revision-Date: 2020-12-14 23:22+0200\n" -"Last-Translator: Andrew V. Isakov \n" -"Language-Team: \n" -"Language: ua\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" - -#. type: Attribute 'lang' of: -msgid "en" -msgstr "en" - -#. type: Attribute 'content' of: -msgid "text/html; charset=utf-8" -msgstr "text/html; charset=utf-8" - -#. type: Content of: -msgid "Email Self-Defense - a guide to fighting surveillance with GnuPG encryption" -msgstr "E-mail самозахист - довідник боротьби проти налгяду з допомогою GnuPG шифрування" - -#. type: Attribute 'content' of: <html><head><meta> -msgid "GnuPG, GPG, openpgp, surveillance, privacy, email, Enigmail" -msgstr "" - -# може краще "свободу самовираження"? -#. type: Attribute 'content' of: <html><head><meta> -msgid "" -"Email surveillance violates our fundamental rights and makes free speech " -"risky. This guide will teach you email self-defense in 40 minutes with " -"GnuPG." -msgstr "E-mail нагляд порушує наші найфундаментальніші права та робить свободу слова ризикованою. Цей довідник навчить вас e-mail самозахисту всього за 40 хвилин з GnuPG." - -#. type: Attribute 'content' of: <html><head><meta> -msgid "width=device-width, initial-scale=1" -msgstr "width=device-width, initial-scale=1" - -#. type: Content of: <html><body><header><div><p> -msgid "" -"<strong>Please check your email for a confirmation link now. Thanks for " -"joining our list!</strong>" -msgstr "<strong>Будь ласка перевірте чи прийшло на вашу електронну пошту посилання з підтвердженням. Щиро дякуємо, що долучаєтесь до розсилки!</strong>" - -#. type: Content of: <html><body><header><div><p> -msgid "" -"If you don't receive the confirmation link, send us an email at info@fsf.org " -"to be added manually." -msgstr "Якщо ви не отримаєте посилання з підтвердженням, надішліть нам листа на info@fsf.org аби ми вас додали вручну." - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> -msgid "Try it out." -msgstr "Спробуйте." - -#. type: Content of: <html><body><header><div><p> -msgid "Join us on microblogging services for day-to-day updates:" -msgstr "Приєднуйтесь до нас на сервісах мікроблоггінгу для щоденних оновлень:" - -#. type: Content of: <html><body><section><div><div><div><p><a> -msgid "<a href=\"https://status.fsf.org/fsf\">" -msgstr "<a href=\"https://status.fsf.org/fsf\">" - -#. type: Attribute 'alt' of: <html><body><header><div><ul><li><a><img> -msgid "[GNU Social]" -msgstr "[GNU Social]" - -#. type: Content of: <html><body><section><div><div><div><p><a> -msgid " GNU Social</a>  |  <a href=\"https://hostux.social/@fsf\">" -msgstr " GNU Social</a>  |  <a href=\"https://hostux.social/@fsf\">" - -#. type: Attribute 'alt' of: <html><body><header><div><ul><li><a><img> -msgid "[Mastodon]" -msgstr "[Mastodon]" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -" Mastodon</a>  |  <a " -"href=\"https://www.twitter.com/fsf\">Twitter</a>" -msgstr " Mastodon</a>  |  <a href=\"https://www.twitter.com/fsf\">Twitter</a>" - -#. type: Content of: <html><body><header><div><p> -msgid "" -"<small><a href=\"https://www.fsf.org/twitter\">Read why GNU Social and " -"Mastodon are better than Twitter.</a></small>" -msgstr "<small><a href=\"https://www.fsf.org/twitter\">Читайте чому GNU Social and Mastodon кращі за Twitter.</a></small>" - -#. type: Content of: <html><body><header><div><p> -msgid "← Return to <a href=\"index.html\">Email Self-Defense</a>" -msgstr "← Повернутися на <a href=\"index.html\">E-mail самозахист</a>" - -#. type: Content of: <html><body><footer><div><div><h4><a> -msgid "<a href=\"https://u.fsf.org/ys\">" -msgstr "<a href=\"https://u.fsf.org/ys\">" - -#. type: Attribute 'alt' of: <html><body><footer><div><div><h4><a><img> -msgid "Free Software Foundation" -msgstr "Free Software Foundation" - -#. type: Content of: <html><body><footer><div><p> -msgid "</a>" -msgstr "</a>" - -#. type: Content of: <html><body><footer><div><div><p> -msgid "" -"Copyright © 2014-2016 <a href=\"https://u.fsf.org/ys\">Free Software " -"Foundation</a>, Inc. <a " -"href=\"https://my.fsf.org/donate/privacypolicy.html\">Privacy " -"Policy</a>. Please support our work by <a " -"href=\"https://u.fsf.org/yr\">joining us as an associate member.</a>" -msgstr "Copyright © 2014-2016 <a href=\"https://u.fsf.org/ys\">Free Software Foundation</a>, Inc. <a href=\"https://my.fsf.org/donate/privacypolicy.html\">Політика конфіденційності</a>. Будь ласка підтримайте нашу роботу, <a href=\"https://u.fsf.org/yr\">долучаючись до нас як асоційований партнер.</a>" - -#. type: Content of: <html><body><footer><div><div><p> -msgid "" -"The images on this page are under a <a " -"href=\"https://creativecommons.org/licenses/by/4.0/\">Creative Commons " -"Attribution 4.0 license (or later version)</a>, and the rest of it is under " -"a <a href=\"https://creativecommons.org/licenses/by-sa/4.0\">Creative " -"Commons Attribution-ShareAlike 4.0 license (or later version)</a>. Download " -"the <a " -"href=\"http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz\"> " -"source code of Edward reply bot</a> by Andrew Engelbrecht " -"<andrew@engelbrecht.io> and Josh Drake <zamnedix@gnu.org>, " -"available under the GNU Affero General Public License. <a " -"href=\"http://www.gnu.org/licenses/license-list.html#OtherLicenses\">Why " -"these licenses?</a>" -msgstr "Зображення на цій сторінці ліцензуються <a href=\"https://creativecommons.org/licenses/by/4.0/\">Creative Commons Attribution 4.0 ліцензією (чи пізнішою версією)</a>, всі інші елементи ліцензуються <a href=\"https://creativecommons.org/licenses/by-sa/4.0\">Creative Commons Attribution-ShareAlike 4.0 ліцензією (чи пізнішою версією)</a>. Завантажити <a href=\"http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz\"> вихідний код Едварда, бота-відповідача,</a> створеного Андрієм Енгельбрехтом (Andrew Engelbrecht) <andrew@engelbrecht.io> та Джошем Дрейком (Josh Drake) <zamnedix@gnu.org>, доступним за ліцензією GNU Affero General Public License. <a href=\"http://www.gnu.org/licenses/license-list.html#OtherLicenses\">Чому ці ліцензії?</a>" - -#. type: Content of: <html><body><footer><div><div><p> -msgid "" -"Fonts used in the guide & infographic: <a " -"href=\"https://www.google.com/fonts/specimen/Dosis\">Dosis</a> by Pablo " -"Impallari, <a " -"href=\"http://www.google.com/fonts/specimen/Signika\">Signika</a> by Anna " -"Giedryś, <a " -"href=\"http://www.google.com/fonts/specimen/Archivo+Narrow\">Archivo " -"Narrow</a> by Omnibus-Type, <a " -"href=\"https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls\">PXL-2000</a> " -"by Florian Cramer." -msgstr "Шрифти використані в цьому довіднику & інфографіка: <a href=\"https://www.google.com/fonts/specimen/Dosis\">Dosis</a> by Pablo Impallari, <a href=\"http://www.google.com/fonts/specimen/Signika\">Signika</a> by Anna Giedryś, <a href=\"http://www.google.com/fonts/specimen/Archivo+Narrow\">Archivo Narrow</a> by Omnibus-Type, <a href=\"https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls\">PXL-2000</a> by Florian Cramer." - -#. type: Content of: <html><body><footer><div><div><p> -msgid "" -"Download the <a href=\"emailselfdefense_source.zip\">source package</a> for " -"this guide, including fonts, image source files and the text of Edward's " -"messages." -msgstr "Завантажити <a href=\"emailselfdefense_source.zip\">архів з вихідним кодом</a> для цього довідника, включно з шрифтами, вихідними зображеннями та текстом повідомлень Едварда." - -#. type: Content of: <html><body><footer><div><div><p> -msgid "" -"This site uses the Weblabels standard for labeling <a " -"href=\"https://www.fsf.org/campaigns/freejs\">free JavaScript</a>. View the " -"JavaScript <a href=\"//weblabels.fsf.org/emailselfdefense.fsf.org/\" " -"rel=\"jslicense\">source code and license information</a>." -msgstr "Цей сайт використовує Weblabels стандарт для маркування <a href=\"https://www.fsf.org/campaigns/freejs\">вільного JavaScript</a>. Переглянути вихідний код та інформацію про ліцензування <a href=\"//weblabels.fsf.org/emailselfdefense.fsf.org/\" rel=\"jslicense\">JavaScript</a>." - -#. type: Content of: <html><body><footer><div><p><a> -msgid "" -"Infographic and guide design by <a rel=\"external\" " -"href=\"http://jplusplus.org\"><strong>Journalism++</strong>" -msgstr "" - -#. type: Attribute 'alt' of: <html><body><footer><div><p><a><img> -msgid "Journalism++" -msgstr "" - -#. type: Content of: <html><body><header><div><h1> -msgid "Email Self-Defense" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a class=\"current\" href=\"/en\">English - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/ar\">العربية <span class=\"tip\">tip</span></a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/cs\">čeÅ¡tina - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/de\">Deutsch - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/el\">ελληνικά - v3.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/es\">español - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/fa\">فارسی - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/fr\">français - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/it\">italiano - v3.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/ja\">日本語 - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/ko\">한국어 <span class=\"tip\">tip</span></a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/ml\">മലയാളം <span class=\"tip\">tip</span></a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/pt-br\">português do Brasil - v3.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/ro\">română - v3.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/ru\">русский - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/sq\">Shqip - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/sv\">svenska - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/tr\">Türkçe - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/zh-hans\">简体中文 - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "" -"<a href=\"https://libreplanet.org/wiki/GPG_guide/Translation_Guide\"> " -"<strong><span style=\"color: #2F5FAA;\">Translate!</span></strong></a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"index.html\" class=\"current\">GNU/Linux</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"mac.html\">Mac OS</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"windows.html\">Windows</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"workshops.html\">Teach your friends</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li><a> -msgid "" -"<a href=\"https://fsf.org/share?u=https://u.fsf.org/zb&t=Email " -"encryption for everyone via %40fsf\"> Share " -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li><a> -msgid " " -msgstr "" - -#. type: Attribute 'alt' of: <html><body><header><div><ul><li><a><img> -msgid "[Reddit]" -msgstr "" - -#. type: Attribute 'alt' of: <html><body><header><div><ul><li><a><img> -msgid "[Hacker News]" -msgstr "" - -#. type: Content of: <html><body><header><div><div><h3><a> -msgid "<a href=\"http://u.fsf.org/ys\">" -msgstr "" - -#. type: Content of: <html><body><header><div><div><div><p> -msgid "" -"We fight for computer users' rights, and promote the development of free (as " -"in freedom) software. Resisting bulk surveillance is very important to us." -msgstr "" - -#. type: Content of: <html><body><header><div><div><div><p> -msgid "" -"<strong>Please donate to support Email Self-Defense. We need to keep " -"improving it, and making more materials, for the benefit of people around " -"the world taking the first step towards protecting their privacy.</strong>" -msgstr "" - -#. type: Content of: <html><body><header><div><div><p><a> -msgid "" -"<a " -"href=\"https://crm.fsf.org/civicrm/contribute/transact?reset=1&id=14&pk_campaign=email_self_defense&pk_kwd=guide_donate\">" -msgstr "" - -#. type: Attribute 'alt' of: <html><body><header><div><div><p><a><img> -msgid "Donate" -msgstr "" - -#. type: Content of: <html><body><header><div><div><p><a> -msgid "<a id=\"infographic\" href=\"infographic.html\">" -msgstr "" - -#. type: Attribute 'alt' of: <html><body><header><div><div><p><a><img> -msgid "View & share our infographic →" -msgstr "" - -#. type: Content of: <html><body><header><div><div><p> -msgid "" -"</a> Bulk surveillance violates our fundamental rights and makes free speech " -"risky. This guide will teach you a basic surveillance self-defense skill: " -"email encryption. Once you've finished, you'll be able to send and receive " -"emails that are scrambled to make sure a surveillance agent or thief " -"intercepting your email can't read them. All you need is a computer with an " -"Internet connection, an email account, and about forty minutes." -msgstr "" - -#. type: Content of: <html><body><header><div><div><p> -msgid "" -"Even if you have nothing to hide, using encryption helps protect the privacy " -"of people you communicate with, and makes life difficult for bulk " -"surveillance systems. If you do have something important to hide, you're in " -"good company; these are the same tools that whistleblowers use to protect " -"their identities while shining light on human rights abuses, corruption and " -"other crimes." -msgstr "" - -#. type: Content of: <html><body><header><div><div><p> -msgid "" -"In addition to using encryption, standing up to surveillance requires " -"fighting politically for a <a " -"href=\"http://gnu.org/philosophy/surveillance-vs-democracy.html\">reduction " -"in the amount of data collected on us</a>, but the essential first step is " -"to protect yourself and make surveillance of your communication as difficult " -"as possible. This guide helps you do that. It is designed for beginners, but " -"if you already know the basics of GnuPG or are an experienced free software " -"user, you'll enjoy the advanced tips and the <a " -"href=\"workshops.html\">guide to teaching your friends</a>." -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#1</em> Get the pieces" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"This guide relies on software which is <a " -"href=\"https://www.gnu.org/philosophy/free-sw.html\">freely licensed</a>; " -"it's completely transparent and anyone can copy it or make their own " -"version. This makes it safer from surveillance than proprietary software " -"(like Windows). Learn more about free software at <a " -"href=\"https://u.fsf.org/ys\">fsf.org</a>." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Most GNU/Linux operating systems come with GnuPG installed on them, so you " -"don't have to download it. Before configuring GnuPG though, you'll need the " -"IceDove desktop email program installed on your computer. Most GNU/Linux " -"distributions have IceDove installed already, though it may be under the " -"alternate name \"Thunderbird.\" Email programs are another way to access the " -"same email accounts you can access in a browser (like Gmail), but provide " -"extra features." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"If you already have an email program, you can skip to <a " -"href=\"#step-1b\">Step 1.b</a>." -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> -msgid "Step 1.A: Install Wizard" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 1.a</em> Set up your email program with your email account" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Open your email program and follow the wizard (step-by-step walkthrough) " -"that sets it up with your email account." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Look for the letters SSL, TLS, or STARTTLS to the right of the servers when " -"you're setting up your account. If you don't see them, you will still be " -"able to use encryption, but this means that the people running your email " -"system are running behind the industry standard in protecting your security " -"and privacy. We recommend that you send them a friendly email asking them to " -"enable SSL, TLS, or STARTTLS for your email server. They will know what " -"you're talking about, so it's worth making the request even if you aren't an " -"expert on these security systems." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><h4> -msgid "Troubleshooting" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "The wizard doesn't launch" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"You can launch the wizard yourself, but the menu option for doing so is " -"named differently in each email program. The button to launch it will be in " -"the program's main menu, under \"New\" or something similar, titled " -"something like \"Add account\" or \"New/Existing email account.\"" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "The wizard can't find my account or isn't downloading my mail" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"Before searching the Web, we recommend you start by asking other people who " -"use your email system, to figure out the correct settings." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "Don't see a solution to your problem?" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"Please let us know on the <a " -"href=\"https://libreplanet.org/wiki/GPG_guide/Public_Review\">feedback " -"page</a>." -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><ul><li><img> -msgid "Step 1.B: Tools -> Add-ons" -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><ul><li><img> -msgid "Step 1.B: Search Add-ons" -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><ul><li><img> -msgid "Step 1.B: Install Add-ons" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 1.b</em> Install the Enigmail plugin for your email program" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"In your email program's menu, select Add-ons (it may be in the Tools " -"section). Make sure Extensions is selected on the left. Do you see Enigmail? " -"Make sure it's the latest version. If so, skip this step." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"If not, search \"Enigmail\" with the search bar in the upper right. You can " -"take it from here. Restart your email program when you're done." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"There are major security flaws in versions of GnuPG prior to 2.2.8, and " -"Enigmail prior to 2.0.7. Make sure you have GnuPG 2.2.8 and Enigmail 2.0.7, " -"or later versions." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "I can't find the menu." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"In many new email programs, the main menu is represented by an image of " -"three stacked horizontal bars." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "My email looks weird" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"Enigmail doesn't tend to play nice with HTML, which is used to format " -"emails, so it may disable your HTML formatting automatically. To send an " -"HTML-formatted email without encryption or a signature, hold down the Shift " -"key when you select compose. You can then write an email as if Enigmail " -"wasn't there." -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#2</em> Make your keys" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"To use the GnuPG system, you'll need a public key and a private key (known " -"together as a keypair). Each is a long string of randomly generated numbers " -"and letters that are unique to you. Your public and private keys are linked " -"together by a special mathematical function." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Your public key isn't like a physical key, because it's stored in the open " -"in an online directory called a keyserver. People download it and use it, " -"along with GnuPG, to encrypt emails they send to you. You can think of the " -"keyserver as a phonebook; people who want to send you encrypted email can " -"look up your public key." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Your private key is more like a physical key, because you keep it to " -"yourself (on your computer). You use GnuPG and your private key together to " -"descramble encrypted emails other people send to you. <span " -"style=\"font-weight: bold;\">You should never share your private key with " -"anyone, under any circumstances.</span>" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"In addition to encryption and decryption, you can also use these keys to " -"sign messages and check the authenticity of other people's signatures. We'll " -"discuss this more in the next section." -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> -msgid "Step 2.A: Make a Keypair" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 2.a</em> Make a keypair" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"The Enigmail Setup wizard may start automatically. If it doesn't, select " -"Enigmail → Setup Wizard from your email program's menu. You don't need " -"to read the text in the window that pops up unless you'd like to, but it's " -"good to read the text on the later screens of the wizard. Click Next with " -"the default options selected, except in these instances, which are listed in " -"the order they appear:" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><ul><li> -msgid "" -"On the screen titled \"Encryption,\" select \"Encrypt all of my messages by " -"default, because privacy is critical to me.\"" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><ul><li> -msgid "" -"On the screen titled \"Signing,\" select \"Don't sign my messages by " -"default.\"" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><ul><li> -msgid "" -"On the screen titled \"Key Selection,\" select \"I want to create a new key " -"pair for signing and encrypting my email.\"" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><ul><li> -msgid "" -"On the screen titled \"Create Key,\" pick a strong password! You can do it " -"manually, or you can use the Diceware method. Doing it manually is faster " -"but not as secure. Using Diceware takes longer and requires dice, but " -"creates a password that is much harder for attackers to figure out. To use " -"it, read the section \"Make a secure passphrase with Diceware\" in <a " -"href=\"https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/\"> " -"this article</a> by Micah Lee." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"If you'd like to pick a password manually, come up with something you can " -"remember which is at least twelve characters long, and includes at least one " -"lower case and upper case letter and at least one number or punctuation " -"symbol. Never pick a password you've used elsewhere. Don't use any " -"recognizable patterns, such as birthdays, telephone numbers, pets' names, " -"song lyrics, quotes from books, and so on." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"The program will take a little while to finish the next step, the \"Key " -"Creation\" screen. While you wait, do something else with your computer, " -"like watching a movie or browsing the Web. The more you use the computer at " -"this point, the faster the key creation will go." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"<span style=\"font-weight: bold;\">When the \"Key Generation Completed\" " -"screen pops up, select Generate Certificate and choose to save it in a safe " -"place on your computer (we recommend making a folder called \"Revocation " -"Certificate\" in your home folder and keeping it there). This step is " -"essential for your email self-defense, as you'll learn more about in <a " -"href=\"#section5\">Section 5</a>.</span>" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "I can't find the Enigmail menu." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"In many new email programs, the main menu is represented by an image of " -"three stacked horizontal bars. Enigmail may be inside a section called " -"Tools." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "The wizard says that it cannot find GnuPG." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"Open whatever program you usually use for installing software, and search " -"for GnuPG, then install it. Then restart the Enigmail setup wizard by going " -"to Enigmail → Setup Wizard." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "More resources" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"If you're having trouble with our instructions or just want to learn more, " -"check out <a " -"href=\"https://www.enigmail.net/documentation/Key_Management#Generating_your_own_key_pair\"> " -"Enigmail's wiki instructions for key generation</a>." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><h4> -msgid "Advanced" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "Command line key generation" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"If you prefer using the command line for a higher degree of control, you can " -"follow the documentation from <a " -"href=\"https://www.gnupg.org/gph/en/manual/c14.html#AEN25\">The GNU Privacy " -"Handbook</a>. Make sure you stick with \"RSA and RSA\" (the default), " -"because it's newer and more secure than the algorithms the documentation " -"recommends. Also make sure your key is at least 2048 bits, or 4096 if you " -"want to be extra secure." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "Advanced key pairs" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"When GnuPG creates a new keypair, it compartmentalizes the encryption " -"function from the signing function through <a " -"href=\"https://wiki.debian.org/Subkeys\">subkeys</a>. If you use subkeys " -"carefully, you can keep your GnuPG identity much more secure and recover " -"from a compromised key much more quickly. <a " -"href=\"https://alexcabal.com/creating-the-perfect-gpg-keypair/\">Alex " -"Cabal</a> and <a href=\"http://keyring.debian.org/creating-key.html\">the " -"Debian wiki</a> provide good guides for setting up a secure subkey " -"configuration." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 2.b</em> Upload your public key to a keyserver" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "In your email program's menu, select Enigmail → Key Management." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Right click on your key and select Upload Public Keys to Keyserver. You " -"don't have to use the default keyserver. If, after research, you would like " -"to change to a different default keyserver, you can change that setting " -"manually in the Enigmail preferences." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Now someone who wants to send you an encrypted message can download your " -"public key from the Internet. There are multiple keyservers that you can " -"select from the menu when you upload, but they are all copies of each other, " -"so it doesn't matter which one you use. However, it sometimes takes a few " -"hours for them to match each other when a new key is uploaded." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "The progress bar never finishes" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"Close the upload popup, make sure you are connected to the Internet, and try " -"again. If that doesn't work, try again, selecting a different keyserver." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "My key doesn't appear in the list" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "Try checking \"Display All Keys by Default.\"" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "More documentation" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"If you're having trouble with our instructions or just want to learn more, " -"check out <a " -"href=\"https://www.enigmail.net/documentation/Key_Management#Distributing_your_public_key\"> " -"Enigmail's documentation</a>." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "Uploading a key from the command line" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"You can also upload your keys to a keyserver through the <a " -"href=\"https://www.gnupg.org/gph/en/manual/x457.html\">command line</a>. <a " -"href=\"https://sks-keyservers.net/overview-of-pools.php\">The sks Web " -"site</a> maintains a list of highly interconnected keyservers. You can also " -"<a href=\"https://www.gnupg.org/gph/en/manual/x56.html#AEN64\">directly " -"export your key</a> as a file on your computer." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "GnuPG, OpenPGP, what?" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"In general, the terms GnuPG, GPG, GNU Privacy Guard, OpenPGP and PGP are " -"used interchangeably. Technically, OpenPGP (Pretty Good Privacy) is the " -"encryption standard, and GNU Privacy Guard (often shortened to GPG or GnuPG) " -"is the program that implements the standard. Enigmail is a plug-in program " -"for your email program that provides an interface for GnuPG." -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#3</em> Try it out!" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Now you'll try a test correspondence with a computer program named Edward, " -"who knows how to use encryption. Except where noted, these are the same " -"steps you'd follow when corresponding with a real, live person." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 3.a</em> Send Edward your public key" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"This is a special step that you won't have to do when corresponding with " -"real people. In your email program's menu, go to Enigmail → Key " -"Management. You should see your key in the list that pops up. Right click on " -"your key and select Send Public Keys by Email. This will create a new draft " -"message, as if you had just hit the Write button." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Address the message to <a " -"href=\"mailto:edward-en@fsf.org\">edward-en@fsf.org</a>. Put at least one " -"word (whatever you want) in the subject and body of the email. Don't send " -"yet." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"The lock icon in the top left should be yellow, meaning encryption is turned " -"on. We want this first special message to be unencrypted, so click the icon " -"once to turn it off. The lock should become grey, with a blue dot on it (to " -"alert you that the setting has been changed from the default). Once " -"encryption is off, hit Send." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"It may take two or three minutes for Edward to respond. In the meantime, you " -"might want to skip ahead and check out the <a href=\"#section5\">Use it " -"Well</a> section of this guide. Once he's responded, head to the next " -"step. From here on, you'll be doing just the same thing as when " -"corresponding with a real person." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"When you open Edward's reply, GnuPG may prompt you for your password before " -"using your private key to decrypt it." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 3.b</em> Send a test encrypted email" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Write a new email in your email program, addressed to <a " -"href=\"mailto:edward-en@fsf.org\">edward-en@fsf.org</a>. Make the subject " -"\"Encryption test\" or something similar and write something in the body." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"The lock icon in the top left of the window should be yellow, meaning " -"encryption is on. This will be your default from now on." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Next to the lock, you'll notice an icon of a pencil. We'll get to this in a " -"moment." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Click Send. Enigmail will pop up a window that says \"Recipients not valid, " -"not trusted or not found.\"" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"To encrypt an email to Edward, you need his public key, so now you'll have " -"Enigmail download it from a keyserver. Click Download Missing Keys and use " -"the default in the pop-up that asks you to choose a keyserver. Once it finds " -"keys, check the first one (Key ID starting with C), then select ok. Select " -"ok in the next pop-up." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Now you are back at the \"Recipients not valid, not trusted or not found\" " -"screen. Check the box in front of Edward's key and click Send." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Since you encrypted this email with Edward's public key, Edward's private " -"key is required to decrypt it. Edward is the only one with his private key, " -"so no one except him can decrypt it." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "Enigmail can't find Edward's key" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"Close the pop-ups that have appeared since you clicked Send. Make sure you " -"are connected to the Internet and try again. If that doesn't work, repeat " -"the process, choosing a different keyserver when it asks you to pick one." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "Unscrambled messages in the Sent folder" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"Even though you can't decrypt messages encrypted to someone else's key, your " -"email program will automatically save a copy encrypted to your public key, " -"which you'll be able to view from the Sent folder like a normal email. This " -"is normal, and it doesn't mean that your email was not sent encrypted." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"If you're still having trouble with our instructions or just want to learn " -"more, check out <a " -"href=\"https://www.enigmail.net/documentation/Signature_and_Encryption#Encrypting_a_message\"> " -"Enigmail's wiki</a>." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "Encrypt messages from the command line" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"You can also encrypt and decrypt messages and files from the <a " -"href=\"https://www.gnupg.org/gph/en/manual/x110.html\">command line</a>, if " -"that's your preference. The option --armor makes the encrypted output appear " -"in the regular character set." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Important:</em> Security tips" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Even if you encrypt your email, the subject line is not encrypted, so don't " -"put private information there. The sending and receiving addresses aren't " -"encrypted either, so a surveillance system can still figure out who you're " -"communicating with. Also, surveillance agents will know that you're using " -"GnuPG, even if they can't figure out what you're saying. When you send " -"attachments, Enigmail will give you the choice to encrypt them or not, " -"independent of the actual email." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"For greater security against potential attacks, you can turn off " -"HTML. Instead, you can render the message body as plain text. In order to do " -"this in Thunderbird, go to View > Message Body As > Plain Text." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 3.c</em> Receive a response" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"When Edward receives your email, he will use his private key to decrypt it, " -"then reply to you." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"It may take two or three minutes for Edward to respond. In the meantime, you " -"might want to skip ahead and check out the <a href=\"#section5\">Use it " -"Well</a> section of this guide." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 3.d</em> Send a test signed email" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"GnuPG includes a way for you to sign messages and files, verifying that they " -"came from you and that they weren't tampered with along the way. These " -"signatures are stronger than their pen-and-paper cousins -- they're " -"impossible to forge, because they're impossible to create without your " -"private key (another reason to keep your private key safe)." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"You can sign messages to anyone, so it's a great way to make people aware " -"that you use GnuPG and that they can communicate with you securely. If they " -"don't have GnuPG, they will be able to read your message and see your " -"signature. If they do have GnuPG, they'll also be able to verify that your " -"signature is authentic." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"To sign an email to Edward, compose any message to him and click the pencil " -"icon next to the lock icon so that it turns gold. If you sign a message, " -"GnuPG may ask you for your password before it sends the message, because it " -"needs to unlock your private key for signing." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"With the lock and pencil icons, you can choose whether each message will be " -"encrypted, signed, both, or neither." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 3.e</em> Receive a response" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"When Edward receives your email, he will use your public key (which you sent " -"him in <a href=\"#step-3a\">Step 3.A</a>) to verify the message you sent has " -"not been tampered with and to encrypt his reply to you." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Edward's reply will arrive encrypted, because he prefers to use encryption " -"whenever possible. If everything goes according to plan, it should say " -"\"Your signature was verified.\" If your test signed email was also " -"encrypted, he will mention that first." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"When you receive Edward's email and open it, Enigmail will automatically " -"detect that it is encrypted with your public key, and then it will use your " -"private key to decrypt it." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Notice the bar that Enigmail shows you above the message, with information " -"about the status of Edward's key." -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#4</em> Learn the Web of Trust" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Email encryption is a powerful technology, but it has a weakness; it " -"requires a way to verify that a person's public key is actually " -"theirs. Otherwise, there would be no way to stop an attacker from making an " -"email address with your friend's name, creating keys to go with it and " -"impersonating your friend. That's why the free software programmers that " -"developed email encryption created keysigning and the Web of Trust." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"When you sign someone's key, you are publicly saying that you've verified " -"that it belongs to them and not someone else." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Signing keys and signing messages use the same type of mathematical " -"operation, but they carry very different implications. It's a good practice " -"to generally sign your email, but if you casually sign people's keys, you " -"may accidently end up vouching for the identity of an imposter." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"People who use your public key can see who has signed it. Once you've used " -"GnuPG for a long time, your key may have hundreds of signatures. You can " -"consider a key to be more trustworthy if it has many signatures from people " -"that you trust. The Web of Trust is a constellation of GnuPG users, " -"connected to each other by chains of trust expressed through signatures." -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> -msgid "Section 4: Web of Trust" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 4.a</em> Sign a key" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "In your email program's menu, go to Enigmail → Key Management." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Right click on Edward's public key and select Sign Key from the context " -"menu." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "In the window that pops up, select \"I will not answer\" and click ok." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Now you should be back at the Key Management menu. Select Keyserver → " -"Upload Public Keys and hit ok." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"You've just effectively said \"I trust that Edward's public key actually " -"belongs to Edward.\" This doesn't mean much because Edward isn't a real " -"person, but it's good practice." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Identifying keys: Fingerprints and IDs" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"People's public keys are usually identified by their key fingerprint, which " -"is a string of digits like F357AA1A5B1FA42CFD9FE52A9FF2194CC09A61E8 (for " -"Edward's key). You can see the fingerprint for your public key, and other " -"public keys saved on your computer, by going to Enigmail → Key " -"Management in your email program's menu, then right clicking on the key and " -"choosing Key Properties. It's good practice to share your fingerprint " -"wherever you share your email address, so that people can double-check that " -"they have the correct public key when they download yours from a keyserver." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"You may also see public keys referred to by a shorter key ID. This key ID is " -"visible directly from the Key Management window. These eight character key " -"IDs were previously used for identification, which used to be safe, but is " -"no longer reliable. You need to check the full fingerprint as part of " -"verifying you have the correct key for the person you are trying to " -"contact. Spoofing, in which someone intentionally generates a key with a " -"fingerprint whose final eight characters are the same as another, is " -"unfortunately common." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Important:</em> What to consider when signing keys" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Before signing a person's key, you need to be confident that it actually " -"belongs to them, and that they are who they say they are. Ideally, this " -"confidence comes from having interactions and conversations with them over " -"time, and witnessing interactions between them and others. Whenever signing " -"a key, ask to see the full public key fingerprint, and not just the shorter " -"key ID. If you feel it's important to sign the key of someone you've just " -"met, also ask them to show you their government identification, and make " -"sure the name on the ID matches the name on the public key. In Enigmail, " -"answer honestly in the window that pops up and asks \"How carefully have you " -"verified that the key you are about to sign actually belongs to the " -"person(s) named above?\"" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "Master the Web of Trust" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"Unfortunately, trust does not spread between users the way <a " -"href=\"http://fennetic.net/irc/finney.org/~hal/web_of_trust.html\">many " -"people think</a>. One of best ways to strengthen the GnuPG community is to " -"deeply <a " -"href=\"https://www.gnupg.org/gph/en/manual/x334.html\">understand</a> the " -"Web of Trust and to carefully sign as many people's keys as circumstances " -"permit." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "Set ownertrust" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"If you trust someone enough to validate other people's keys, you can assign " -"them an ownertrust level through Enigmails's key management window. Right " -"click on the other person's key, go to the \"Select Owner Trust\" menu " -"option, select the trustlevel and click OK. Only do this once you feel you " -"have a deep understanding of the Web of Trust." -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#5</em> Use it well" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Everyone uses GnuPG a little differently, but it's important to follow some " -"basic practices to keep your email secure. Not following them, you risk the " -"privacy of the people you communicate with, as well as your own, and damage " -"the Web of Trust." -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> -msgid "Section 5: Use it Well (1)" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "When should I encrypt? When should I sign?" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"The more you can encrypt your messages, the better. If you only encrypt " -"emails occasionally, each encrypted message could raise a red flag for " -"surveillance systems. If all or most of your email is encrypted, people " -"doing surveillance won't know where to start. That's not to say that only " -"encrypting some of your email isn't helpful -- it's a great start and it " -"makes bulk surveillance more difficult." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Unless you don't want to reveal your own identity (which requires other " -"protective measures), there's no reason not to sign every message, whether " -"or not you are encrypting. In addition to allowing those with GnuPG to " -"verify that the message came from you, signing is a non-intrusive way to " -"remind everyone that you use GnuPG and show support for secure " -"communication. If you often send signed messages to people that aren't " -"familiar with GnuPG, it's nice to also include a link to this guide in your " -"standard email signature (the text kind, not the cryptographic kind)." -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> -msgid "Section 5: Use it Well (2)" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Be wary of invalid keys" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"GnuPG makes email safer, but it's still important to watch out for invalid " -"keys, which might have fallen into the wrong hands. Email encrypted with " -"invalid keys might be readable by surveillance programs." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"In your email program, go back to the first encrypted email that Edward sent " -"you. Because Edward encrypted it with your public key, it will have a " -"message from Enigmail at the top, which most likely says \"Enigmail: Part of " -"this message encrypted.\"" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"<b>When using GnuPG, make a habit of glancing at that bar. The program will " -"warn you there if you get an email signed with a key that can't be " -"trusted.</b>" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Copy your revocation certificate to somewhere safe" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Remember when you created your keys and saved the revocation certificate " -"that GnuPG made? It's time to copy that certificate onto the safest digital " -"storage that you have -- the ideal thing is a flash drive, disk, or hard " -"drive stored in a safe place in your home, not on a device you carry with " -"you regularly." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"If your private key ever gets lost or stolen, you'll need this certificate " -"file to let people know that you are no longer using that keypair." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Important:</em> act swiftly if someone gets your private key" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"If you lose your private key or someone else gets ahold of it (say, by " -"stealing or cracking your computer), it's important to revoke it immediately " -"before someone else uses it to read your encrypted email or forge your " -"signature. This guide doesn't cover how to revoke a key, but you can follow " -"these <a " -"href=\"https://www.hackdiary.com/2004/01/18/revoking-a-gpg-key/\">instructions</a>. " -"After you're done revoking, make a new key and send an email to everyone " -"with whom you usually use your key to make sure they know, including a copy " -"of your new key." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Webmail and GnuPG" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"When you use a web browser to access your email, you're using webmail, an " -"email program stored on a distant website. Unlike webmail, your desktop " -"email program runs on your own computer. Although webmail can't decrypt " -"encrypted email, it will still display it in its encrypted form. If you " -"primarily use webmail, you'll know to open your email client when you " -"receive a scrambled email." -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<a href=\"next_steps.html\">Great job! Check out the next steps.</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><p> -msgid "← Read the <a href=\"index.html\">full guide</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><h3><a> -msgid "" -"<a " -"href=\"https://fsf.org/share?u=https://u.fsf.org/zc&t=How public-key " -"encryption works. Infographic via %40fsf\">" -msgstr "" - -#. type: Content of: <html><body><header><div><h3> -msgid "  Share our infographic </a> with the hashtag #EmailSelfDefense" -msgstr "" - -#. type: Attribute 'alt' of: <html><body><header><div><p><img> -msgid "View & share our infographic" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"index.html\">GNU/Linux</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"mac.html\" class=\"current\">Mac OS</a>" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"This guide relies on software which is <a " -"href=\"https://www.gnu.org/philosophy/free-sw.html\">freely licensed</a>; " -"it's completely transparent and anyone can copy it or make their own " -"version. This makes it safer from surveillance than proprietary software " -"(like Windows or Mac OS). To defend your freedom as well as protect yourself " -"from surveillance, we recommend you switch to a free software operating " -"system like GNU/Linux. Learn more about free software at <a " -"href=\"https://u.fsf.org/ys\">fsf.org</a>." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"To get started, you'll need the IceDove desktop email program installed on " -"your computer. For your system, IceDove may be known by the alternate name " -"\"Thunderbird.\" Email programs are another way to access the same email " -"accounts you can access in a browser (like Gmail), but provide extra " -"features." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 1.b</em> Get GnuPG by downloading GPGTools" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"GPGTools is a software package that includes GnuPG. <a " -"href=\"https://gpgtools.org/#gpgsuite\">Download</a> and install it, " -"choosing default options whenever asked. After it's installed, you can close " -"any windows that it creates." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"There are major security flaws in versions of GnuPG provided by GPGTools " -"prior to 2018.3. Make sure you have GPGTools 2018.3 or later." -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><ul><li><img> -msgid "Step 1.C: Tools -> Add-ons" -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><ul><li><img> -msgid "Step 1.C: Search Add-ons" -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><ul><li><img> -msgid "Step 1.C: Install Add-ons" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 1.c</em> Install the Enigmail plugin for your email program" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"There are major security flaws in Enigmail prior to version 2.0.7. Make sure " -"you have Enigmail 2.0.7 or later." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"For greater security against potential attacks, you can turn off " -"HTML. Instead, you can render the message body as plain text." -msgstr "" - -#. type: Content of: <html><body><header><div><h1> -msgid "Great job!" -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#6</em> Next steps" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"You've now completed the basics of email encryption with GnuPG, taking " -"action against bulk surveillance. These next steps will help make the most " -"of the work you've done." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Join the movement" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"You've just taken a huge step towards protecting your privacy online. But " -"each of us acting alone isn't enough. To topple bulk surveillance, we need " -"to build a movement for the autonomy and freedom of all computer users. Join " -"the Free Software Foundation's community to meet like-minded people and work " -"together for change." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"<small>Read <a href=\"https://www.fsf.org/twitter\">why GNU Social and " -"Mastodon are better than Twitter</a>, and <a " -"href=\"http://www.fsf.org/facebook\">why we don't use Facebook</a>.</small>" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><p> -msgid "Low-volume mailing list" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><form> -msgid "" -"<input type=\"text\" value=\"Type your email...\" name=\"email-Primary\" " -"id=\"frmEmail\" /> <input type=\"submit\" value=\"Add me\" " -"name=\"_qf_Edit_next\" /> <input type=\"hidden\" " -"value=\"https://emailselfdefense.fsf.org/en/confirmation.html\" " -"name=\"postURL\" /> <input type=\"hidden\" value=\"1\" name=\"group[25]\" /> " -"<input type=\"hidden\" " -"value=\"https://my.fsf.org/civicrm/profile?reset=1&gid=391\" " -"name=\"cancelURL\" /> <input type=\"hidden\" value=\"Edit:cancel\" " -"name=\"_qf_default\" />" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><p> -msgid "" -"<small>Read our <a " -"href=\"https://my.fsf.org/donate/privacypolicy.html\">privacy " -"policy</a>.</small>" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Bring Email Self-Defense to new people" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Understanding and setting up email encryption is a daunting task for " -"many. To welcome them, make it easy to find your public key and offer to " -"help with encryption. Here are some suggestions:" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><ul><li> -msgid "" -"Lead an Email Self-Defense workshop for your friends and community, using " -"our <a href=\"workshops.html\">teaching guide</a>." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><ul><li> -msgid "" -"Use <a href=\"https://fsf.org/share?u=https://u.fsf.org/zb&t=Encrypt " -"with me using Email Self-Defense %40fsf\">our sharing page</a> to compose a " -"message to a few friends and ask them to join you in using encrypted " -"email. Remember to include your GnuPG public key fingerprint so they can " -"easily download your key." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><ul><li> -msgid "" -"Add your public key fingerprint anywhere that you normally display your " -"email address. Some good places are: your email signature (the text kind, " -"not the cryptographic kind), social media profiles, blogs, Websites, or " -"business cards. At the Free Software Foundation, we put ours on our <a " -"href=\"https://fsf.org/about/staff\">staff page</a>." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Protect more of your digital life" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Learn surveillance-resistant technologies for instant messages, hard drive " -"storage, online sharing, and more at <a " -"href=\"https://directory.fsf.org/wiki/Collection:Privacy_pack\"> the Free " -"Software Directory's Privacy Pack</a> and <a " -"href=\"https://prism-break.org\">prism-break.org</a>." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"If you are using Windows, Mac OS or any other proprietary operating system, " -"we recommend you switch to a free software operating system like " -"GNU/Linux. This will make it much harder for attackers to enter your " -"computer through hidden back doors. Check out the Free Software Foundation's " -"<a href=\"http://www.gnu.org/distros/free-distros.html\">endorsed versions " -"of GNU/Linux.</a>" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Optional: Add more email protection with Tor" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"<a href=\"https://www.torproject.org/about/overview.html.en\">The Onion " -"Router (Tor) network</a> wraps Internet communication in multiple layers of " -"encryption and bounces it around the world several times. When used " -"properly, Tor confuses surveillance field agents and the global surveillance " -"apparatus alike. Using it simultaneously with GnuPG's encryption will give " -"you the best results." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"To have your email program send and receive email over Tor, install the <a " -"href=\"https://addons.mozilla.org/en-us/thunderbird/addon/torbirdy/\">Torbirdy " -"plugin</a> the same way you installed Enigmail, by searching for it through " -"Add-ons." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Before beginning to check your email over Tor, make sure you understand <a " -"href=\"https://www.torproject.org/docs/faq.html.en#WhatProtectionsDoesTorProvide\"> " -"the security tradeoffs involved</a>. This <a " -"href=\"https://www.eff.org/pages/tor-and-https\">infographic</a> from our " -"friends at the Electronic Frontier Foundation demonstrates how Tor keeps you " -"secure." -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> -msgid "Section 6: Next Steps" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "← <a href=\"index.html\">Return to the guide</a>" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Make Email Self-Defense tools even better" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"<a href=\"https://libreplanet.org/wiki/GPG_guide/Public_Review\">Leave " -"feedback and suggest improvements to this guide</a>. We welcome " -"translations, but we ask that you contact us at <a " -"href=\"mailto:campaigns@fsf.org\">campaigns@fsf.org</a> before you start, so " -"that we can connect you with other translators working in your language." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"If you like programming, you can contribute code to <a " -"href=\"https://www.gnupg.org/\">GnuPG</a> or <a " -"href=\"https://www.enigmail.net/home/index.php\">Enigmail</a>." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"To go the extra mile, support the Free Software Foundation so we can keep " -"improving Email Self-Defense, and make more tools like it." -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"windows.html\" class=\"current\">Windows</a>" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 1.b</em> Get GnuPG by downloading GPG4Win" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"GPG4Win is a software package that includes GnuPG. <a " -"href=\"https://www.gpg4win.org/\">Download</a> and install it, choosing " -"default options whenever asked. After it's installed, you can close any " -"windows that it creates." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"There are major security flaws in versions of GnuPG provided by GPG4Win " -"prior to 3.1.2. Make sure you have GPG4Win 3.1.2 or later." -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"workshops.html\" class=\"current\">Teach your friends</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li><a> -msgid "" -"<a href=\"https://fsf.org/share?u=https://u.fsf.org/zb&t=Email " -"encryption for everyone via %40fsf\">Share " -msgstr "" - -#. type: Content of: <html><body><header><div><div><div><p> -msgid "" -"We want to translate this guide into more languages, and make a version for " -"encryption on mobile devices. Please donate, and help people around the " -"world take the first step towards protecting their privacy with free " -"software." -msgstr "" - -#. type: Content of: <html><body><header><div><div><p><a> -msgid "" -"<a id=\"infographic\" " -"href=\"https://emailselfdefense.fsf.org/en/infographic.html\">" -msgstr "" - -#. type: Attribute 'alt' of: <html><body><header><div><div><p><a><img> -msgid "View & share our infographic →" -msgstr "" - -#. type: Content of: <html><body><header><div><div><p> -msgid "" -"</a> Understanding and setting up email encryption sounds like a daunting " -"task to many people. That's why helping your friends with GnuPG plays such " -"an important role in helping spread encryption. Even if only one person " -"shows up, that's still one more person using encryption who wasn't " -"before. You have the power to help your friends keep their digital love " -"letters private, and teach them about the importance of free software. If " -"you use GnuPG to send and receive encrypted email, you're a perfect " -"candidate for leading a workshop!" -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><p><img> -msgid "A small workshop among friends" -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#1</em> Get your friends or community interested" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"If you hear friends grumbling about their lack of privacy, ask them if " -"they're interested in attending a workshop on Email Self-Defense. If your " -"friends don't grumble about privacy, they may need some convincing. You " -"might even hear the classic \"if you've got nothing to hide, you've got " -"nothing to fear\" argument against using encryption." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Here are some talking points you can use to help explain why it's worth it " -"to learn GnuPG. Mix and match whichever you think will make sense to your " -"community:" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Strength in numbers" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Each person who chooses to resist mass surveillance with encryption makes it " -"easier for others to resist as well. People normalizing the use of strong " -"encryption has multiple powerful effects: it means those who need privacy " -"the most, like potential whistle-blowers and activists, are more likely to " -"learn about encryption. More people using encryption for more things also " -"makes it harder for surveillance systems to single out those that can't " -"afford to be found, and shows solidarity with those people." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "People you respect may already be using encryption" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Many journalists, whistleblowers, activists, and researchers use GnuPG, so " -"your friends might unknowingly have heard of a few people who use it " -"already. You can search for \"BEGIN PUBLIC KEY BLOCK\" + keyword to help " -"make a list of people and organizations who use GnuPG whom your community " -"will likely recognize." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Respect your friends' privacy" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"There's no objective way to judge what constitutes privacy-sensitive " -"correspondence. As such, it's better not to presume that just because you " -"find an email you sent to a friend innocuous, your friend (or a surveillance " -"agent, for that matter!) feels the same way. Show your friends respect by " -"encrypting your correspondence with them." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Privacy technology is normal in the physical world" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"In the physical realm, we take window blinds, envelopes, and closed doors " -"for granted as ways of protecting our privacy. Why should the digital realm " -"be any different?" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "We shouldn't have to trust our email providers with our privacy" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Some email providers are very trustworthy, but many have incentives not to " -"protect your privacy and security. To be empowered digital citizens, we need " -"to build our own security from the bottom up." -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#2</em> Plan The Workshop" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Once you've got at least one interested friend, pick a date and start " -"planning out the workshop. Tell participants to bring their computer and ID " -"(for signing each other's keys). If you'd like to make it easy for the " -"participants to use Diceware for choosing passwords, get a pack of dice " -"beforehand. Make sure the location you select has an easily accessible " -"Internet connection, and make backup plans in case the connection stops " -"working on the day of the workshop. Libraries, coffee shops, and community " -"centers make great locations. Try to get all the participants to set up an " -"Enigmail-compatible email client before the event. Direct them to their " -"email provider's IT department or help page if they run into errors." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Estimate that the workshop will take at least forty minutes plus ten minutes " -"for each participant. Plan extra time for questions and technical glitches." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"The success of the workshop requires understanding and catering to the " -"unique backgrounds and needs of each group of participants. Workshops should " -"stay small, so that each participant receives more individualized " -"instruction. If more than a handful of people want to participate, keep the " -"facilitator to participant ratio high by recruiting more facilitators, or by " -"facilitating multiple workshops. Small workshops among friends work great!" -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#3</em> Follow the guide as a group" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Work through the Email Self-Defense guide a step at a time as a group. Talk " -"about the steps in detail, but make sure not to overload the participants " -"with minutia. Pitch the bulk of your instructions to the least tech-savvy " -"participants. Make sure all the participants complete each step before the " -"group moves on to the next one. Consider facilitating secondary workshops " -"afterwards for people that had trouble grasping the concepts, or those that " -"grasped them quickly and want to learn more." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"In <a href=\"index.html#section2\">Section 2</a> of the guide, make sure the " -"participants upload their keys to the same keyserver so that they can " -"immediately download each other's keys later (sometimes there is a delay in " -"synchronization between keyservers). During <a " -"href=\"index.html#section3\">Section 3</a>, give the participants the option " -"to send test messages to each other instead of or as well as " -"Edward. Similarly, in <a href=\"index.html#section4\">Section 4</a>, " -"encourage the participants to sign each other's keys. At the end, make sure " -"to remind people to safely back up their revocation certificates." -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#4</em> Explain the pitfalls" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Remind participants that encryption works only when it's explicitly used; " -"they won't be able to send an encrypted email to someone who hasn't already " -"set up encryption. Also remind participants to double-check the encryption " -"icon before hitting send, and that subjects and timestamps are never " -"encrypted." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Explain the <a " -"href=\"https://www.gnu.org/proprietary/proprietary.html\">dangers of running " -"a proprietary system</a> and advocate for free software, because without it, " -"we can't <a " -"href=\"https://www.fsf.org/bulletin/2013/fall/how-can-free-software-protect-us-from-surveillance\">meaningfully " -"resist invasions of our digital privacy and autonomy</a>." -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#5</em> Share additional resources" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"GnuPG's advanced options are far too complex to teach in a single " -"workshop. If participants want to know more, point out the advanced " -"subsections in the guide and consider organizing another workshop. You can " -"also share <a " -"href=\"https://www.gnupg.org/documentation/index.html\">GnuPG's</a> and <a " -"href=\"https://www.enigmail.net/index.php/documentation\">Enigmail's</a> " -"official documentation and mailing lists. Many GNU/Linux distribution's Web " -"sites also contain a page explaining some of GnuPG's advanced features." -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#6</em> Follow up" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Make sure everyone has shared email addresses and public key fingerprints " -"before they leave. Encourage the participants to continue to gain GnuPG " -"experience by emailing each other. Send them each an encrypted email one " -"week after the event, reminding them to try adding their public key ID to " -"places where they publicly list their email address." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"If you have any suggestions for improving this workshop guide, please let us " -"know at <a href=\"mailto:campaigns@fsf.org\">campaigns@fsf.org</a>." -msgstr "" -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Free Software Foundation, Inc. -# This file is distributed under the same license as the PACKAGE package. -# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR. -# -msgid "" -msgstr "" -"Project-Id-Version: emailselfdefense 4.0\n" -"POT-Creation-Date: 2020-06-25 17:51+0200\n" -"PO-Revision-Date: 2020-12-14 23:22+0200\n" -"Last-Translator: Andrew V. Isakov <andrij.isakov@gmail.com>\n" -"Language-Team: \n" -"Language: ua\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" - -#. type: Attribute 'lang' of: <html> -msgid "en" -msgstr "en" - -#. type: Attribute 'content' of: <html><head><meta> -msgid "text/html; charset=utf-8" -msgstr "text/html; charset=utf-8" - -#. type: Content of: <html><head><title> -msgid "Email Self-Defense - a guide to fighting surveillance with GnuPG encryption" -msgstr "E-mail самозахист - довідник боротьби проти налгяду з допомогою GnuPG шифрування" - -#. type: Attribute 'content' of: <html><head><meta> -msgid "GnuPG, GPG, openpgp, surveillance, privacy, email, Enigmail" -msgstr "" - -# може краще "свободу самовираження"? -#. type: Attribute 'content' of: <html><head><meta> -msgid "" -"Email surveillance violates our fundamental rights and makes free speech " -"risky. This guide will teach you email self-defense in 40 minutes with " -"GnuPG." -msgstr "E-mail нагляд порушує наші найфундаментальніші права та робить свободу слова ризикованою. Цей довідник навчить вас e-mail самозахисту всього за 40 хвилин з GnuPG." - -#. type: Attribute 'content' of: <html><head><meta> -msgid "width=device-width, initial-scale=1" -msgstr "width=device-width, initial-scale=1" - -#. type: Content of: <html><body><header><div><p> -msgid "" -"<strong>Please check your email for a confirmation link now. Thanks for " -"joining our list!</strong>" -msgstr "<strong>Будь ласка перевірте чи прийшло на вашу електронну пошту посилання з підтвердженням. Щиро дякуємо, що долучаєтесь до розсилки!</strong>" - -#. type: Content of: <html><body><header><div><p> -msgid "" -"If you don't receive the confirmation link, send us an email at info@fsf.org " -"to be added manually." -msgstr "Якщо ви не отримаєте посилання з підтвердженням, надішліть нам листа на info@fsf.org аби ми вас додали вручну." - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> -msgid "Try it out." -msgstr "Спробуйте." - -#. type: Content of: <html><body><header><div><p> -msgid "Join us on microblogging services for day-to-day updates:" -msgstr "Приєднуйтесь до нас на сервісах мікроблоггінгу для щоденних оновлень:" - -#. type: Content of: <html><body><section><div><div><div><p><a> -msgid "<a href=\"https://status.fsf.org/fsf\">" -msgstr "<a href=\"https://status.fsf.org/fsf\">" - -#. type: Attribute 'alt' of: <html><body><header><div><ul><li><a><img> -msgid "[GNU Social]" -msgstr "[GNU Social]" - -#. type: Content of: <html><body><section><div><div><div><p><a> -msgid " GNU Social</a>  |  <a href=\"https://hostux.social/@fsf\">" -msgstr " GNU Social</a>  |  <a href=\"https://hostux.social/@fsf\">" - -#. type: Attribute 'alt' of: <html><body><header><div><ul><li><a><img> -msgid "[Mastodon]" -msgstr "[Mastodon]" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -" Mastodon</a>  |  <a " -"href=\"https://www.twitter.com/fsf\">Twitter</a>" -msgstr " Mastodon</a>  |  <a href=\"https://www.twitter.com/fsf\">Twitter</a>" - -#. type: Content of: <html><body><header><div><p> -msgid "" -"<small><a href=\"https://www.fsf.org/twitter\">Read why GNU Social and " -"Mastodon are better than Twitter.</a></small>" -msgstr "<small><a href=\"https://www.fsf.org/twitter\">Читайте чому GNU Social and Mastodon кращі за Twitter.</a></small>" - -#. type: Content of: <html><body><header><div><p> -msgid "← Return to <a href=\"index.html\">Email Self-Defense</a>" -msgstr "← Повернутися на <a href=\"index.html\">E-mail самозахист</a>" - -#. type: Content of: <html><body><footer><div><div><h4><a> -msgid "<a href=\"https://u.fsf.org/ys\">" -msgstr "<a href=\"https://u.fsf.org/ys\">" - -#. type: Attribute 'alt' of: <html><body><footer><div><div><h4><a><img> -msgid "Free Software Foundation" -msgstr "Free Software Foundation" - -#. type: Content of: <html><body><footer><div><p> -msgid "</a>" -msgstr "</a>" - -#. type: Content of: <html><body><footer><div><div><p> -msgid "" -"Copyright © 2014-2016 <a href=\"https://u.fsf.org/ys\">Free Software " -"Foundation</a>, Inc. <a " -"href=\"https://my.fsf.org/donate/privacypolicy.html\">Privacy " -"Policy</a>. Please support our work by <a " -"href=\"https://u.fsf.org/yr\">joining us as an associate member.</a>" -msgstr "Copyright © 2014-2016 <a href=\"https://u.fsf.org/ys\">Free Software Foundation</a>, Inc. <a href=\"https://my.fsf.org/donate/privacypolicy.html\">Політика конфіденційності</a>. Будь ласка підтримайте нашу роботу, <a href=\"https://u.fsf.org/yr\">долучаючись до нас як асоційований партнер.</a>" - -#. type: Content of: <html><body><footer><div><div><p> -msgid "" -"The images on this page are under a <a " -"href=\"https://creativecommons.org/licenses/by/4.0/\">Creative Commons " -"Attribution 4.0 license (or later version)</a>, and the rest of it is under " -"a <a href=\"https://creativecommons.org/licenses/by-sa/4.0\">Creative " -"Commons Attribution-ShareAlike 4.0 license (or later version)</a>. Download " -"the <a " -"href=\"http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz\"> " -"source code of Edward reply bot</a> by Andrew Engelbrecht " -"<andrew@engelbrecht.io> and Josh Drake <zamnedix@gnu.org>, " -"available under the GNU Affero General Public License. <a " -"href=\"http://www.gnu.org/licenses/license-list.html#OtherLicenses\">Why " -"these licenses?</a>" -msgstr "Зображення на цій сторінці ліцензуються <a href=\"https://creativecommons.org/licenses/by/4.0/\">Creative Commons Attribution 4.0 ліцензією (чи пізнішою версією)</a>, всі інші елементи ліцензуються <a href=\"https://creativecommons.org/licenses/by-sa/4.0\">Creative Commons Attribution-ShareAlike 4.0 ліцензією (чи пізнішою версією)</a>. Завантажити <a href=\"http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz\"> вихідний код Едварда, бота-відповідача,</a> створеного Андрієм Енгельбрехтом (Andrew Engelbrecht) <andrew@engelbrecht.io> та Джошем Дрейком (Josh Drake) <zamnedix@gnu.org>, доступним за ліцензією GNU Affero General Public License. <a href=\"http://www.gnu.org/licenses/license-list.html#OtherLicenses\">Чому ці ліцензії?</a>" - -#. type: Content of: <html><body><footer><div><div><p> -msgid "" -"Fonts used in the guide & infographic: <a " -"href=\"https://www.google.com/fonts/specimen/Dosis\">Dosis</a> by Pablo " -"Impallari, <a " -"href=\"http://www.google.com/fonts/specimen/Signika\">Signika</a> by Anna " -"Giedryś, <a " -"href=\"http://www.google.com/fonts/specimen/Archivo+Narrow\">Archivo " -"Narrow</a> by Omnibus-Type, <a " -"href=\"https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls\">PXL-2000</a> " -"by Florian Cramer." -msgstr "Шрифти використані в цьому довіднику & інфографіка: <a href=\"https://www.google.com/fonts/specimen/Dosis\">Dosis</a> by Pablo Impallari, <a href=\"http://www.google.com/fonts/specimen/Signika\">Signika</a> by Anna Giedryś, <a href=\"http://www.google.com/fonts/specimen/Archivo+Narrow\">Archivo Narrow</a> by Omnibus-Type, <a href=\"https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls\">PXL-2000</a> by Florian Cramer." - -#. type: Content of: <html><body><footer><div><div><p> -msgid "" -"Download the <a href=\"emailselfdefense_source.zip\">source package</a> for " -"this guide, including fonts, image source files and the text of Edward's " -"messages." -msgstr "Завантажити <a href=\"emailselfdefense_source.zip\">архів з вихідним кодом</a> для цього довідника, включно з шрифтами, вихідними зображеннями та текстом повідомлень Едварда." - -#. type: Content of: <html><body><footer><div><div><p> -msgid "" -"This site uses the Weblabels standard for labeling <a " -"href=\"https://www.fsf.org/campaigns/freejs\">free JavaScript</a>. View the " -"JavaScript <a href=\"//weblabels.fsf.org/emailselfdefense.fsf.org/\" " -"rel=\"jslicense\">source code and license information</a>." -msgstr "Цей сайт використовує Weblabels стандарт для маркування <a href=\"https://www.fsf.org/campaigns/freejs\">вільного JavaScript</a>. Переглянути вихідний код та інформацію про ліцензування <a href=\"//weblabels.fsf.org/emailselfdefense.fsf.org/\" rel=\"jslicense\">JavaScript</a>." - -#. type: Content of: <html><body><footer><div><p><a> -msgid "" -"Infographic and guide design by <a rel=\"external\" " -"href=\"http://jplusplus.org\"><strong>Journalism++</strong>" -msgstr "" - -#. type: Attribute 'alt' of: <html><body><footer><div><p><a><img> -msgid "Journalism++" -msgstr "" - -#. type: Content of: <html><body><header><div><h1> -msgid "Email Self-Defense" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a class=\"current\" href=\"/en\">English - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/ar\">العربية <span class=\"tip\">tip</span></a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/cs\">čeÅ¡tina - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/de\">Deutsch - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/el\">ελληνικά - v3.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/es\">español - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/fa\">فارسی - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/fr\">français - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/it\">italiano - v3.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/ja\">日本語 - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/ko\">한국어 <span class=\"tip\">tip</span></a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/ml\">മലയാളം <span class=\"tip\">tip</span></a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/pt-br\">português do Brasil - v3.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/ro\">română - v3.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/ru\">русский - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/sq\">Shqip - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/sv\">svenska - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/tr\">Türkçe - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"/zh-hans\">简体中文 - v4.0</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "" -"<a href=\"https://libreplanet.org/wiki/GPG_guide/Translation_Guide\"> " -"<strong><span style=\"color: #2F5FAA;\">Translate!</span></strong></a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"index.html\" class=\"current\">GNU/Linux</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"mac.html\">Mac OS</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"windows.html\">Windows</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"workshops.html\">Teach your friends</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li><a> -msgid "" -"<a href=\"https://fsf.org/share?u=https://u.fsf.org/zb&t=Email " -"encryption for everyone via %40fsf\"> Share " -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li><a> -msgid " " -msgstr "" - -#. type: Attribute 'alt' of: <html><body><header><div><ul><li><a><img> -msgid "[Reddit]" -msgstr "" - -#. type: Attribute 'alt' of: <html><body><header><div><ul><li><a><img> -msgid "[Hacker News]" -msgstr "" - -#. type: Content of: <html><body><header><div><div><h3><a> -msgid "<a href=\"http://u.fsf.org/ys\">" -msgstr "" - -#. type: Content of: <html><body><header><div><div><div><p> -msgid "" -"We fight for computer users' rights, and promote the development of free (as " -"in freedom) software. Resisting bulk surveillance is very important to us." -msgstr "" - -#. type: Content of: <html><body><header><div><div><div><p> -msgid "" -"<strong>Please donate to support Email Self-Defense. We need to keep " -"improving it, and making more materials, for the benefit of people around " -"the world taking the first step towards protecting their privacy.</strong>" -msgstr "" - -#. type: Content of: <html><body><header><div><div><p><a> -msgid "" -"<a " -"href=\"https://crm.fsf.org/civicrm/contribute/transact?reset=1&id=14&pk_campaign=email_self_defense&pk_kwd=guide_donate\">" -msgstr "" - -#. type: Attribute 'alt' of: <html><body><header><div><div><p><a><img> -msgid "Donate" -msgstr "" - -#. type: Content of: <html><body><header><div><div><p><a> -msgid "<a id=\"infographic\" href=\"infographic.html\">" -msgstr "" - -#. type: Attribute 'alt' of: <html><body><header><div><div><p><a><img> -msgid "View & share our infographic →" -msgstr "" - -#. type: Content of: <html><body><header><div><div><p> -msgid "" -"</a> Bulk surveillance violates our fundamental rights and makes free speech " -"risky. This guide will teach you a basic surveillance self-defense skill: " -"email encryption. Once you've finished, you'll be able to send and receive " -"emails that are scrambled to make sure a surveillance agent or thief " -"intercepting your email can't read them. All you need is a computer with an " -"Internet connection, an email account, and about forty minutes." -msgstr "" - -#. type: Content of: <html><body><header><div><div><p> -msgid "" -"Even if you have nothing to hide, using encryption helps protect the privacy " -"of people you communicate with, and makes life difficult for bulk " -"surveillance systems. If you do have something important to hide, you're in " -"good company; these are the same tools that whistleblowers use to protect " -"their identities while shining light on human rights abuses, corruption and " -"other crimes." -msgstr "" - -#. type: Content of: <html><body><header><div><div><p> -msgid "" -"In addition to using encryption, standing up to surveillance requires " -"fighting politically for a <a " -"href=\"http://gnu.org/philosophy/surveillance-vs-democracy.html\">reduction " -"in the amount of data collected on us</a>, but the essential first step is " -"to protect yourself and make surveillance of your communication as difficult " -"as possible. This guide helps you do that. It is designed for beginners, but " -"if you already know the basics of GnuPG or are an experienced free software " -"user, you'll enjoy the advanced tips and the <a " -"href=\"workshops.html\">guide to teaching your friends</a>." -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#1</em> Get the pieces" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"This guide relies on software which is <a " -"href=\"https://www.gnu.org/philosophy/free-sw.html\">freely licensed</a>; " -"it's completely transparent and anyone can copy it or make their own " -"version. This makes it safer from surveillance than proprietary software " -"(like Windows). Learn more about free software at <a " -"href=\"https://u.fsf.org/ys\">fsf.org</a>." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Most GNU/Linux operating systems come with GnuPG installed on them, so you " -"don't have to download it. Before configuring GnuPG though, you'll need the " -"IceDove desktop email program installed on your computer. Most GNU/Linux " -"distributions have IceDove installed already, though it may be under the " -"alternate name \"Thunderbird.\" Email programs are another way to access the " -"same email accounts you can access in a browser (like Gmail), but provide " -"extra features." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"If you already have an email program, you can skip to <a " -"href=\"#step-1b\">Step 1.b</a>." -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> -msgid "Step 1.A: Install Wizard" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 1.a</em> Set up your email program with your email account" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Open your email program and follow the wizard (step-by-step walkthrough) " -"that sets it up with your email account." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Look for the letters SSL, TLS, or STARTTLS to the right of the servers when " -"you're setting up your account. If you don't see them, you will still be " -"able to use encryption, but this means that the people running your email " -"system are running behind the industry standard in protecting your security " -"and privacy. We recommend that you send them a friendly email asking them to " -"enable SSL, TLS, or STARTTLS for your email server. They will know what " -"you're talking about, so it's worth making the request even if you aren't an " -"expert on these security systems." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><h4> -msgid "Troubleshooting" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "The wizard doesn't launch" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"You can launch the wizard yourself, but the menu option for doing so is " -"named differently in each email program. The button to launch it will be in " -"the program's main menu, under \"New\" or something similar, titled " -"something like \"Add account\" or \"New/Existing email account.\"" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "The wizard can't find my account or isn't downloading my mail" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"Before searching the Web, we recommend you start by asking other people who " -"use your email system, to figure out the correct settings." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "Don't see a solution to your problem?" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"Please let us know on the <a " -"href=\"https://libreplanet.org/wiki/GPG_guide/Public_Review\">feedback " -"page</a>." -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><ul><li><img> -msgid "Step 1.B: Tools -> Add-ons" -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><ul><li><img> -msgid "Step 1.B: Search Add-ons" -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><ul><li><img> -msgid "Step 1.B: Install Add-ons" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 1.b</em> Install the Enigmail plugin for your email program" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"In your email program's menu, select Add-ons (it may be in the Tools " -"section). Make sure Extensions is selected on the left. Do you see Enigmail? " -"Make sure it's the latest version. If so, skip this step." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"If not, search \"Enigmail\" with the search bar in the upper right. You can " -"take it from here. Restart your email program when you're done." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"There are major security flaws in versions of GnuPG prior to 2.2.8, and " -"Enigmail prior to 2.0.7. Make sure you have GnuPG 2.2.8 and Enigmail 2.0.7, " -"or later versions." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "I can't find the menu." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"In many new email programs, the main menu is represented by an image of " -"three stacked horizontal bars." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "My email looks weird" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"Enigmail doesn't tend to play nice with HTML, which is used to format " -"emails, so it may disable your HTML formatting automatically. To send an " -"HTML-formatted email without encryption or a signature, hold down the Shift " -"key when you select compose. You can then write an email as if Enigmail " -"wasn't there." -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#2</em> Make your keys" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"To use the GnuPG system, you'll need a public key and a private key (known " -"together as a keypair). Each is a long string of randomly generated numbers " -"and letters that are unique to you. Your public and private keys are linked " -"together by a special mathematical function." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Your public key isn't like a physical key, because it's stored in the open " -"in an online directory called a keyserver. People download it and use it, " -"along with GnuPG, to encrypt emails they send to you. You can think of the " -"keyserver as a phonebook; people who want to send you encrypted email can " -"look up your public key." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Your private key is more like a physical key, because you keep it to " -"yourself (on your computer). You use GnuPG and your private key together to " -"descramble encrypted emails other people send to you. <span " -"style=\"font-weight: bold;\">You should never share your private key with " -"anyone, under any circumstances.</span>" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"In addition to encryption and decryption, you can also use these keys to " -"sign messages and check the authenticity of other people's signatures. We'll " -"discuss this more in the next section." -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> -msgid "Step 2.A: Make a Keypair" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 2.a</em> Make a keypair" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"The Enigmail Setup wizard may start automatically. If it doesn't, select " -"Enigmail → Setup Wizard from your email program's menu. You don't need " -"to read the text in the window that pops up unless you'd like to, but it's " -"good to read the text on the later screens of the wizard. Click Next with " -"the default options selected, except in these instances, which are listed in " -"the order they appear:" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><ul><li> -msgid "" -"On the screen titled \"Encryption,\" select \"Encrypt all of my messages by " -"default, because privacy is critical to me.\"" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><ul><li> -msgid "" -"On the screen titled \"Signing,\" select \"Don't sign my messages by " -"default.\"" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><ul><li> -msgid "" -"On the screen titled \"Key Selection,\" select \"I want to create a new key " -"pair for signing and encrypting my email.\"" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><ul><li> -msgid "" -"On the screen titled \"Create Key,\" pick a strong password! You can do it " -"manually, or you can use the Diceware method. Doing it manually is faster " -"but not as secure. Using Diceware takes longer and requires dice, but " -"creates a password that is much harder for attackers to figure out. To use " -"it, read the section \"Make a secure passphrase with Diceware\" in <a " -"href=\"https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/\"> " -"this article</a> by Micah Lee." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"If you'd like to pick a password manually, come up with something you can " -"remember which is at least twelve characters long, and includes at least one " -"lower case and upper case letter and at least one number or punctuation " -"symbol. Never pick a password you've used elsewhere. Don't use any " -"recognizable patterns, such as birthdays, telephone numbers, pets' names, " -"song lyrics, quotes from books, and so on." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"The program will take a little while to finish the next step, the \"Key " -"Creation\" screen. While you wait, do something else with your computer, " -"like watching a movie or browsing the Web. The more you use the computer at " -"this point, the faster the key creation will go." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"<span style=\"font-weight: bold;\">When the \"Key Generation Completed\" " -"screen pops up, select Generate Certificate and choose to save it in a safe " -"place on your computer (we recommend making a folder called \"Revocation " -"Certificate\" in your home folder and keeping it there). This step is " -"essential for your email self-defense, as you'll learn more about in <a " -"href=\"#section5\">Section 5</a>.</span>" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "I can't find the Enigmail menu." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"In many new email programs, the main menu is represented by an image of " -"three stacked horizontal bars. Enigmail may be inside a section called " -"Tools." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "The wizard says that it cannot find GnuPG." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"Open whatever program you usually use for installing software, and search " -"for GnuPG, then install it. Then restart the Enigmail setup wizard by going " -"to Enigmail → Setup Wizard." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "More resources" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"If you're having trouble with our instructions or just want to learn more, " -"check out <a " -"href=\"https://www.enigmail.net/documentation/Key_Management#Generating_your_own_key_pair\"> " -"Enigmail's wiki instructions for key generation</a>." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><h4> -msgid "Advanced" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "Command line key generation" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"If you prefer using the command line for a higher degree of control, you can " -"follow the documentation from <a " -"href=\"https://www.gnupg.org/gph/en/manual/c14.html#AEN25\">The GNU Privacy " -"Handbook</a>. Make sure you stick with \"RSA and RSA\" (the default), " -"because it's newer and more secure than the algorithms the documentation " -"recommends. Also make sure your key is at least 2048 bits, or 4096 if you " -"want to be extra secure." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "Advanced key pairs" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"When GnuPG creates a new keypair, it compartmentalizes the encryption " -"function from the signing function through <a " -"href=\"https://wiki.debian.org/Subkeys\">subkeys</a>. If you use subkeys " -"carefully, you can keep your GnuPG identity much more secure and recover " -"from a compromised key much more quickly. <a " -"href=\"https://alexcabal.com/creating-the-perfect-gpg-keypair/\">Alex " -"Cabal</a> and <a href=\"http://keyring.debian.org/creating-key.html\">the " -"Debian wiki</a> provide good guides for setting up a secure subkey " -"configuration." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 2.b</em> Upload your public key to a keyserver" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "In your email program's menu, select Enigmail → Key Management." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Right click on your key and select Upload Public Keys to Keyserver. You " -"don't have to use the default keyserver. If, after research, you would like " -"to change to a different default keyserver, you can change that setting " -"manually in the Enigmail preferences." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Now someone who wants to send you an encrypted message can download your " -"public key from the Internet. There are multiple keyservers that you can " -"select from the menu when you upload, but they are all copies of each other, " -"so it doesn't matter which one you use. However, it sometimes takes a few " -"hours for them to match each other when a new key is uploaded." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "The progress bar never finishes" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"Close the upload popup, make sure you are connected to the Internet, and try " -"again. If that doesn't work, try again, selecting a different keyserver." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "My key doesn't appear in the list" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "Try checking \"Display All Keys by Default.\"" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "More documentation" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"If you're having trouble with our instructions or just want to learn more, " -"check out <a " -"href=\"https://www.enigmail.net/documentation/Key_Management#Distributing_your_public_key\"> " -"Enigmail's documentation</a>." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "Uploading a key from the command line" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"You can also upload your keys to a keyserver through the <a " -"href=\"https://www.gnupg.org/gph/en/manual/x457.html\">command line</a>. <a " -"href=\"https://sks-keyservers.net/overview-of-pools.php\">The sks Web " -"site</a> maintains a list of highly interconnected keyservers. You can also " -"<a href=\"https://www.gnupg.org/gph/en/manual/x56.html#AEN64\">directly " -"export your key</a> as a file on your computer." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "GnuPG, OpenPGP, what?" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"In general, the terms GnuPG, GPG, GNU Privacy Guard, OpenPGP and PGP are " -"used interchangeably. Technically, OpenPGP (Pretty Good Privacy) is the " -"encryption standard, and GNU Privacy Guard (often shortened to GPG or GnuPG) " -"is the program that implements the standard. Enigmail is a plug-in program " -"for your email program that provides an interface for GnuPG." -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#3</em> Try it out!" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Now you'll try a test correspondence with a computer program named Edward, " -"who knows how to use encryption. Except where noted, these are the same " -"steps you'd follow when corresponding with a real, live person." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 3.a</em> Send Edward your public key" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"This is a special step that you won't have to do when corresponding with " -"real people. In your email program's menu, go to Enigmail → Key " -"Management. You should see your key in the list that pops up. Right click on " -"your key and select Send Public Keys by Email. This will create a new draft " -"message, as if you had just hit the Write button." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Address the message to <a " -"href=\"mailto:edward-en@fsf.org\">edward-en@fsf.org</a>. Put at least one " -"word (whatever you want) in the subject and body of the email. Don't send " -"yet." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"The lock icon in the top left should be yellow, meaning encryption is turned " -"on. We want this first special message to be unencrypted, so click the icon " -"once to turn it off. The lock should become grey, with a blue dot on it (to " -"alert you that the setting has been changed from the default). Once " -"encryption is off, hit Send." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"It may take two or three minutes for Edward to respond. In the meantime, you " -"might want to skip ahead and check out the <a href=\"#section5\">Use it " -"Well</a> section of this guide. Once he's responded, head to the next " -"step. From here on, you'll be doing just the same thing as when " -"corresponding with a real person." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"When you open Edward's reply, GnuPG may prompt you for your password before " -"using your private key to decrypt it." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 3.b</em> Send a test encrypted email" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Write a new email in your email program, addressed to <a " -"href=\"mailto:edward-en@fsf.org\">edward-en@fsf.org</a>. Make the subject " -"\"Encryption test\" or something similar and write something in the body." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"The lock icon in the top left of the window should be yellow, meaning " -"encryption is on. This will be your default from now on." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Next to the lock, you'll notice an icon of a pencil. We'll get to this in a " -"moment." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Click Send. Enigmail will pop up a window that says \"Recipients not valid, " -"not trusted or not found.\"" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"To encrypt an email to Edward, you need his public key, so now you'll have " -"Enigmail download it from a keyserver. Click Download Missing Keys and use " -"the default in the pop-up that asks you to choose a keyserver. Once it finds " -"keys, check the first one (Key ID starting with C), then select ok. Select " -"ok in the next pop-up." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Now you are back at the \"Recipients not valid, not trusted or not found\" " -"screen. Check the box in front of Edward's key and click Send." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Since you encrypted this email with Edward's public key, Edward's private " -"key is required to decrypt it. Edward is the only one with his private key, " -"so no one except him can decrypt it." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "Enigmail can't find Edward's key" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"Close the pop-ups that have appeared since you clicked Send. Make sure you " -"are connected to the Internet and try again. If that doesn't work, repeat " -"the process, choosing a different keyserver when it asks you to pick one." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "Unscrambled messages in the Sent folder" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"Even though you can't decrypt messages encrypted to someone else's key, your " -"email program will automatically save a copy encrypted to your public key, " -"which you'll be able to view from the Sent folder like a normal email. This " -"is normal, and it doesn't mean that your email was not sent encrypted." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"If you're still having trouble with our instructions or just want to learn " -"more, check out <a " -"href=\"https://www.enigmail.net/documentation/Signature_and_Encryption#Encrypting_a_message\"> " -"Enigmail's wiki</a>." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "Encrypt messages from the command line" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"You can also encrypt and decrypt messages and files from the <a " -"href=\"https://www.gnupg.org/gph/en/manual/x110.html\">command line</a>, if " -"that's your preference. The option --armor makes the encrypted output appear " -"in the regular character set." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Important:</em> Security tips" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Even if you encrypt your email, the subject line is not encrypted, so don't " -"put private information there. The sending and receiving addresses aren't " -"encrypted either, so a surveillance system can still figure out who you're " -"communicating with. Also, surveillance agents will know that you're using " -"GnuPG, even if they can't figure out what you're saying. When you send " -"attachments, Enigmail will give you the choice to encrypt them or not, " -"independent of the actual email." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"For greater security against potential attacks, you can turn off " -"HTML. Instead, you can render the message body as plain text. In order to do " -"this in Thunderbird, go to View > Message Body As > Plain Text." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 3.c</em> Receive a response" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"When Edward receives your email, he will use his private key to decrypt it, " -"then reply to you." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"It may take two or three minutes for Edward to respond. In the meantime, you " -"might want to skip ahead and check out the <a href=\"#section5\">Use it " -"Well</a> section of this guide." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 3.d</em> Send a test signed email" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"GnuPG includes a way for you to sign messages and files, verifying that they " -"came from you and that they weren't tampered with along the way. These " -"signatures are stronger than their pen-and-paper cousins -- they're " -"impossible to forge, because they're impossible to create without your " -"private key (another reason to keep your private key safe)." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"You can sign messages to anyone, so it's a great way to make people aware " -"that you use GnuPG and that they can communicate with you securely. If they " -"don't have GnuPG, they will be able to read your message and see your " -"signature. If they do have GnuPG, they'll also be able to verify that your " -"signature is authentic." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"To sign an email to Edward, compose any message to him and click the pencil " -"icon next to the lock icon so that it turns gold. If you sign a message, " -"GnuPG may ask you for your password before it sends the message, because it " -"needs to unlock your private key for signing." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"With the lock and pencil icons, you can choose whether each message will be " -"encrypted, signed, both, or neither." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 3.e</em> Receive a response" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"When Edward receives your email, he will use your public key (which you sent " -"him in <a href=\"#step-3a\">Step 3.A</a>) to verify the message you sent has " -"not been tampered with and to encrypt his reply to you." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Edward's reply will arrive encrypted, because he prefers to use encryption " -"whenever possible. If everything goes according to plan, it should say " -"\"Your signature was verified.\" If your test signed email was also " -"encrypted, he will mention that first." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"When you receive Edward's email and open it, Enigmail will automatically " -"detect that it is encrypted with your public key, and then it will use your " -"private key to decrypt it." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Notice the bar that Enigmail shows you above the message, with information " -"about the status of Edward's key." -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#4</em> Learn the Web of Trust" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Email encryption is a powerful technology, but it has a weakness; it " -"requires a way to verify that a person's public key is actually " -"theirs. Otherwise, there would be no way to stop an attacker from making an " -"email address with your friend's name, creating keys to go with it and " -"impersonating your friend. That's why the free software programmers that " -"developed email encryption created keysigning and the Web of Trust." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"When you sign someone's key, you are publicly saying that you've verified " -"that it belongs to them and not someone else." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Signing keys and signing messages use the same type of mathematical " -"operation, but they carry very different implications. It's a good practice " -"to generally sign your email, but if you casually sign people's keys, you " -"may accidently end up vouching for the identity of an imposter." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"People who use your public key can see who has signed it. Once you've used " -"GnuPG for a long time, your key may have hundreds of signatures. You can " -"consider a key to be more trustworthy if it has many signatures from people " -"that you trust. The Web of Trust is a constellation of GnuPG users, " -"connected to each other by chains of trust expressed through signatures." -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> -msgid "Section 4: Web of Trust" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 4.a</em> Sign a key" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "In your email program's menu, go to Enigmail → Key Management." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Right click on Edward's public key and select Sign Key from the context " -"menu." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "In the window that pops up, select \"I will not answer\" and click ok." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Now you should be back at the Key Management menu. Select Keyserver → " -"Upload Public Keys and hit ok." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"You've just effectively said \"I trust that Edward's public key actually " -"belongs to Edward.\" This doesn't mean much because Edward isn't a real " -"person, but it's good practice." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Identifying keys: Fingerprints and IDs" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"People's public keys are usually identified by their key fingerprint, which " -"is a string of digits like F357AA1A5B1FA42CFD9FE52A9FF2194CC09A61E8 (for " -"Edward's key). You can see the fingerprint for your public key, and other " -"public keys saved on your computer, by going to Enigmail → Key " -"Management in your email program's menu, then right clicking on the key and " -"choosing Key Properties. It's good practice to share your fingerprint " -"wherever you share your email address, so that people can double-check that " -"they have the correct public key when they download yours from a keyserver." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"You may also see public keys referred to by a shorter key ID. This key ID is " -"visible directly from the Key Management window. These eight character key " -"IDs were previously used for identification, which used to be safe, but is " -"no longer reliable. You need to check the full fingerprint as part of " -"verifying you have the correct key for the person you are trying to " -"contact. Spoofing, in which someone intentionally generates a key with a " -"fingerprint whose final eight characters are the same as another, is " -"unfortunately common." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Important:</em> What to consider when signing keys" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Before signing a person's key, you need to be confident that it actually " -"belongs to them, and that they are who they say they are. Ideally, this " -"confidence comes from having interactions and conversations with them over " -"time, and witnessing interactions between them and others. Whenever signing " -"a key, ask to see the full public key fingerprint, and not just the shorter " -"key ID. If you feel it's important to sign the key of someone you've just " -"met, also ask them to show you their government identification, and make " -"sure the name on the ID matches the name on the public key. In Enigmail, " -"answer honestly in the window that pops up and asks \"How carefully have you " -"verified that the key you are about to sign actually belongs to the " -"person(s) named above?\"" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "Master the Web of Trust" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"Unfortunately, trust does not spread between users the way <a " -"href=\"http://fennetic.net/irc/finney.org/~hal/web_of_trust.html\">many " -"people think</a>. One of best ways to strengthen the GnuPG community is to " -"deeply <a " -"href=\"https://www.gnupg.org/gph/en/manual/x334.html\">understand</a> the " -"Web of Trust and to carefully sign as many people's keys as circumstances " -"permit." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dt> -msgid "Set ownertrust" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><dl><dd> -msgid "" -"If you trust someone enough to validate other people's keys, you can assign " -"them an ownertrust level through Enigmails's key management window. Right " -"click on the other person's key, go to the \"Select Owner Trust\" menu " -"option, select the trustlevel and click OK. Only do this once you feel you " -"have a deep understanding of the Web of Trust." -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#5</em> Use it well" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Everyone uses GnuPG a little differently, but it's important to follow some " -"basic practices to keep your email secure. Not following them, you risk the " -"privacy of the people you communicate with, as well as your own, and damage " -"the Web of Trust." -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> -msgid "Section 5: Use it Well (1)" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "When should I encrypt? When should I sign?" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"The more you can encrypt your messages, the better. If you only encrypt " -"emails occasionally, each encrypted message could raise a red flag for " -"surveillance systems. If all or most of your email is encrypted, people " -"doing surveillance won't know where to start. That's not to say that only " -"encrypting some of your email isn't helpful -- it's a great start and it " -"makes bulk surveillance more difficult." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Unless you don't want to reveal your own identity (which requires other " -"protective measures), there's no reason not to sign every message, whether " -"or not you are encrypting. In addition to allowing those with GnuPG to " -"verify that the message came from you, signing is a non-intrusive way to " -"remind everyone that you use GnuPG and show support for secure " -"communication. If you often send signed messages to people that aren't " -"familiar with GnuPG, it's nice to also include a link to this guide in your " -"standard email signature (the text kind, not the cryptographic kind)." -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> -msgid "Section 5: Use it Well (2)" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Be wary of invalid keys" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"GnuPG makes email safer, but it's still important to watch out for invalid " -"keys, which might have fallen into the wrong hands. Email encrypted with " -"invalid keys might be readable by surveillance programs." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"In your email program, go back to the first encrypted email that Edward sent " -"you. Because Edward encrypted it with your public key, it will have a " -"message from Enigmail at the top, which most likely says \"Enigmail: Part of " -"this message encrypted.\"" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"<b>When using GnuPG, make a habit of glancing at that bar. The program will " -"warn you there if you get an email signed with a key that can't be " -"trusted.</b>" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Copy your revocation certificate to somewhere safe" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Remember when you created your keys and saved the revocation certificate " -"that GnuPG made? It's time to copy that certificate onto the safest digital " -"storage that you have -- the ideal thing is a flash drive, disk, or hard " -"drive stored in a safe place in your home, not on a device you carry with " -"you regularly." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"If your private key ever gets lost or stolen, you'll need this certificate " -"file to let people know that you are no longer using that keypair." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Important:</em> act swiftly if someone gets your private key" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"If you lose your private key or someone else gets ahold of it (say, by " -"stealing or cracking your computer), it's important to revoke it immediately " -"before someone else uses it to read your encrypted email or forge your " -"signature. This guide doesn't cover how to revoke a key, but you can follow " -"these <a " -"href=\"https://www.hackdiary.com/2004/01/18/revoking-a-gpg-key/\">instructions</a>. " -"After you're done revoking, make a new key and send an email to everyone " -"with whom you usually use your key to make sure they know, including a copy " -"of your new key." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Webmail and GnuPG" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"When you use a web browser to access your email, you're using webmail, an " -"email program stored on a distant website. Unlike webmail, your desktop " -"email program runs on your own computer. Although webmail can't decrypt " -"encrypted email, it will still display it in its encrypted form. If you " -"primarily use webmail, you'll know to open your email client when you " -"receive a scrambled email." -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<a href=\"next_steps.html\">Great job! Check out the next steps.</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><p> -msgid "← Read the <a href=\"index.html\">full guide</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><h3><a> -msgid "" -"<a " -"href=\"https://fsf.org/share?u=https://u.fsf.org/zc&t=How public-key " -"encryption works. Infographic via %40fsf\">" -msgstr "" - -#. type: Content of: <html><body><header><div><h3> -msgid "  Share our infographic </a> with the hashtag #EmailSelfDefense" -msgstr "" - -#. type: Attribute 'alt' of: <html><body><header><div><p><img> -msgid "View & share our infographic" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"index.html\">GNU/Linux</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"mac.html\" class=\"current\">Mac OS</a>" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"This guide relies on software which is <a " -"href=\"https://www.gnu.org/philosophy/free-sw.html\">freely licensed</a>; " -"it's completely transparent and anyone can copy it or make their own " -"version. This makes it safer from surveillance than proprietary software " -"(like Windows or Mac OS). To defend your freedom as well as protect yourself " -"from surveillance, we recommend you switch to a free software operating " -"system like GNU/Linux. Learn more about free software at <a " -"href=\"https://u.fsf.org/ys\">fsf.org</a>." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"To get started, you'll need the IceDove desktop email program installed on " -"your computer. For your system, IceDove may be known by the alternate name " -"\"Thunderbird.\" Email programs are another way to access the same email " -"accounts you can access in a browser (like Gmail), but provide extra " -"features." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 1.b</em> Get GnuPG by downloading GPGTools" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"GPGTools is a software package that includes GnuPG. <a " -"href=\"https://gpgtools.org/#gpgsuite\">Download</a> and install it, " -"choosing default options whenever asked. After it's installed, you can close " -"any windows that it creates." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"There are major security flaws in versions of GnuPG provided by GPGTools " -"prior to 2018.3. Make sure you have GPGTools 2018.3 or later." -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><ul><li><img> -msgid "Step 1.C: Tools -> Add-ons" -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><ul><li><img> -msgid "Step 1.C: Search Add-ons" -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><ul><li><img> -msgid "Step 1.C: Install Add-ons" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 1.c</em> Install the Enigmail plugin for your email program" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"There are major security flaws in Enigmail prior to version 2.0.7. Make sure " -"you have Enigmail 2.0.7 or later." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"For greater security against potential attacks, you can turn off " -"HTML. Instead, you can render the message body as plain text." -msgstr "" - -#. type: Content of: <html><body><header><div><h1> -msgid "Great job!" -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#6</em> Next steps" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"You've now completed the basics of email encryption with GnuPG, taking " -"action against bulk surveillance. These next steps will help make the most " -"of the work you've done." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Join the movement" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"You've just taken a huge step towards protecting your privacy online. But " -"each of us acting alone isn't enough. To topple bulk surveillance, we need " -"to build a movement for the autonomy and freedom of all computer users. Join " -"the Free Software Foundation's community to meet like-minded people and work " -"together for change." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"<small>Read <a href=\"https://www.fsf.org/twitter\">why GNU Social and " -"Mastodon are better than Twitter</a>, and <a " -"href=\"http://www.fsf.org/facebook\">why we don't use Facebook</a>.</small>" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><p> -msgid "Low-volume mailing list" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><form> -msgid "" -"<input type=\"text\" value=\"Type your email...\" name=\"email-Primary\" " -"id=\"frmEmail\" /> <input type=\"submit\" value=\"Add me\" " -"name=\"_qf_Edit_next\" /> <input type=\"hidden\" " -"value=\"https://emailselfdefense.fsf.org/en/confirmation.html\" " -"name=\"postURL\" /> <input type=\"hidden\" value=\"1\" name=\"group[25]\" /> " -"<input type=\"hidden\" " -"value=\"https://my.fsf.org/civicrm/profile?reset=1&gid=391\" " -"name=\"cancelURL\" /> <input type=\"hidden\" value=\"Edit:cancel\" " -"name=\"_qf_default\" />" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><div><p> -msgid "" -"<small>Read our <a " -"href=\"https://my.fsf.org/donate/privacypolicy.html\">privacy " -"policy</a>.</small>" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Bring Email Self-Defense to new people" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Understanding and setting up email encryption is a daunting task for " -"many. To welcome them, make it easy to find your public key and offer to " -"help with encryption. Here are some suggestions:" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><ul><li> -msgid "" -"Lead an Email Self-Defense workshop for your friends and community, using " -"our <a href=\"workshops.html\">teaching guide</a>." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><ul><li> -msgid "" -"Use <a href=\"https://fsf.org/share?u=https://u.fsf.org/zb&t=Encrypt " -"with me using Email Self-Defense %40fsf\">our sharing page</a> to compose a " -"message to a few friends and ask them to join you in using encrypted " -"email. Remember to include your GnuPG public key fingerprint so they can " -"easily download your key." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><ul><li> -msgid "" -"Add your public key fingerprint anywhere that you normally display your " -"email address. Some good places are: your email signature (the text kind, " -"not the cryptographic kind), social media profiles, blogs, Websites, or " -"business cards. At the Free Software Foundation, we put ours on our <a " -"href=\"https://fsf.org/about/staff\">staff page</a>." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Protect more of your digital life" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Learn surveillance-resistant technologies for instant messages, hard drive " -"storage, online sharing, and more at <a " -"href=\"https://directory.fsf.org/wiki/Collection:Privacy_pack\"> the Free " -"Software Directory's Privacy Pack</a> and <a " -"href=\"https://prism-break.org\">prism-break.org</a>." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"If you are using Windows, Mac OS or any other proprietary operating system, " -"we recommend you switch to a free software operating system like " -"GNU/Linux. This will make it much harder for attackers to enter your " -"computer through hidden back doors. Check out the Free Software Foundation's " -"<a href=\"http://www.gnu.org/distros/free-distros.html\">endorsed versions " -"of GNU/Linux.</a>" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Optional: Add more email protection with Tor" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"<a href=\"https://www.torproject.org/about/overview.html.en\">The Onion " -"Router (Tor) network</a> wraps Internet communication in multiple layers of " -"encryption and bounces it around the world several times. When used " -"properly, Tor confuses surveillance field agents and the global surveillance " -"apparatus alike. Using it simultaneously with GnuPG's encryption will give " -"you the best results." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"To have your email program send and receive email over Tor, install the <a " -"href=\"https://addons.mozilla.org/en-us/thunderbird/addon/torbirdy/\">Torbirdy " -"plugin</a> the same way you installed Enigmail, by searching for it through " -"Add-ons." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Before beginning to check your email over Tor, make sure you understand <a " -"href=\"https://www.torproject.org/docs/faq.html.en#WhatProtectionsDoesTorProvide\"> " -"the security tradeoffs involved</a>. This <a " -"href=\"https://www.eff.org/pages/tor-and-https\">infographic</a> from our " -"friends at the Electronic Frontier Foundation demonstrates how Tor keeps you " -"secure." -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> -msgid "Section 6: Next Steps" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "← <a href=\"index.html\">Return to the guide</a>" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Make Email Self-Defense tools even better" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"<a href=\"https://libreplanet.org/wiki/GPG_guide/Public_Review\">Leave " -"feedback and suggest improvements to this guide</a>. We welcome " -"translations, but we ask that you contact us at <a " -"href=\"mailto:campaigns@fsf.org\">campaigns@fsf.org</a> before you start, so " -"that we can connect you with other translators working in your language." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"If you like programming, you can contribute code to <a " -"href=\"https://www.gnupg.org/\">GnuPG</a> or <a " -"href=\"https://www.enigmail.net/home/index.php\">Enigmail</a>." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"To go the extra mile, support the Free Software Foundation so we can keep " -"improving Email Self-Defense, and make more tools like it." -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"windows.html\" class=\"current\">Windows</a>" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "<em>Step 1.b</em> Get GnuPG by downloading GPG4Win" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"GPG4Win is a software package that includes GnuPG. <a " -"href=\"https://www.gpg4win.org/\">Download</a> and install it, choosing " -"default options whenever asked. After it's installed, you can close any " -"windows that it creates." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"There are major security flaws in versions of GnuPG provided by GPG4Win " -"prior to 3.1.2. Make sure you have GPG4Win 3.1.2 or later." -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li> -msgid "<a href=\"workshops.html\" class=\"current\">Teach your friends</a>" -msgstr "" - -#. type: Content of: <html><body><header><div><ul><li><a> -msgid "" -"<a href=\"https://fsf.org/share?u=https://u.fsf.org/zb&t=Email " -"encryption for everyone via %40fsf\">Share " -msgstr "" - -#. type: Content of: <html><body><header><div><div><div><p> -msgid "" -"We want to translate this guide into more languages, and make a version for " -"encryption on mobile devices. Please donate, and help people around the " -"world take the first step towards protecting their privacy with free " -"software." -msgstr "" - -#. type: Content of: <html><body><header><div><div><p><a> -msgid "" -"<a id=\"infographic\" " -"href=\"https://emailselfdefense.fsf.org/en/infographic.html\">" -msgstr "" - -#. type: Attribute 'alt' of: <html><body><header><div><div><p><a><img> -msgid "View & share our infographic →" -msgstr "" - -#. type: Content of: <html><body><header><div><div><p> -msgid "" -"</a> Understanding and setting up email encryption sounds like a daunting " -"task to many people. That's why helping your friends with GnuPG plays such " -"an important role in helping spread encryption. Even if only one person " -"shows up, that's still one more person using encryption who wasn't " -"before. You have the power to help your friends keep their digital love " -"letters private, and teach them about the importance of free software. If " -"you use GnuPG to send and receive encrypted email, you're a perfect " -"candidate for leading a workshop!" -msgstr "" - -#. type: Attribute 'alt' of: <html><body><section><div><div><p><img> -msgid "A small workshop among friends" -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#1</em> Get your friends or community interested" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"If you hear friends grumbling about their lack of privacy, ask them if " -"they're interested in attending a workshop on Email Self-Defense. If your " -"friends don't grumble about privacy, they may need some convincing. You " -"might even hear the classic \"if you've got nothing to hide, you've got " -"nothing to fear\" argument against using encryption." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Here are some talking points you can use to help explain why it's worth it " -"to learn GnuPG. Mix and match whichever you think will make sense to your " -"community:" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Strength in numbers" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Each person who chooses to resist mass surveillance with encryption makes it " -"easier for others to resist as well. People normalizing the use of strong " -"encryption has multiple powerful effects: it means those who need privacy " -"the most, like potential whistle-blowers and activists, are more likely to " -"learn about encryption. More people using encryption for more things also " -"makes it harder for surveillance systems to single out those that can't " -"afford to be found, and shows solidarity with those people." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "People you respect may already be using encryption" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Many journalists, whistleblowers, activists, and researchers use GnuPG, so " -"your friends might unknowingly have heard of a few people who use it " -"already. You can search for \"BEGIN PUBLIC KEY BLOCK\" + keyword to help " -"make a list of people and organizations who use GnuPG whom your community " -"will likely recognize." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Respect your friends' privacy" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"There's no objective way to judge what constitutes privacy-sensitive " -"correspondence. As such, it's better not to presume that just because you " -"find an email you sent to a friend innocuous, your friend (or a surveillance " -"agent, for that matter!) feels the same way. Show your friends respect by " -"encrypting your correspondence with them." -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "Privacy technology is normal in the physical world" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"In the physical realm, we take window blinds, envelopes, and closed doors " -"for granted as ways of protecting our privacy. Why should the digital realm " -"be any different?" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><h3> -msgid "We shouldn't have to trust our email providers with our privacy" -msgstr "" - -#. type: Content of: <html><body><section><div><div><div><p> -msgid "" -"Some email providers are very trustworthy, but many have incentives not to " -"protect your privacy and security. To be empowered digital citizens, we need " -"to build our own security from the bottom up." -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#2</em> Plan The Workshop" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Once you've got at least one interested friend, pick a date and start " -"planning out the workshop. Tell participants to bring their computer and ID " -"(for signing each other's keys). If you'd like to make it easy for the " -"participants to use Diceware for choosing passwords, get a pack of dice " -"beforehand. Make sure the location you select has an easily accessible " -"Internet connection, and make backup plans in case the connection stops " -"working on the day of the workshop. Libraries, coffee shops, and community " -"centers make great locations. Try to get all the participants to set up an " -"Enigmail-compatible email client before the event. Direct them to their " -"email provider's IT department or help page if they run into errors." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Estimate that the workshop will take at least forty minutes plus ten minutes " -"for each participant. Plan extra time for questions and technical glitches." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"The success of the workshop requires understanding and catering to the " -"unique backgrounds and needs of each group of participants. Workshops should " -"stay small, so that each participant receives more individualized " -"instruction. If more than a handful of people want to participate, keep the " -"facilitator to participant ratio high by recruiting more facilitators, or by " -"facilitating multiple workshops. Small workshops among friends work great!" -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#3</em> Follow the guide as a group" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Work through the Email Self-Defense guide a step at a time as a group. Talk " -"about the steps in detail, but make sure not to overload the participants " -"with minutia. Pitch the bulk of your instructions to the least tech-savvy " -"participants. Make sure all the participants complete each step before the " -"group moves on to the next one. Consider facilitating secondary workshops " -"afterwards for people that had trouble grasping the concepts, or those that " -"grasped them quickly and want to learn more." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"In <a href=\"index.html#section2\">Section 2</a> of the guide, make sure the " -"participants upload their keys to the same keyserver so that they can " -"immediately download each other's keys later (sometimes there is a delay in " -"synchronization between keyservers). During <a " -"href=\"index.html#section3\">Section 3</a>, give the participants the option " -"to send test messages to each other instead of or as well as " -"Edward. Similarly, in <a href=\"index.html#section4\">Section 4</a>, " -"encourage the participants to sign each other's keys. At the end, make sure " -"to remind people to safely back up their revocation certificates." -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#4</em> Explain the pitfalls" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Remind participants that encryption works only when it's explicitly used; " -"they won't be able to send an encrypted email to someone who hasn't already " -"set up encryption. Also remind participants to double-check the encryption " -"icon before hitting send, and that subjects and timestamps are never " -"encrypted." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Explain the <a " -"href=\"https://www.gnu.org/proprietary/proprietary.html\">dangers of running " -"a proprietary system</a> and advocate for free software, because without it, " -"we can't <a " -"href=\"https://www.fsf.org/bulletin/2013/fall/how-can-free-software-protect-us-from-surveillance\">meaningfully " -"resist invasions of our digital privacy and autonomy</a>." -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#5</em> Share additional resources" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"GnuPG's advanced options are far too complex to teach in a single " -"workshop. If participants want to know more, point out the advanced " -"subsections in the guide and consider organizing another workshop. You can " -"also share <a " -"href=\"https://www.gnupg.org/documentation/index.html\">GnuPG's</a> and <a " -"href=\"https://www.enigmail.net/index.php/documentation\">Enigmail's</a> " -"official documentation and mailing lists. Many GNU/Linux distribution's Web " -"sites also contain a page explaining some of GnuPG's advanced features." -msgstr "" - -#. type: Content of: <html><body><section><div><div><h2> -msgid "<em>#6</em> Follow up" -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"Make sure everyone has shared email addresses and public key fingerprints " -"before they leave. Encourage the participants to continue to gain GnuPG " -"experience by emailing each other. Send them each an encrypted email one " -"week after the event, reminding them to try adding their public key ID to " -"places where they publicly list their email address." -msgstr "" - -#. type: Content of: <html><body><section><div><div><p> -msgid "" -"If you have any suggestions for improving this workshop guide, please let us " -"know at <a href=\"mailto:campaigns@fsf.org\">campaigns@fsf.org</a>." -msgstr "" diff --git a/ua/.directory b/ua/.directory deleted file mode 100644 index 2a036906..00000000 --- a/ua/.directory +++ /dev/null @@ -1,3 +0,0 @@ -[Dolphin] -Timestamp=2017,11,1,19,56,28 -Version=4 diff --git a/ua/confirmation.html b/ua/confirmation.html deleted file mode 100644 index 20130dc6..00000000 --- a/ua/confirmation.html +++ /dev/null @@ -1,132 +0,0 @@ -<!DOCTYPE html> -<html lang="en"> -<head> -<meta http-equiv="content-type" content="text/html; charset=utf-8" /> -<title>Email Self-Defense - a guide to fighting surveillance with GnuPG -encryption - - - - - - - - - - - - - - - - - - - - - - - diff --git a/ua/emailselfdefense_source.zip b/ua/emailselfdefense_source.zip deleted file mode 100644 index f1fb156c..00000000 Binary files a/ua/emailselfdefense_source.zip and /dev/null differ diff --git a/ua/index.html b/ua/index.html deleted file mode 100644 index 208712cc..00000000 --- a/ua/index.html +++ /dev/null @@ -1,1158 +0,0 @@ - - - - -Email Self-Defense - a guide to fighting surveillance with GnuPG -encryption - - - - - - - - - - - - - -
- - -
- -

#1 Get the pieces

- -

This guide relies on software which is freely licensed; -it's completely transparent and anyone can copy it or make their -own version. This makes it safer from surveillance than proprietary -software (like Windows). Learn more about free software at fsf.org.

- -

Most GNU/Linux operating systems come with GnuPG installed on them, -so you don't have to download it. Before configuring GnuPG though, you'll -need the IceDove desktop email program installed on your computer. Most -GNU/Linux distributions have IceDove installed already, though it may be -under the alternate name "Thunderbird." Email programs are another way to -access the same email accounts you can access in a browser (like Gmail), -but provide extra features.

- -

If you already have an email program, you can skip to Step 1.b.

- -
- - -
-
- -

- -
-
- -

Step 1.a Set up your email program with your email account

- -

Open your email program and follow the wizard (step-by-step walkthrough) -that sets it up with your email account.

- -

Look for the letters SSL, TLS, or STARTTLS to the right of the servers -when you're setting up your account. If you don't see them, you will still -be able to use encryption, but this means that the people running your email -system are running behind the industry standard in protecting your security -and privacy. We recommend that you send them a friendly email asking them -to enable SSL, TLS, or STARTTLS for your email server. They will know what -you're talking about, so it's worth making the request even if you aren't -an expert on these security systems.

- - -
- -

Troubleshooting

- -
-
The wizard doesn't launch
-
You can launch the wizard yourself, but the menu option for doing so is -named differently in each email program. The button to launch it will be in -the program's main menu, under "New" or something similar, titled something -like "Add account" or "New/Existing email account."
- -
The wizard can't find my account or isn't downloading my mail
-
Before searching the Web, we recommend you start by asking other people -who use your email system, to figure out the correct settings.
- - - -
- -
-
-
- - -
-
-
    -
    • -
    • -
    • -
- -
-
- -

Step 1.b Install the Enigmail plugin for your email program

- -

In your email program's menu, select Add-ons (it may be in the Tools -section). Make sure Extensions is selected on the left. Do you see Enigmail? -Make sure it's the latest version. If so, skip this step.

- -

If not, search "Enigmail" with the search bar in the upper right. You -can take it from here. Restart your email program when you're done.

- -

There are major security flaws in versions of GnuPG prior to 2.2.8, and -Enigmail prior to 2.0.7. Make sure you have GnuPG 2.2.8 and Enigmail 2.0.7, -or later versions.

- - -
- -

Troubleshooting

- -
-
I can't find the menu.
-
In many new email programs, the main menu is represented by an image of -three stacked horizontal bars.
- -
My email looks weird
-
Enigmail doesn't tend to play nice with HTML, which is used to format -emails, so it may disable your HTML formatting automatically. To send an -HTML-formatted email without encryption or a signature, hold down the Shift -key when you select compose. You can then write an email as if Enigmail -wasn't there.
- - - -
- -
-
-
-
- - -
- - -
- -

#2 Make your keys

- -

To use the GnuPG system, you'll need a public key and a private key (known -together as a keypair). Each is a long string of randomly generated numbers -and letters that are unique to you. Your public and private keys are linked -together by a special mathematical function.

- -

Your public key isn't like a physical key, because it's stored in the open -in an online directory called a keyserver. People download it and use it, -along with GnuPG, to encrypt emails they send to you. You can think of the -keyserver as a phonebook; people who want to send you encrypted email can -look up your public key.

- -

Your private key is more like a physical key, because you keep it to -yourself (on your computer). You use GnuPG and your private key together to -descramble encrypted emails other people send to you. You should never share your private key with anyone, under any -circumstances.

- -

In addition to encryption and decryption, you can also use these keys to -sign messages and check the authenticity of other people's signatures. We'll -discuss this more in the next section.

- -
- - -
-
- -

- -
-
- -

Step 2.a Make a keypair

- -

The Enigmail Setup wizard may start automatically. If it doesn't, select -Enigmail → Setup Wizard from your email program's menu. You don't need -to read the text in the window that pops up unless you'd like to, but it's -good to read the text on the later screens of the wizard. Click Next with -the default options selected, except in these instances, which are listed -in the order they appear:

- -
    -
  • On the screen titled "Encryption," select "Encrypt all of my messages -by default, because privacy is critical to me."
    • - -
  • On the screen titled "Signing," select "Don't sign my messages by -default."
    • - -
  • On the screen titled "Key Selection," select "I want to create a new -key pair for signing and encrypting my email."
    • - -
  • On the screen titled "Create Key," pick a strong password! You can -do it manually, or you can use the Diceware method. Doing it manually -is faster but not as secure. Using Diceware takes longer and requires -dice, but creates a password that is much harder for attackers to figure -out. To use it, read the section "Make a secure passphrase with Diceware" in -this article by Micah Lee.
    • -
- -

If you'd like to pick a password manually, come up with something -you can remember which is at least twelve characters long, and includes -at least one lower case and upper case letter and at least one number or -punctuation symbol. Never pick a password you've used elsewhere. Don't use -any recognizable patterns, such as birthdays, telephone numbers, pets' names, -song lyrics, quotes from books, and so on.

- -

The program will take a little while to finish the next -step, the "Key Creation" screen. While you wait, do something else with your -computer, like watching a movie or browsing the Web. The more you use the -computer at this point, the faster the key creation will go.

- -

When the "Key Generation Completed" screen -pops up, select Generate Certificate and choose to save it in a safe place on -your computer (we recommend making a folder called "Revocation Certificate" -in your home folder and keeping it there). This step is essential for your -email self-defense, as you'll learn more about in Section -5.

- - -
- -

Troubleshooting

- -
-
I can't find the Enigmail menu.
-
In many new email programs, the main menu is represented by an image -of three stacked horizontal bars. Enigmail may be inside a section called -Tools.
- -
The wizard says that it cannot find GnuPG.
-
Open whatever program you usually use for installing software, and search -for GnuPG, then install it. Then restart the Enigmail setup wizard by going -to Enigmail → Setup Wizard.
- -
More resources
-
If you're having trouble with our -instructions or just want to learn more, check out -Enigmail's wiki instructions for key generation.
- - - -
- -
- - -
- -

Advanced

- -
-
Command line key generation
-
If you prefer using the command line for a higher -degree of control, you can follow the documentation from The GNU Privacy -Handbook. Make sure you stick with "RSA and RSA" (the default), -because it's newer and more secure than the algorithms the documentation -recommends. Also make sure your key is at least 2048 bits, or 4096 if you -want to be extra secure.
- -
Advanced key pairs
-
When GnuPG creates a new keypair, it compartmentalizes -the encryption function from the signing function through subkeys. If you use -subkeys carefully, you can keep your GnuPG identity much more -secure and recover from a compromised key much more quickly. Alex Cabal -and the Debian wiki -provide good guides for setting up a secure subkey configuration.
-
- -
-
-
- - -
-
- -

Step 2.b Upload your public key to a keyserver

- -

In your email program's menu, select Enigmail → Key Management.

- -

Right click on your key and select Upload Public Keys to Keyserver. You -don't have to use the default keyserver. If, after research, you would like -to change to a different default keyserver, you can change that setting -manually in the Enigmail preferences.

- -

Now someone who wants to send you an encrypted message can -download your public key from the Internet. There are multiple keyservers -that you can select from the menu when you upload, but they are all copies -of each other, so it doesn't matter which one you use. However, it sometimes -takes a few hours for them to match each other when a new key is uploaded.

- - -
- -

Troubleshooting

- -
-
The progress bar never finishes
-
Close the upload popup, make sure you are connected to the Internet, -and try again. If that doesn't work, try again, selecting a different -keyserver.
- -
My key doesn't appear in the list
-
Try checking "Display All Keys by Default."
- -
More documentation
-
If you're having trouble with our -instructions or just want to learn more, check out -Enigmail's documentation.
- - - -
- -
- - -
- -

Advanced

- -
-
Uploading a key from the command line
-
You can also upload your keys to a keyserver through the command line. The sks Web site -maintains a list of highly interconnected keyservers. You can also directly export -your key as a file on your computer.
-
- -
-
-
- - -
-
- -

GnuPG, OpenPGP, what?

- -

In general, the terms GnuPG, GPG, GNU Privacy Guard, OpenPGP and PGP -are used interchangeably. Technically, OpenPGP (Pretty Good Privacy) is the -encryption standard, and GNU Privacy Guard (often shortened to GPG or GnuPG) -is the program that implements the standard. Enigmail is a plug-in program -for your email program that provides an interface for GnuPG.

- -
-
-
- - -
- - -
- -

#3 Try it out!

- -

Now you'll try a test correspondence with a computer program named Edward, -who knows how to use encryption. Except where noted, these are the same -steps you'd follow when corresponding with a real, live person.

- - -
- - -
-
- -

- -
-
- -

Step 3.a Send Edward your public key

- -

This is a special step that you won't have to do when corresponding -with real people. In your email program's menu, go to Enigmail → Key -Management. You should see your key in the list that pops up. Right click -on your key and select Send Public Keys by Email. This will create a new -draft message, as if you had just hit the Write button.

- -

Address the message to edward-en@fsf.org. Put at least one word -(whatever you want) in the subject and body of the email. Don't send yet.

- -

The lock icon in the top left should be yellow, meaning encryption is -turned on. We want this first special message to be unencrypted, so -click the icon once to turn it off. The lock should become grey, with a -blue dot on it (to alert you that the setting has been changed from the -default). Once encryption is off, hit Send.

- -

It may take two or three minutes for Edward to -respond. In the meantime, you might want to skip ahead and check out the Use it Well section of this guide. Once he's responded, -head to the next step. From here on, you'll be doing just the same thing as -when corresponding with a real person.

- -

When you open Edward's reply, GnuPG may prompt you for your password -before using your private key to decrypt it.

- -
-
- - -
-
- -

Step 3.b Send a test encrypted email

- -

Write a new email in your email program, addressed to edward-en@fsf.org. Make the subject -"Encryption test" or something similar and write something in the body.

- -

The lock icon in the top left of the window should be yellow, meaning -encryption is on. This will be your default from now on.

- -

Next to the lock, you'll notice an icon of a pencil. We'll -get to this in a moment.

- -

Click Send. Enigmail will pop up a window that says "Recipients not valid, -not trusted or not found."

- -

To encrypt an email to Edward, you need his public key, so now you'll have -Enigmail download it from a keyserver. Click Download Missing Keys and use -the default in the pop-up that asks you to choose a keyserver. Once it finds -keys, check the first one (Key ID starting with C), then select ok. Select -ok in the next pop-up.

- -

Now you are back at the "Recipients not valid, not trusted or not found" -screen. Check the box in front of Edward's key and click Send.

- -

Since you encrypted this email with Edward's public key, -Edward's private key is required to decrypt it. Edward is the only one with -his private key, so no one except him can decrypt it.

- - -
- -

Troubleshooting

- -
-
Enigmail can't find Edward's key
-
Close the pop-ups that have appeared since you clicked Send. Make sure -you are connected to the Internet and try again. If that doesn't work, repeat -the process, choosing a different keyserver when it asks you to pick one.
- -
Unscrambled messages in the Sent folder
-
Even though you can't decrypt messages encrypted to someone else's key, -your email program will automatically save a copy encrypted to your public key, -which you'll be able to view from the Sent folder like a normal email. This -is normal, and it doesn't mean that your email was not sent encrypted.
- -
More resources
-
If you're still having trouble with our -instructions or just want to learn more, check out -Enigmail's wiki.
- - - -
- -
- - -
- -

Advanced

- -
-
Encrypt messages from the command line
-
You can also encrypt and decrypt messages and files from the command line, -if that's your preference. The option --armor makes the encrypted output -appear in the regular character set.
-
- -
-
-
- - -
-
- -

Important: Security tips

- -

Even if you encrypt your email, the subject line is not encrypted, so -don't put private information there. The sending and receiving addresses -aren't encrypted either, so a surveillance system can still figure out who -you're communicating with. Also, surveillance agents will know that you're -using GnuPG, even if they can't figure out what you're saying. When you -send attachments, Enigmail will give you the choice to encrypt them or not, -independent of the actual email.

- -

For greater security against potential attacks, you can turn off -HTML. Instead, you can render the message body as plain text. In order -to do this in Thunderbird, go to View > Message Body As > Plain -Text.

- -
-
- - -
-
- -

Step 3.c Receive a response

- -

When Edward receives your email, he will use his private key to decrypt -it, then reply to you.

- -

It may take two or three minutes for Edward to -respond. In the meantime, you might want to skip ahead and check out the Use it Well section of this guide.

- -
-
- - -
-
- -

Step 3.d Send a test signed email

- -

GnuPG includes a way for you to sign messages and files, verifying that -they came from you and that they weren't tampered with along the way. These -signatures are stronger than their pen-and-paper cousins -- they're impossible -to forge, because they're impossible to create without your private key -(another reason to keep your private key safe).

- -

You can sign messages to anyone, so it's a great way to make people -aware that you use GnuPG and that they can communicate with you securely. If -they don't have GnuPG, they will be able to read your message and see your -signature. If they do have GnuPG, they'll also be able to verify that your -signature is authentic.

- -

To sign an email to Edward, compose any message to him and click the -pencil icon next to the lock icon so that it turns gold. If you sign a -message, GnuPG may ask you for your password before it sends the message, -because it needs to unlock your private key for signing.

- -

With the lock and pencil icons, you can choose whether each message will -be encrypted, signed, both, or neither.

- -
-
- - -
-
- -

Step 3.e Receive a response

- -

When Edward receives your email, he will use your public key (which -you sent him in Step 3.A) to verify the message -you sent has not been tampered with and to encrypt his reply to you.

- -

It may take two or three minutes for Edward to -respond. In the meantime, you might want to skip ahead and check out the Use it Well section of this guide.

- -

Edward's reply will arrive encrypted, because he prefers to use encryption -whenever possible. If everything goes according to plan, it should say -"Your signature was verified." If your test signed email was also encrypted, -he will mention that first.

- -

When you receive Edward's email and open it, Enigmail will -automatically detect that it is encrypted with your public key, and -then it will use your private key to decrypt it.

- -

Notice the bar that Enigmail shows you above the message, with -information about the status of Edward's key.

- -
-
-
- - -
- - -
- -

#4 Learn the Web of Trust

- -

Email encryption is a powerful technology, but it has a weakness; -it requires a way to verify that a person's public key is actually -theirs. Otherwise, there would be no way to stop an attacker from making -an email address with your friend's name, creating keys to go with it and -impersonating your friend. That's why the free software programmers that -developed email encryption created keysigning and the Web of Trust.

- -

When you sign someone's key, you are publicly saying that you've verified -that it belongs to them and not someone else.

- -

Signing keys and signing messages use the same type of mathematical -operation, but they carry very different implications. It's a good practice -to generally sign your email, but if you casually sign people's keys, you -may accidently end up vouching for the identity of an imposter.

- -

People who use your public key can see who has signed it. Once you've -used GnuPG for a long time, your key may have hundreds of signatures. You -can consider a key to be more trustworthy if it has many signatures from -people that you trust. The Web of Trust is a constellation of GnuPG users, -connected to each other by chains of trust expressed through signatures.

- -
- - -
-
- -

- -
-
- -

Step 4.a Sign a key

- -

In your email program's menu, go to Enigmail → Key Management.

- -

Right click on Edward's public key and select Sign Key from the context -menu.

- -

In the window that pops up, select "I will not answer" and click ok.

- -

Now you should be back at the Key Management menu. Select Keyserver → -Upload Public Keys and hit ok.

- -

You've just effectively said "I trust that Edward's public -key actually belongs to Edward." This doesn't mean much because Edward isn't -a real person, but it's good practice.

- - -
-
- - -
-
- -

Identifying keys: Fingerprints and IDs

- -

People's public keys are usually identified by their key fingerprint, -which is a string of digits like F357AA1A5B1FA42CFD9FE52A9FF2194CC09A61E8 -(for Edward's key). You can see the fingerprint for your public key, and -other public keys saved on your computer, by going to Enigmail → Key -Management in your email program's menu, then right clicking on the key -and choosing Key Properties. It's good practice to share your fingerprint -wherever you share your email address, so that people can double-check that -they have the correct public key when they download yours from a keyserver.

- -

You may also see public keys referred to by a shorter -key ID. This key ID is visible directly from the Key Management -window. These eight character key IDs were previously used for -identification, which used to be safe, but is no longer reliable. You -need to check the full fingerprint as part of verifying you have the -correct key for the person you are trying to contact. Spoofing, in -which someone intentionally generates a key with a fingerprint whose -final eight characters are the same as another, is unfortunately -common.

- -
-
- - -
-
- -

Important: What to consider when signing keys

- -

Before signing a person's key, you need to be confident that it actually -belongs to them, and that they are who they say they are. Ideally, this -confidence comes from having interactions and conversations with them over -time, and witnessing interactions between them and others. Whenever signing -a key, ask to see the full public key fingerprint, and not just the shorter -key ID. If you feel it's important to sign the key of someone you've just -met, also ask them to show you their government identification, and make -sure the name on the ID matches the name on the public key. In Enigmail, -answer honestly in the window that pops up and asks "How carefully have you -verified that the key you are about to sign actually belongs to the person(s) -named above?"

- - -
- -

Advanced

- -
-
Master the Web of Trust
-
Unfortunately, trust does not spread between users the way many people -think. One of best ways to strengthen the GnuPG community is to deeply understand the Web of -Trust and to carefully sign as many people's keys as circumstances permit.
- -
Set ownertrust
-
If you trust someone enough to validate other people's keys, you can assign -them an ownertrust level through Enigmails's key management window. Right -click on the other person's key, go to the "Select Owner Trust" menu option, -select the trustlevel and click OK. Only do this once you feel you have a -deep understanding of the Web of Trust.
-
- -
-
-
-
- - -
- - -
- -

#5 Use it well

- -

Everyone uses GnuPG a little differently, but it's important to follow -some basic practices to keep your email secure. Not following them, you -risk the privacy of the people you communicate with, as well as your own, -and damage the Web of Trust.

- -
- - -
-
- -

- -
-
- -

When should I encrypt? When should I sign?

- -

The more you can encrypt your messages, the better. If you only encrypt -emails occasionally, each encrypted message could raise a red flag for -surveillance systems. If all or most of your email is encrypted, people -doing surveillance won't know where to start. That's not to say that only -encrypting some of your email isn't helpful -- it's a great start and it -makes bulk surveillance more difficult.

- -

Unless you don't want to reveal your own identity (which requires other -protective measures), there's no reason not to sign every message, whether or -not you are encrypting. In addition to allowing those with GnuPG to verify -that the message came from you, signing is a non-intrusive way to remind -everyone that you use GnuPG and show support for secure communication. If you -often send signed messages to people that aren't familiar with GnuPG, it's -nice to also include a link to this guide in your standard email signature -(the text kind, not the cryptographic kind).

- -
-
- - -
-
- -

- -
-
- -

Be wary of invalid keys

- -

GnuPG makes email safer, but it's still important to watch out for invalid -keys, which might have fallen into the wrong hands. Email encrypted with -invalid keys might be readable by surveillance programs.

- -

In your email program, go back to the first encrypted email that Edward -sent you. Because Edward encrypted it with your public key, it will have a -message from Enigmail at the top, which most likely says "Enigmail: Part of -this message encrypted."

- -

When using GnuPG, make a habit of glancing at that bar. The program -will warn you there if you get an email signed with a key that can't -be trusted.

- -
-
- - -
-
- -

Copy your revocation certificate to somewhere safe

- -

Remember when you created your keys and saved the revocation certificate -that GnuPG made? It's time to copy that certificate onto the safest digital -storage that you have -- the ideal thing is a flash drive, disk, or hard -drive stored in a safe place in your home, not on a device you carry with -you regularly.

- -

If your private key ever gets lost or stolen, you'll need this certificate -file to let people know that you are no longer using that keypair.

- -
-
- - -
-
- -

Important: act swiftly if someone gets your private key

- -

If you lose your private key or someone else gets ahold -of it (say, by stealing or cracking your computer), it's -important to revoke it immediately before someone else uses -it to read your encrypted email or forge your signature. This -guide doesn't cover how to revoke a key, but you can follow these instructions. -After you're done revoking, make a new key and send an email to everyone -with whom you usually use your key to make sure they know, including a copy -of your new key.

- -
-
- - - - - -
-
- -

Webmail and GnuPG

- -

When you use a web browser to access your email, you're using webmail, -an email program stored on a distant website. Unlike webmail, your desktop -email program runs on your own computer. Although webmail can't decrypt -encrypted email, it will still display it in its encrypted form. If you -primarily use webmail, you'll know to open your email client when you receive -a scrambled email.

- -
-
- - -
- - -
- -
- - - - - - - - - - - - - - - - diff --git a/ua/infographic.html b/ua/infographic.html deleted file mode 100644 index 77f937b4..00000000 --- a/ua/infographic.html +++ /dev/null @@ -1,129 +0,0 @@ - - - - -Email Self-Defense - a guide to fighting surveillance with GnuPG -encryption - - - - - - - - - - - - - - - - - - - - - - - diff --git a/ua/kitchen/assemble-all-pages b/ua/kitchen/assemble-all-pages deleted file mode 100755 index 1862e28f..00000000 --- a/ua/kitchen/assemble-all-pages +++ /dev/null @@ -1,115 +0,0 @@ -#!/bin/bash - -## assemble-all-pages -- generate a set of HTML pages with variable parts -# for emailselfdefense.fsf.org - -## Synopsis: assemble-all-pages - -## Description - -# Each page is built from a template and one or several includes, as usual; -# in addition, several versions of a page can be built from a single -# template which contains all the variable parts, by deleting irrelevant -# text. - -# The templates have inclusion markers (similar to SSI directives, except -# for the lack of "#") to indicate where the constant parts are to be -# inserted, and deletion markers to identify the borders of each deletion -# and indicate which page(s) the text between those borders belongs to. - -# The script processes all the templates in the working directory and the -# pages are created in the parent directory. - -# Ideally, any modifications should be done to the templates or includes, -# not to the final pages. - -# Templates: confirmation.t.html -# index.t.html (contains variable parts for mac and windows) -# infographic.t.html -# next_steps.t.html - -# Includes: footer.html -# head.html -# javascript.html -# translist.html - -## Graphic-user-interface howto - -# - Place the script in the same directory as the templates. -# - Display this directory in the file browser (do not just unfold the parent -# directory) and double-click on the script. - -# And if anything goes wrong, you can do a git reset, right? ;-) - -# =========================================================================== - -set -e -set -o pipefail - -function close_term () { - exit $1 -} - -# Create temporary files. -names=$(mktemp -t aap.XXXXXX) || close_term 1 -list=$(mktemp -t aap.XXXXXX) || close_term 1 -before=$(mktemp -t aap.XXXXXX) || close_term 1 -after=$(mktemp -t aap.XXXXXX) || close_term 1 -trap 'rm -f "$names" "$list" "$before" "$after"' EXIT - -# List all the templates in the working directory. -if ls *.t.html > $names 2>/dev/null; then - sed -i 's,\.t\.html$,,' $names -else - echo "*** There is no template in this directory." && close_term 1 -fi - -## Add the includes to the templates. - -while read name; do - # Make sure there is a blank line before the first include, otherwise - # it will not be added properly. - sed '1i\\n' $name.t.html > ../$name.html - # List the includes. - grep '^ - - - -${diff_file##*\/} - -
-EOF
-
-# Run wdiff with options to add the proper markup at the beginning and end of
-# deletions and insertions.
-wdiff --start-delete '' \
-      --end-delete '' \
-      --start-insert '' \
-      --end-insert '' \
-      ${f[0]} ${f[1]} >> $diff_file || true
-
-# Add the closing tags.
-echo '
' >> ${diff_file} - -echo -e "\n The diff file is $diff_file." -close_term 0 diff --git a/ua/kitchen/confirmation.t.html b/ua/kitchen/confirmation.t.html deleted file mode 100644 index 4b854bd3..00000000 --- a/ua/kitchen/confirmation.t.html +++ /dev/null @@ -1,43 +0,0 @@ - - - - - - - diff --git a/ua/kitchen/footer.html b/ua/kitchen/footer.html deleted file mode 100644 index b6f0afb6..00000000 --- a/ua/kitchen/footer.html +++ /dev/null @@ -1,52 +0,0 @@ - - - diff --git a/ua/kitchen/head.html b/ua/kitchen/head.html deleted file mode 100644 index 9bf94dd3..00000000 --- a/ua/kitchen/head.html +++ /dev/null @@ -1,18 +0,0 @@ - - - - -Email Self-Defense - a guide to fighting surveillance with GnuPG -encryption - - - - - - - - diff --git a/ua/kitchen/index.t.html b/ua/kitchen/index.t.html deleted file mode 100644 index b64c586c..00000000 --- a/ua/kitchen/index.t.html +++ /dev/null @@ -1,1152 +0,0 @@ - - - - - - -
- - -
- -

#1 Get the pieces

- - -

This guide relies on software which is freely licensed; -it's completely transparent and anyone can copy it or make their -own version. This makes it safer from surveillance than proprietary -software (like Windows). Learn more about free software at fsf.org.

- -

Most GNU/Linux operating systems come with GnuPG installed on them, -so you don't have to download it. Before configuring GnuPG though, you'll -need the IceDove desktop email program installed on your computer. Most -GNU/Linux distributions have IceDove installed already, though it may be -under the alternate name "Thunderbird." Email programs are another way to -access the same email accounts you can access in a browser (like Gmail), -but provide extra features.

- - -

This guide relies on software which is freely licensed; it's -completely transparent and anyone can copy it or make their own version. This -makes it safer from surveillance than proprietary software (like Windows or Mac -OS). To defend your freedom as well as protect yourself from surveillance, we -recommend you switch to a free software operating system like GNU/Linux. Learn -more about free software at fsf.org.

- -

To get started, you'll need the IceDove desktop email program installed -on your computer. For your system, IceDove may be known by the alternate name -"Thunderbird." Email programs are another way to access the same email accounts -you can access in a browser (like Gmail), but provide extra features.

- - -

If you already have an email program, you can skip to Step 1.b.

- -
- - -
-
- -

- -
-
- -

Step 1.a Set up your email program with your email account

- -

Open your email program and follow the wizard (step-by-step walkthrough) -that sets it up with your email account.

- -

Look for the letters SSL, TLS, or STARTTLS to the right of the servers -when you're setting up your account. If you don't see them, you will still -be able to use encryption, but this means that the people running your email -system are running behind the industry standard in protecting your security -and privacy. We recommend that you send them a friendly email asking them -to enable SSL, TLS, or STARTTLS for your email server. They will know what -you're talking about, so it's worth making the request even if you aren't -an expert on these security systems.

- - -
- -

Troubleshooting

- -
-
The wizard doesn't launch
-
You can launch the wizard yourself, but the menu option for doing so is -named differently in each email program. The button to launch it will be in -the program's main menu, under "New" or something similar, titled something -like "Add account" or "New/Existing email account."
- -
The wizard can't find my account or isn't downloading my mail
-
Before searching the Web, we recommend you start by asking other people -who use your email system, to figure out the correct settings.
- - - -
- -
-
-
- - - -
-
- -

Step 1.b Get GnuPG by downloading GPGTools

- -

GPGTools is a software package that includes GnuPG. Download and install it, choosing -default options whenever asked. After it's installed, you can close any -windows that it creates.

- -

There are major security flaws in versions of GnuPG provided by GPGTools -prior to 2018.3. Make sure you have GPGTools 2018.3 or later.

- -
-
- - - -
-
- -

Step 1.b Get GnuPG by downloading GPG4Win

- -

GPG4Win is a software package that includes GnuPG. Download and install it, choosing default -options whenever asked. After it's installed, you can close any windows that -it creates.

- -

There are major security flaws in versions of GnuPG provided by GPG4Win -prior to 3.1.2. Make sure you have GPG4Win 3.1.2 or later.

- -
-
- - - -
-
-
    -
    • -
    • -
    • -
- -
-
- -

Step 1.b Install the Enigmail plugin for your email program

- -

In your email program's menu, select Add-ons (it may be in the Tools -section). Make sure Extensions is selected on the left. Do you see Enigmail? -Make sure it's the latest version. If so, skip this step.

- -

If not, search "Enigmail" with the search bar in the upper right. You -can take it from here. Restart your email program when you're done.

- -

There are major security flaws in versions of GnuPG prior to 2.2.8, and -Enigmail prior to 2.0.7. Make sure you have GnuPG 2.2.8 and Enigmail 2.0.7, -or later versions.

- - - - - -
-
-
    -
    • -
    • -
    • -
- -
-
- -

Step 1.c Install the Enigmail plugin for your email program

- -

In your email program's menu, select Add-ons (it may be in the Tools -section). Make sure Extensions is selected on the left. Do you see Enigmail? -Make sure it's the latest version. If so, skip this step.

- -

If not, search "Enigmail" with the search bar in the upper right. You -can take it from here. Restart your email program when you're done.

- -

There are major security flaws in Enigmail prior to version 2.0.7. Make -sure you have Enigmail 2.0.7 or later.

- - - -
- -

Troubleshooting

- -
-
I can't find the menu.
-
In many new email programs, the main menu is represented by an image of -three stacked horizontal bars.
- -
My email looks weird
-
Enigmail doesn't tend to play nice with HTML, which is used to format -emails, so it may disable your HTML formatting automatically. To send an -HTML-formatted email without encryption or a signature, hold down the Shift -key when you select compose. You can then write an email as if Enigmail -wasn't there.
- - - -
- -
-
-
-
- - -
- - -
- -

#2 Make your keys

- -

To use the GnuPG system, you'll need a public key and a private key (known -together as a keypair). Each is a long string of randomly generated numbers -and letters that are unique to you. Your public and private keys are linked -together by a special mathematical function.

- -

Your public key isn't like a physical key, because it's stored in the open -in an online directory called a keyserver. People download it and use it, -along with GnuPG, to encrypt emails they send to you. You can think of the -keyserver as a phonebook; people who want to send you encrypted email can -look up your public key.

- -

Your private key is more like a physical key, because you keep it to -yourself (on your computer). You use GnuPG and your private key together to -descramble encrypted emails other people send to you. You should never share your private key with anyone, under any -circumstances.

- -

In addition to encryption and decryption, you can also use these keys to -sign messages and check the authenticity of other people's signatures. We'll -discuss this more in the next section.

- -
- - -
-
- -

- -
-
- -

Step 2.a Make a keypair

- -

The Enigmail Setup wizard may start automatically. If it doesn't, select -Enigmail → Setup Wizard from your email program's menu. You don't need -to read the text in the window that pops up unless you'd like to, but it's -good to read the text on the later screens of the wizard. Click Next with -the default options selected, except in these instances, which are listed -in the order they appear:

- -
    -
  • On the screen titled "Encryption," select "Encrypt all of my messages -by default, because privacy is critical to me."
    • - -
  • On the screen titled "Signing," select "Don't sign my messages by -default."
    • - -
  • On the screen titled "Key Selection," select "I want to create a new -key pair for signing and encrypting my email."
    • - -
  • On the screen titled "Create Key," pick a strong password! You can -do it manually, or you can use the Diceware method. Doing it manually -is faster but not as secure. Using Diceware takes longer and requires -dice, but creates a password that is much harder for attackers to figure -out. To use it, read the section "Make a secure passphrase with Diceware" in -this article by Micah Lee.
    • -
- -

If you'd like to pick a password manually, come up with something -you can remember which is at least twelve characters long, and includes -at least one lower case and upper case letter and at least one number or -punctuation symbol. Never pick a password you've used elsewhere. Don't use -any recognizable patterns, such as birthdays, telephone numbers, pets' names, -song lyrics, quotes from books, and so on.

- -

The program will take a little while to finish the next -step, the "Key Creation" screen. While you wait, do something else with your -computer, like watching a movie or browsing the Web. The more you use the -computer at this point, the faster the key creation will go.

- -

When the "Key Generation Completed" screen -pops up, select Generate Certificate and choose to save it in a safe place on -your computer (we recommend making a folder called "Revocation Certificate" -in your home folder and keeping it there). This step is essential for your -email self-defense, as you'll learn more about in Section -5.

- - -
- -

Troubleshooting

- -
-
I can't find the Enigmail menu.
-
In many new email programs, the main menu is represented by an image -of three stacked horizontal bars. Enigmail may be inside a section called -Tools.
- - -
The wizard says that it cannot find GnuPG.
-
Open whatever program you usually use for installing software, and search -for GnuPG, then install it. Then restart the Enigmail setup wizard by going -to Enigmail → Setup Wizard.
- - -
More resources
-
If you're having trouble with our -instructions or just want to learn more, check out -Enigmail's wiki instructions for key generation.
- - - -
- -
- - -
- -

Advanced

- -
-
Command line key generation
-
If you prefer using the command line for a higher -degree of control, you can follow the documentation from The GNU Privacy -Handbook. Make sure you stick with "RSA and RSA" (the default), -because it's newer and more secure than the algorithms the documentation -recommends. Also make sure your key is at least 2048 bits, or 4096 if you -want to be extra secure.
- -
Advanced key pairs
-
When GnuPG creates a new keypair, it compartmentalizes -the encryption function from the signing function through subkeys. If you use -subkeys carefully, you can keep your GnuPG identity much more -secure and recover from a compromised key much more quickly. Alex Cabal -and the Debian wiki -provide good guides for setting up a secure subkey configuration.
-
- -
-
-
- - -
-
- -

Step 2.b Upload your public key to a keyserver

- -

In your email program's menu, select Enigmail → Key Management.

- -

Right click on your key and select Upload Public Keys to Keyserver. You -don't have to use the default keyserver. If, after research, you would like -to change to a different default keyserver, you can change that setting -manually in the Enigmail preferences.

- -

Now someone who wants to send you an encrypted message can -download your public key from the Internet. There are multiple keyservers -that you can select from the menu when you upload, but they are all copies -of each other, so it doesn't matter which one you use. However, it sometimes -takes a few hours for them to match each other when a new key is uploaded.

- - -
- -

Troubleshooting

- -
-
The progress bar never finishes
-
Close the upload popup, make sure you are connected to the Internet, -and try again. If that doesn't work, try again, selecting a different -keyserver.
- -
My key doesn't appear in the list
-
Try checking "Display All Keys by Default."
- -
More documentation
-
If you're having trouble with our -instructions or just want to learn more, check out -Enigmail's documentation.
- - - -
- -
- - -
- -

Advanced

- -
-
Uploading a key from the command line
-
You can also upload your keys to a keyserver through the command line. The sks Web site -maintains a list of highly interconnected keyservers. You can also directly export -your key as a file on your computer.
-
- -
-
-
- - -
-
- -

GnuPG, OpenPGP, what?

- -

In general, the terms GnuPG, GPG, GNU Privacy Guard, OpenPGP and PGP -are used interchangeably. Technically, OpenPGP (Pretty Good Privacy) is the -encryption standard, and GNU Privacy Guard (often shortened to GPG or GnuPG) -is the program that implements the standard. Enigmail is a plug-in program -for your email program that provides an interface for GnuPG.

- -
-
-
- - -
- - -
- -

#3 Try it out!

- -

Now you'll try a test correspondence with a computer program named Edward, -who knows how to use encryption. Except where noted, these are the same -steps you'd follow when corresponding with a real, live person.

- - -
- - -
-
- -

- -
-
- -

Step 3.a Send Edward your public key

- -

This is a special step that you won't have to do when corresponding -with real people. In your email program's menu, go to Enigmail → Key -Management. You should see your key in the list that pops up. Right click -on your key and select Send Public Keys by Email. This will create a new -draft message, as if you had just hit the Write button.

- -

Address the message to edward-en@fsf.org. Put at least one word -(whatever you want) in the subject and body of the email. Don't send yet.

- -

The lock icon in the top left should be yellow, meaning encryption is -turned on. We want this first special message to be unencrypted, so -click the icon once to turn it off. The lock should become grey, with a -blue dot on it (to alert you that the setting has been changed from the -default). Once encryption is off, hit Send.

- -

It may take two or three minutes for Edward to -respond. In the meantime, you might want to skip ahead and check out the Use it Well section of this guide. Once he's responded, -head to the next step. From here on, you'll be doing just the same thing as -when corresponding with a real person.

- -

When you open Edward's reply, GnuPG may prompt you for your password -before using your private key to decrypt it.

- -
-
- - -
-
- -

Step 3.b Send a test encrypted email

- -

Write a new email in your email program, addressed to edward-en@fsf.org. Make the subject -"Encryption test" or something similar and write something in the body.

- -

The lock icon in the top left of the window should be yellow, meaning -encryption is on. This will be your default from now on.

- -

Next to the lock, you'll notice an icon of a pencil. We'll -get to this in a moment.

- -

Click Send. Enigmail will pop up a window that says "Recipients not valid, -not trusted or not found."

- -

To encrypt an email to Edward, you need his public key, so now you'll have -Enigmail download it from a keyserver. Click Download Missing Keys and use -the default in the pop-up that asks you to choose a keyserver. Once it finds -keys, check the first one (Key ID starting with C), then select ok. Select -ok in the next pop-up.

- -

Now you are back at the "Recipients not valid, not trusted or not found" -screen. Check the box in front of Edward's key and click Send.

- -

Since you encrypted this email with Edward's public key, -Edward's private key is required to decrypt it. Edward is the only one with -his private key, so no one except him can decrypt it.

- - -
- -

Troubleshooting

- -
-
Enigmail can't find Edward's key
-
Close the pop-ups that have appeared since you clicked Send. Make sure -you are connected to the Internet and try again. If that doesn't work, repeat -the process, choosing a different keyserver when it asks you to pick one.
- -
Unscrambled messages in the Sent folder
-
Even though you can't decrypt messages encrypted to someone else's key, -your email program will automatically save a copy encrypted to your public key, -which you'll be able to view from the Sent folder like a normal email. This -is normal, and it doesn't mean that your email was not sent encrypted.
- -
More resources
-
If you're still having trouble with our -instructions or just want to learn more, check out -Enigmail's wiki.
- - - -
- -
- - -
- -

Advanced

- -
-
Encrypt messages from the command line
-
You can also encrypt and decrypt messages and files from the command line, -if that's your preference. The option --armor makes the encrypted output -appear in the regular character set.
-
- -
-
-
- - -
-
- -

Important: Security tips

- -

Even if you encrypt your email, the subject line is not encrypted, so -don't put private information there. The sending and receiving addresses -aren't encrypted either, so a surveillance system can still figure out who -you're communicating with. Also, surveillance agents will know that you're -using GnuPG, even if they can't figure out what you're saying. When you -send attachments, Enigmail will give you the choice to encrypt them or not, -independent of the actual email.

- - -

For greater security against potential attacks, you can turn off -HTML. Instead, you can render the message body as plain text. In order -to do this in Thunderbird, go to View > Message Body As > Plain -Text.

- - -

For greater security against potential attacks, you can turn off -HTML. Instead, you can render the message body as plain text.

- - -
-
- - -
-
- -

Step 3.c Receive a response

- -

When Edward receives your email, he will use his private key to decrypt -it, then reply to you.

- -

It may take two or three minutes for Edward to -respond. In the meantime, you might want to skip ahead and check out the Use it Well section of this guide.

- -
-
- - -
-
- -

Step 3.d Send a test signed email

- -

GnuPG includes a way for you to sign messages and files, verifying that -they came from you and that they weren't tampered with along the way. These -signatures are stronger than their pen-and-paper cousins -- they're impossible -to forge, because they're impossible to create without your private key -(another reason to keep your private key safe).

- -

You can sign messages to anyone, so it's a great way to make people -aware that you use GnuPG and that they can communicate with you securely. If -they don't have GnuPG, they will be able to read your message and see your -signature. If they do have GnuPG, they'll also be able to verify that your -signature is authentic.

- -

To sign an email to Edward, compose any message to him and click the -pencil icon next to the lock icon so that it turns gold. If you sign a -message, GnuPG may ask you for your password before it sends the message, -because it needs to unlock your private key for signing.

- -

With the lock and pencil icons, you can choose whether each message will -be encrypted, signed, both, or neither.

- -
-
- - -
-
- -

Step 3.e Receive a response

- -

When Edward receives your email, he will use your public key (which -you sent him in Step 3.A) to verify the message -you sent has not been tampered with and to encrypt his reply to you.

- -

It may take two or three minutes for Edward to -respond. In the meantime, you might want to skip ahead and check out the Use it Well section of this guide.

- -

Edward's reply will arrive encrypted, because he prefers to use encryption -whenever possible. If everything goes according to plan, it should say -"Your signature was verified." If your test signed email was also encrypted, -he will mention that first.

- -

When you receive Edward's email and open it, Enigmail will -automatically detect that it is encrypted with your public key, and -then it will use your private key to decrypt it.

- -

Notice the bar that Enigmail shows you above the message, with -information about the status of Edward's key.

- -
-
-
- - -
- - -
- -

#4 Learn the Web of Trust

- -

Email encryption is a powerful technology, but it has a weakness; -it requires a way to verify that a person's public key is actually -theirs. Otherwise, there would be no way to stop an attacker from making -an email address with your friend's name, creating keys to go with it and -impersonating your friend. That's why the free software programmers that -developed email encryption created keysigning and the Web of Trust.

- -

When you sign someone's key, you are publicly saying that you've verified -that it belongs to them and not someone else.

- -

Signing keys and signing messages use the same type of mathematical -operation, but they carry very different implications. It's a good practice -to generally sign your email, but if you casually sign people's keys, you -may accidently end up vouching for the identity of an imposter.

- -

People who use your public key can see who has signed it. Once you've -used GnuPG for a long time, your key may have hundreds of signatures. You -can consider a key to be more trustworthy if it has many signatures from -people that you trust. The Web of Trust is a constellation of GnuPG users, -connected to each other by chains of trust expressed through signatures.

- -
- - -
-
- -

- -
-
- -

Step 4.a Sign a key

- -

In your email program's menu, go to Enigmail → Key Management.

- -

Right click on Edward's public key and select Sign Key from the context -menu.

- -

In the window that pops up, select "I will not answer" and click ok.

- -

Now you should be back at the Key Management menu. Select Keyserver → -Upload Public Keys and hit ok.

- -

You've just effectively said "I trust that Edward's public -key actually belongs to Edward." This doesn't mean much because Edward isn't -a real person, but it's good practice.

- - -
-
- - -
-
- -

Identifying keys: Fingerprints and IDs

- -

People's public keys are usually identified by their key fingerprint, -which is a string of digits like F357AA1A5B1FA42CFD9FE52A9FF2194CC09A61E8 -(for Edward's key). You can see the fingerprint for your public key, and -other public keys saved on your computer, by going to Enigmail → Key -Management in your email program's menu, then right clicking on the key -and choosing Key Properties. It's good practice to share your fingerprint -wherever you share your email address, so that people can double-check that -they have the correct public key when they download yours from a keyserver.

- -

You may also see public keys referred to by a shorter -key ID. This key ID is visible directly from the Key Management -window. These eight character key IDs were previously used for -identification, which used to be safe, but is no longer reliable. You -need to check the full fingerprint as part of verifying you have the -correct key for the person you are trying to contact. Spoofing, in -which someone intentionally generates a key with a fingerprint whose -final eight characters are the same as another, is unfortunately -common.

- -
-
- - -
-
- -

Important: What to consider when signing keys

- -

Before signing a person's key, you need to be confident that it actually -belongs to them, and that they are who they say they are. Ideally, this -confidence comes from having interactions and conversations with them over -time, and witnessing interactions between them and others. Whenever signing -a key, ask to see the full public key fingerprint, and not just the shorter -key ID. If you feel it's important to sign the key of someone you've just -met, also ask them to show you their government identification, and make -sure the name on the ID matches the name on the public key. In Enigmail, -answer honestly in the window that pops up and asks "How carefully have you -verified that the key you are about to sign actually belongs to the person(s) -named above?"

- - -
- -

Advanced

- -
-
Master the Web of Trust
-
Unfortunately, trust does not spread between users the way many people -think. One of best ways to strengthen the GnuPG community is to deeply understand the Web of -Trust and to carefully sign as many people's keys as circumstances permit.
- -
Set ownertrust
-
If you trust someone enough to validate other people's keys, you can assign -them an ownertrust level through Enigmails's key management window. Right -click on the other person's key, go to the "Select Owner Trust" menu option, -select the trustlevel and click OK. Only do this once you feel you have a -deep understanding of the Web of Trust.
-
- -
-
-
-
- - -
- - -
- -

#5 Use it well

- -

Everyone uses GnuPG a little differently, but it's important to follow -some basic practices to keep your email secure. Not following them, you -risk the privacy of the people you communicate with, as well as your own, -and damage the Web of Trust.

- -
- - -
-
- -

- -
-
- -

When should I encrypt? When should I sign?

- -

The more you can encrypt your messages, the better. If you only encrypt -emails occasionally, each encrypted message could raise a red flag for -surveillance systems. If all or most of your email is encrypted, people -doing surveillance won't know where to start. That's not to say that only -encrypting some of your email isn't helpful -- it's a great start and it -makes bulk surveillance more difficult.

- -

Unless you don't want to reveal your own identity (which requires other -protective measures), there's no reason not to sign every message, whether or -not you are encrypting. In addition to allowing those with GnuPG to verify -that the message came from you, signing is a non-intrusive way to remind -everyone that you use GnuPG and show support for secure communication. If you -often send signed messages to people that aren't familiar with GnuPG, it's -nice to also include a link to this guide in your standard email signature -(the text kind, not the cryptographic kind).

- -
-
- - -
-
- -

- -
-
- -

Be wary of invalid keys

- -

GnuPG makes email safer, but it's still important to watch out for invalid -keys, which might have fallen into the wrong hands. Email encrypted with -invalid keys might be readable by surveillance programs.

- -

In your email program, go back to the first encrypted email that Edward -sent you. Because Edward encrypted it with your public key, it will have a -message from Enigmail at the top, which most likely says "Enigmail: Part of -this message encrypted."

- -

When using GnuPG, make a habit of glancing at that bar. The program -will warn you there if you get an email signed with a key that can't -be trusted.

- -
-
- - -
-
- -

Copy your revocation certificate to somewhere safe

- -

Remember when you created your keys and saved the revocation certificate -that GnuPG made? It's time to copy that certificate onto the safest digital -storage that you have -- the ideal thing is a flash drive, disk, or hard -drive stored in a safe place in your home, not on a device you carry with -you regularly.

- -

If your private key ever gets lost or stolen, you'll need this certificate -file to let people know that you are no longer using that keypair.

- -
-
- - -
-
- -

Important: act swiftly if someone gets your private key

- -

If you lose your private key or someone else gets ahold -of it (say, by stealing or cracking your computer), it's -important to revoke it immediately before someone else uses -it to read your encrypted email or forge your signature. This -guide doesn't cover how to revoke a key, but you can follow these instructions. -After you're done revoking, make a new key and send an email to everyone -with whom you usually use your key to make sure they know, including a copy -of your new key.

- -
-
- - - - - -
-
- -

Webmail and GnuPG

- -

When you use a web browser to access your email, you're using webmail, -an email program stored on a distant website. Unlike webmail, your desktop -email program runs on your own computer. Although webmail can't decrypt -encrypted email, it will still display it in its encrypted form. If you -primarily use webmail, you'll know to open your email client when you receive -a scrambled email.

- -
-
- - -
- - -
- -
- - - - - - - diff --git a/ua/kitchen/infographic.t.html b/ua/kitchen/infographic.t.html deleted file mode 100644 index 8929d0cd..00000000 --- a/ua/kitchen/infographic.t.html +++ /dev/null @@ -1,40 +0,0 @@ - - - - - - - diff --git a/ua/kitchen/javascript.html b/ua/kitchen/javascript.html deleted file mode 100644 index ed1475b3..00000000 --- a/ua/kitchen/javascript.html +++ /dev/null @@ -1,22 +0,0 @@ - - - - - - - - diff --git a/ua/kitchen/next_steps.t.html b/ua/kitchen/next_steps.t.html deleted file mode 100644 index e500e9a0..00000000 --- a/ua/kitchen/next_steps.t.html +++ /dev/null @@ -1,247 +0,0 @@ - - - - - - -
- - -
- -

#6 Next steps

- -

You've now completed the basics of email encryption with GnuPG, taking -action against bulk surveillance. These next steps will help make the most -of the work you've done.

- -
- - -
-
- -

- -
-
- -

Join the movement

- -

You've just taken a huge step towards protecting your privacy online. But -each of us acting alone isn't enough. To topple bulk surveillance, we need -to build a movement for the autonomy and freedom of all computer users. Join -the Free Software Foundation's community to meet like-minded people and work -together for change.

- -

- GNU Social  |  - - Mastodon  |  -Twitter

- -

Read why GNU Social and Mastodon -are better than Twitter, and why -we don't use Facebook.

- -
- -
-
- - -
-
- -

Bring Email Self-Defense to new people

- -

Understanding and setting up email encryption is a daunting task for -many. To welcome them, make it easy to find your public key and offer to -help with encryption. Here are some suggestions:

- -
    -
  • Lead an Email Self-Defense workshop for your friends and community, -using our teaching guide.
    • - -
  • Use our sharing page to compose -a message to a few friends and ask them to join you in using encrypted -email. Remember to include your GnuPG public key fingerprint so they can -easily download your key.
    • - -
  • Add your public key fingerprint anywhere that you normally display -your email address. Some good places are: your email signature (the text -kind, not the cryptographic kind), social media profiles, blogs, Websites, -or business cards. At the Free Software Foundation, we put ours on our staff page.
    • -
- -
-
- - -
-
- -

Protect more of your digital life

- -

Learn surveillance-resistant technologies for instant -messages, hard drive storage, online sharing, and more at -the Free Software Directory's Privacy Pack and prism-break.org.

- -

If you are using Windows, Mac OS or any other proprietary operating -system, we recommend you switch to a free software operating system like -GNU/Linux. This will make it much harder for attackers to enter your computer -through hidden back doors. Check out the Free Software Foundation's endorsed versions of -GNU/Linux.

- -
-
- - -
-
- -

Optional: Add more email protection with Tor

- -

The Onion Router -(Tor) network wraps Internet communication in multiple layers of encryption -and bounces it around the world several times. When used properly, Tor confuses -surveillance field agents and the global surveillance apparatus alike. Using -it simultaneously with GnuPG's encryption will give you the best results.

- -

To have your email program send and receive email over Tor, install the Torbirdy -plugin the same way you installed Enigmail, by searching for it through -Add-ons.

- -

Before beginning to check your email over Tor, make sure you understand -the security tradeoffs involved. This infographic from our -friends at the Electronic Frontier Foundation demonstrates how Tor keeps -you secure.

- -
-
- - -
-
- -


- -

Return -to the guide

- -
-
- -

Make Email Self-Defense tools even better

- -

Leave -feedback and suggest improvements to this guide. We -welcome translations, but we ask that you contact us at campaigns@fsf.org before you start, -so that we can connect you with other translators working in your language.

- -

If you like programming, you can contribute code -to GnuPG or Enigmail.

- -

To go the extra mile, support the Free Software Foundation so we can keep -improving Email Self-Defense, and make more tools like it.

- -

- -
-
-
- - - -
- - - - - - - diff --git a/ua/kitchen/reformat-html.1 b/ua/kitchen/reformat-html.1 deleted file mode 100755 index 5a307af4..00000000 --- a/ua/kitchen/reformat-html.1 +++ /dev/null @@ -1,139 +0,0 @@ -#!/bin/bash - -# NAME -# reformat-html - reformat HTML files from emailselfdefense.fsf.org - -# SYNOPSIS -# reformat-html /PATH/TO/NAME.html - -# GRAPHIC INTERFACE HOWTO -# * Launch the script by double-clicking on it; a terminal will open. -# * At the prompt, drag and drop the input file into the terminal. -# -# Alternatively (in Gnome, KDE, XFCE, etc.) -# * create a launcher for the application menu; -# * launch the script from the contextual menu of the HTML file. -# -# The reformatted file is created in the directory where the input file -# resides, and its name is NAME-r.html. - -#============================================================================== - -set -e - -# Test whether the script is called from color-wdiff -p=$(pidof -x color-wdiff) || true -test "$p" == "$PPID" && called_from_color_wdiff=1 - -function sleep_or_exit () { -# turns off interactivity and lets the terminal close normally if the script -# is called from color-wdiff. - -if test "$called_from_color_wdiff" == "1"; then - exit $1 -else - if test "$1" == "1"; then - echo -e 1>&2 "\n!!! $input doesn't exist or is not HTML." - sleep 3 - fi - exit $1 -fi -} - -# Get a valid HTML as input. -input=$1 -if test ! -f "$input" -o ! -s "$input"; then - echo -e "\n*** reformat-html - Please enter the HTML file." - read input - input=${input%\'}; input=${input#\'} -fi -test -f "$input" -a "${input%.html}" != "$input" || sleep_or_exit 1 - -# Define the output file. -if test "$called_from_color_wdiff" == "1"; then - output=$2 -else - output=${input%.html}-r.html -fi - -tmp=$(mktemp -t ref.XXXXXX) || exit 1 -tmp1=$(mktemp -t ref.XXXXXX) || exit 1 -tmp2=$(mktemp -t ref.XXXXXX) || exit 1 -trap 'rm -f "$tmp" "$tmp1" "$tmp2"' EXIT - -# Don't touch the scripts. -sed -n '/ - - - - - - - diff --git a/ua/next_steps.html b/ua/next_steps.html deleted file mode 100644 index b77220ee..00000000 --- a/ua/next_steps.html +++ /dev/null @@ -1,336 +0,0 @@ - - - - -Email Self-Defense - a guide to fighting surveillance with GnuPG -encryption - - - - - - - - - - - - - -
- - -
- -

#6 Next steps

- -

You've now completed the basics of email encryption with GnuPG, taking -action against bulk surveillance. These next steps will help make the most -of the work you've done.

- -
- - -
-
- -

- -
-
- -

Join the movement

- -

You've just taken a huge step towards protecting your privacy online. But -each of us acting alone isn't enough. To topple bulk surveillance, we need -to build a movement for the autonomy and freedom of all computer users. Join -the Free Software Foundation's community to meet like-minded people and work -together for change.

- -

- GNU Social  |  - - Mastodon  |  -Twitter

- -

Read why GNU Social and Mastodon -are better than Twitter, and why -we don't use Facebook.

- -
- -
-
- - -
-
- -

Bring Email Self-Defense to new people

- -

Understanding and setting up email encryption is a daunting task for -many. To welcome them, make it easy to find your public key and offer to -help with encryption. Here are some suggestions:

- -
    -
  • Lead an Email Self-Defense workshop for your friends and community, -using our teaching guide.
    • - -
  • Use our sharing page to compose -a message to a few friends and ask them to join you in using encrypted -email. Remember to include your GnuPG public key fingerprint so they can -easily download your key.
    • - -
  • Add your public key fingerprint anywhere that you normally display -your email address. Some good places are: your email signature (the text -kind, not the cryptographic kind), social media profiles, blogs, Websites, -or business cards. At the Free Software Foundation, we put ours on our staff page.
    • -
- -
-
- - -
-
- -

Protect more of your digital life

- -

Learn surveillance-resistant technologies for instant -messages, hard drive storage, online sharing, and more at -the Free Software Directory's Privacy Pack and prism-break.org.

- -

If you are using Windows, Mac OS or any other proprietary operating -system, we recommend you switch to a free software operating system like -GNU/Linux. This will make it much harder for attackers to enter your computer -through hidden back doors. Check out the Free Software Foundation's endorsed versions of -GNU/Linux.

- -
-
- - -
-
- -

Optional: Add more email protection with Tor

- -

The Onion Router -(Tor) network wraps Internet communication in multiple layers of encryption -and bounces it around the world several times. When used properly, Tor confuses -surveillance field agents and the global surveillance apparatus alike. Using -it simultaneously with GnuPG's encryption will give you the best results.

- -

To have your email program send and receive email over Tor, install the Torbirdy -plugin the same way you installed Enigmail, by searching for it through -Add-ons.

- -

Before beginning to check your email over Tor, make sure you understand -the security tradeoffs involved. This infographic from our -friends at the Electronic Frontier Foundation demonstrates how Tor keeps -you secure.

- -
-
- - -
-
- -


- -

Return -to the guide

- -
-
- -

Make Email Self-Defense tools even better

- -

Leave -feedback and suggest improvements to this guide. We -welcome translations, but we ask that you contact us at campaigns@fsf.org before you start, -so that we can connect you with other translators working in your language.

- -

If you like programming, you can contribute code -to GnuPG or Enigmail.

- -

To go the extra mile, support the Free Software Foundation so we can keep -improving Email Self-Defense, and make more tools like it.

- -

- -
-
-
- - - -
- - - - - - - - - - - - - - - - diff --git a/ua/windows.html b/ua/windows.html deleted file mode 100644 index d3c4c2dd..00000000 --- a/ua/windows.html +++ /dev/null @@ -1,1165 +0,0 @@ - - - - -Email Self-Defense - a guide to fighting surveillance with GnuPG -encryption - - - - - - - - - - - - - -
- - -
- -

#1 Get the pieces

- -

This guide relies on software which is freely licensed; it's -completely transparent and anyone can copy it or make their own version. This -makes it safer from surveillance than proprietary software (like Windows or Mac -OS). To defend your freedom as well as protect yourself from surveillance, we -recommend you switch to a free software operating system like GNU/Linux. Learn -more about free software at fsf.org.

- -

To get started, you'll need the IceDove desktop email program installed -on your computer. For your system, IceDove may be known by the alternate name -"Thunderbird." Email programs are another way to access the same email accounts -you can access in a browser (like Gmail), but provide extra features.

- -

If you already have an email program, you can skip to Step 1.b.

- -
- - -
-
- -

- -
-
- -

Step 1.a Set up your email program with your email account

- -

Open your email program and follow the wizard (step-by-step walkthrough) -that sets it up with your email account.

- -

Look for the letters SSL, TLS, or STARTTLS to the right of the servers -when you're setting up your account. If you don't see them, you will still -be able to use encryption, but this means that the people running your email -system are running behind the industry standard in protecting your security -and privacy. We recommend that you send them a friendly email asking them -to enable SSL, TLS, or STARTTLS for your email server. They will know what -you're talking about, so it's worth making the request even if you aren't -an expert on these security systems.

- - -
- -

Troubleshooting

- -
-
The wizard doesn't launch
-
You can launch the wizard yourself, but the menu option for doing so is -named differently in each email program. The button to launch it will be in -the program's main menu, under "New" or something similar, titled something -like "Add account" or "New/Existing email account."
- -
The wizard can't find my account or isn't downloading my mail
-
Before searching the Web, we recommend you start by asking other people -who use your email system, to figure out the correct settings.
- - - -
- -
-
-
- - -
-
- -

Step 1.b Get GnuPG by downloading GPG4Win

- -

GPG4Win is a software package that includes GnuPG. Download and install it, choosing default -options whenever asked. After it's installed, you can close any windows that -it creates.

- -

There are major security flaws in versions of GnuPG provided by GPG4Win -prior to 3.1.2. Make sure you have GPG4Win 3.1.2 or later.

- -
-
- - -
-
-
    -
    • -
    • -
    • -
- -
-
- -

Step 1.c Install the Enigmail plugin for your email program

- -

In your email program's menu, select Add-ons (it may be in the Tools -section). Make sure Extensions is selected on the left. Do you see Enigmail? -Make sure it's the latest version. If so, skip this step.

- -

If not, search "Enigmail" with the search bar in the upper right. You -can take it from here. Restart your email program when you're done.

- -

There are major security flaws in Enigmail prior to version 2.0.7. Make -sure you have Enigmail 2.0.7 or later.

- - -
- -

Troubleshooting

- -
-
I can't find the menu.
-
In many new email programs, the main menu is represented by an image of -three stacked horizontal bars.
- -
My email looks weird
-
Enigmail doesn't tend to play nice with HTML, which is used to format -emails, so it may disable your HTML formatting automatically. To send an -HTML-formatted email without encryption or a signature, hold down the Shift -key when you select compose. You can then write an email as if Enigmail -wasn't there.
- - - -
- -
-
-
-
- - -
- - -
- -

#2 Make your keys

- -

To use the GnuPG system, you'll need a public key and a private key (known -together as a keypair). Each is a long string of randomly generated numbers -and letters that are unique to you. Your public and private keys are linked -together by a special mathematical function.

- -

Your public key isn't like a physical key, because it's stored in the open -in an online directory called a keyserver. People download it and use it, -along with GnuPG, to encrypt emails they send to you. You can think of the -keyserver as a phonebook; people who want to send you encrypted email can -look up your public key.

- -

Your private key is more like a physical key, because you keep it to -yourself (on your computer). You use GnuPG and your private key together to -descramble encrypted emails other people send to you. You should never share your private key with anyone, under any -circumstances.

- -

In addition to encryption and decryption, you can also use these keys to -sign messages and check the authenticity of other people's signatures. We'll -discuss this more in the next section.

- -
- - -
-
- -

- -
-
- -

Step 2.a Make a keypair

- -

The Enigmail Setup wizard may start automatically. If it doesn't, select -Enigmail → Setup Wizard from your email program's menu. You don't need -to read the text in the window that pops up unless you'd like to, but it's -good to read the text on the later screens of the wizard. Click Next with -the default options selected, except in these instances, which are listed -in the order they appear:

- -
    -
  • On the screen titled "Encryption," select "Encrypt all of my messages -by default, because privacy is critical to me."
    • - -
  • On the screen titled "Signing," select "Don't sign my messages by -default."
    • - -
  • On the screen titled "Key Selection," select "I want to create a new -key pair for signing and encrypting my email."
    • - -
  • On the screen titled "Create Key," pick a strong password! You can -do it manually, or you can use the Diceware method. Doing it manually -is faster but not as secure. Using Diceware takes longer and requires -dice, but creates a password that is much harder for attackers to figure -out. To use it, read the section "Make a secure passphrase with Diceware" in -this article by Micah Lee.
    • -
- -

If you'd like to pick a password manually, come up with something -you can remember which is at least twelve characters long, and includes -at least one lower case and upper case letter and at least one number or -punctuation symbol. Never pick a password you've used elsewhere. Don't use -any recognizable patterns, such as birthdays, telephone numbers, pets' names, -song lyrics, quotes from books, and so on.

- -

The program will take a little while to finish the next -step, the "Key Creation" screen. While you wait, do something else with your -computer, like watching a movie or browsing the Web. The more you use the -computer at this point, the faster the key creation will go.

- -

When the "Key Generation Completed" screen -pops up, select Generate Certificate and choose to save it in a safe place on -your computer (we recommend making a folder called "Revocation Certificate" -in your home folder and keeping it there). This step is essential for your -email self-defense, as you'll learn more about in Section -5.

- - -
- -

Troubleshooting

- -
-
I can't find the Enigmail menu.
-
In many new email programs, the main menu is represented by an image -of three stacked horizontal bars. Enigmail may be inside a section called -Tools.
- -
More resources
-
If you're having trouble with our -instructions or just want to learn more, check out -Enigmail's wiki instructions for key generation.
- - - -
- -
- - -
- -

Advanced

- -
-
Command line key generation
-
If you prefer using the command line for a higher -degree of control, you can follow the documentation from The GNU Privacy -Handbook. Make sure you stick with "RSA and RSA" (the default), -because it's newer and more secure than the algorithms the documentation -recommends. Also make sure your key is at least 2048 bits, or 4096 if you -want to be extra secure.
- -
Advanced key pairs
-
When GnuPG creates a new keypair, it compartmentalizes -the encryption function from the signing function through subkeys. If you use -subkeys carefully, you can keep your GnuPG identity much more -secure and recover from a compromised key much more quickly. Alex Cabal -and the Debian wiki -provide good guides for setting up a secure subkey configuration.
-
- -
-
-
- - -
-
- -

Step 2.b Upload your public key to a keyserver

- -

In your email program's menu, select Enigmail → Key Management.

- -

Right click on your key and select Upload Public Keys to Keyserver. You -don't have to use the default keyserver. If, after research, you would like -to change to a different default keyserver, you can change that setting -manually in the Enigmail preferences.

- -

Now someone who wants to send you an encrypted message can -download your public key from the Internet. There are multiple keyservers -that you can select from the menu when you upload, but they are all copies -of each other, so it doesn't matter which one you use. However, it sometimes -takes a few hours for them to match each other when a new key is uploaded.

- - -
- -

Troubleshooting

- -
-
The progress bar never finishes
-
Close the upload popup, make sure you are connected to the Internet, -and try again. If that doesn't work, try again, selecting a different -keyserver.
- -
My key doesn't appear in the list
-
Try checking "Display All Keys by Default."
- -
More documentation
-
If you're having trouble with our -instructions or just want to learn more, check out -Enigmail's documentation.
- - - -
- -
- - -
- -

Advanced

- -
-
Uploading a key from the command line
-
You can also upload your keys to a keyserver through the command line. The sks Web site -maintains a list of highly interconnected keyservers. You can also directly export -your key as a file on your computer.
-
- -
-
-
- - -
-
- -

GnuPG, OpenPGP, what?

- -

In general, the terms GnuPG, GPG, GNU Privacy Guard, OpenPGP and PGP -are used interchangeably. Technically, OpenPGP (Pretty Good Privacy) is the -encryption standard, and GNU Privacy Guard (often shortened to GPG or GnuPG) -is the program that implements the standard. Enigmail is a plug-in program -for your email program that provides an interface for GnuPG.

- -
-
-
- - -
- - -
- -

#3 Try it out!

- -

Now you'll try a test correspondence with a computer program named Edward, -who knows how to use encryption. Except where noted, these are the same -steps you'd follow when corresponding with a real, live person.

- - -
- - -
-
- -

- -
-
- -

Step 3.a Send Edward your public key

- -

This is a special step that you won't have to do when corresponding -with real people. In your email program's menu, go to Enigmail → Key -Management. You should see your key in the list that pops up. Right click -on your key and select Send Public Keys by Email. This will create a new -draft message, as if you had just hit the Write button.

- -

Address the message to edward-en@fsf.org. Put at least one word -(whatever you want) in the subject and body of the email. Don't send yet.

- -

The lock icon in the top left should be yellow, meaning encryption is -turned on. We want this first special message to be unencrypted, so -click the icon once to turn it off. The lock should become grey, with a -blue dot on it (to alert you that the setting has been changed from the -default). Once encryption is off, hit Send.

- -

It may take two or three minutes for Edward to -respond. In the meantime, you might want to skip ahead and check out the Use it Well section of this guide. Once he's responded, -head to the next step. From here on, you'll be doing just the same thing as -when corresponding with a real person.

- -

When you open Edward's reply, GnuPG may prompt you for your password -before using your private key to decrypt it.

- -
-
- - -
-
- -

Step 3.b Send a test encrypted email

- -

Write a new email in your email program, addressed to edward-en@fsf.org. Make the subject -"Encryption test" or something similar and write something in the body.

- -

The lock icon in the top left of the window should be yellow, meaning -encryption is on. This will be your default from now on.

- -

Next to the lock, you'll notice an icon of a pencil. We'll -get to this in a moment.

- -

Click Send. Enigmail will pop up a window that says "Recipients not valid, -not trusted or not found."

- -

To encrypt an email to Edward, you need his public key, so now you'll have -Enigmail download it from a keyserver. Click Download Missing Keys and use -the default in the pop-up that asks you to choose a keyserver. Once it finds -keys, check the first one (Key ID starting with C), then select ok. Select -ok in the next pop-up.

- -

Now you are back at the "Recipients not valid, not trusted or not found" -screen. Check the box in front of Edward's key and click Send.

- -

Since you encrypted this email with Edward's public key, -Edward's private key is required to decrypt it. Edward is the only one with -his private key, so no one except him can decrypt it.

- - -
- -

Troubleshooting

- -
-
Enigmail can't find Edward's key
-
Close the pop-ups that have appeared since you clicked Send. Make sure -you are connected to the Internet and try again. If that doesn't work, repeat -the process, choosing a different keyserver when it asks you to pick one.
- -
Unscrambled messages in the Sent folder
-
Even though you can't decrypt messages encrypted to someone else's key, -your email program will automatically save a copy encrypted to your public key, -which you'll be able to view from the Sent folder like a normal email. This -is normal, and it doesn't mean that your email was not sent encrypted.
- -
More resources
-
If you're still having trouble with our -instructions or just want to learn more, check out -Enigmail's wiki.
- - - -
- -
- - -
- -

Advanced

- -
-
Encrypt messages from the command line
-
You can also encrypt and decrypt messages and files from the command line, -if that's your preference. The option --armor makes the encrypted output -appear in the regular character set.
-
- -
-
-
- - -
-
- -

Important: Security tips

- -

Even if you encrypt your email, the subject line is not encrypted, so -don't put private information there. The sending and receiving addresses -aren't encrypted either, so a surveillance system can still figure out who -you're communicating with. Also, surveillance agents will know that you're -using GnuPG, even if they can't figure out what you're saying. When you -send attachments, Enigmail will give you the choice to encrypt them or not, -independent of the actual email.

- -

For greater security against potential attacks, you can turn off -HTML. Instead, you can render the message body as plain text.

- -
-
- - -
-
- -

Step 3.c Receive a response

- -

When Edward receives your email, he will use his private key to decrypt -it, then reply to you.

- -

It may take two or three minutes for Edward to -respond. In the meantime, you might want to skip ahead and check out the Use it Well section of this guide.

- -
-
- - -
-
- -

Step 3.d Send a test signed email

- -

GnuPG includes a way for you to sign messages and files, verifying that -they came from you and that they weren't tampered with along the way. These -signatures are stronger than their pen-and-paper cousins -- they're impossible -to forge, because they're impossible to create without your private key -(another reason to keep your private key safe).

- -

You can sign messages to anyone, so it's a great way to make people -aware that you use GnuPG and that they can communicate with you securely. If -they don't have GnuPG, they will be able to read your message and see your -signature. If they do have GnuPG, they'll also be able to verify that your -signature is authentic.

- -

To sign an email to Edward, compose any message to him and click the -pencil icon next to the lock icon so that it turns gold. If you sign a -message, GnuPG may ask you for your password before it sends the message, -because it needs to unlock your private key for signing.

- -

With the lock and pencil icons, you can choose whether each message will -be encrypted, signed, both, or neither.

- -
-
- - -
-
- -

Step 3.e Receive a response

- -

When Edward receives your email, he will use your public key (which -you sent him in Step 3.A) to verify the message -you sent has not been tampered with and to encrypt his reply to you.

- -

It may take two or three minutes for Edward to -respond. In the meantime, you might want to skip ahead and check out the Use it Well section of this guide.

- -

Edward's reply will arrive encrypted, because he prefers to use encryption -whenever possible. If everything goes according to plan, it should say -"Your signature was verified." If your test signed email was also encrypted, -he will mention that first.

- -

When you receive Edward's email and open it, Enigmail will -automatically detect that it is encrypted with your public key, and -then it will use your private key to decrypt it.

- -

Notice the bar that Enigmail shows you above the message, with -information about the status of Edward's key.

- -
-
-
- - -
- - -
- -

#4 Learn the Web of Trust

- -

Email encryption is a powerful technology, but it has a weakness; -it requires a way to verify that a person's public key is actually -theirs. Otherwise, there would be no way to stop an attacker from making -an email address with your friend's name, creating keys to go with it and -impersonating your friend. That's why the free software programmers that -developed email encryption created keysigning and the Web of Trust.

- -

When you sign someone's key, you are publicly saying that you've verified -that it belongs to them and not someone else.

- -

Signing keys and signing messages use the same type of mathematical -operation, but they carry very different implications. It's a good practice -to generally sign your email, but if you casually sign people's keys, you -may accidently end up vouching for the identity of an imposter.

- -

People who use your public key can see who has signed it. Once you've -used GnuPG for a long time, your key may have hundreds of signatures. You -can consider a key to be more trustworthy if it has many signatures from -people that you trust. The Web of Trust is a constellation of GnuPG users, -connected to each other by chains of trust expressed through signatures.

- -
- - -
-
- -

- -
-
- -

Step 4.a Sign a key

- -

In your email program's menu, go to Enigmail → Key Management.

- -

Right click on Edward's public key and select Sign Key from the context -menu.

- -

In the window that pops up, select "I will not answer" and click ok.

- -

Now you should be back at the Key Management menu. Select Keyserver → -Upload Public Keys and hit ok.

- -

You've just effectively said "I trust that Edward's public -key actually belongs to Edward." This doesn't mean much because Edward isn't -a real person, but it's good practice.

- - -
-
- - -
-
- -

Identifying keys: Fingerprints and IDs

- -

People's public keys are usually identified by their key fingerprint, -which is a string of digits like F357AA1A5B1FA42CFD9FE52A9FF2194CC09A61E8 -(for Edward's key). You can see the fingerprint for your public key, and -other public keys saved on your computer, by going to Enigmail → Key -Management in your email program's menu, then right clicking on the key -and choosing Key Properties. It's good practice to share your fingerprint -wherever you share your email address, so that people can double-check that -they have the correct public key when they download yours from a keyserver.

- -

You may also see public keys referred to by a shorter -key ID. This key ID is visible directly from the Key Management -window. These eight character key IDs were previously used for -identification, which used to be safe, but is no longer reliable. You -need to check the full fingerprint as part of verifying you have the -correct key for the person you are trying to contact. Spoofing, in -which someone intentionally generates a key with a fingerprint whose -final eight characters are the same as another, is unfortunately -common.

- -
-
- - -
-
- -

Important: What to consider when signing keys

- -

Before signing a person's key, you need to be confident that it actually -belongs to them, and that they are who they say they are. Ideally, this -confidence comes from having interactions and conversations with them over -time, and witnessing interactions between them and others. Whenever signing -a key, ask to see the full public key fingerprint, and not just the shorter -key ID. If you feel it's important to sign the key of someone you've just -met, also ask them to show you their government identification, and make -sure the name on the ID matches the name on the public key. In Enigmail, -answer honestly in the window that pops up and asks "How carefully have you -verified that the key you are about to sign actually belongs to the person(s) -named above?"

- - -
- -

Advanced

- -
-
Master the Web of Trust
-
Unfortunately, trust does not spread between users the way many people -think. One of best ways to strengthen the GnuPG community is to deeply understand the Web of -Trust and to carefully sign as many people's keys as circumstances permit.
- -
Set ownertrust
-
If you trust someone enough to validate other people's keys, you can assign -them an ownertrust level through Enigmails's key management window. Right -click on the other person's key, go to the "Select Owner Trust" menu option, -select the trustlevel and click OK. Only do this once you feel you have a -deep understanding of the Web of Trust.
-
- -
-
-
-
- - -
- - -
- -

#5 Use it well

- -

Everyone uses GnuPG a little differently, but it's important to follow -some basic practices to keep your email secure. Not following them, you -risk the privacy of the people you communicate with, as well as your own, -and damage the Web of Trust.

- -
- - -
-
- -

- -
-
- -

When should I encrypt? When should I sign?

- -

The more you can encrypt your messages, the better. If you only encrypt -emails occasionally, each encrypted message could raise a red flag for -surveillance systems. If all or most of your email is encrypted, people -doing surveillance won't know where to start. That's not to say that only -encrypting some of your email isn't helpful -- it's a great start and it -makes bulk surveillance more difficult.

- -

Unless you don't want to reveal your own identity (which requires other -protective measures), there's no reason not to sign every message, whether or -not you are encrypting. In addition to allowing those with GnuPG to verify -that the message came from you, signing is a non-intrusive way to remind -everyone that you use GnuPG and show support for secure communication. If you -often send signed messages to people that aren't familiar with GnuPG, it's -nice to also include a link to this guide in your standard email signature -(the text kind, not the cryptographic kind).

- -
-
- - -
-
- -

- -
-
- -

Be wary of invalid keys

- -

GnuPG makes email safer, but it's still important to watch out for invalid -keys, which might have fallen into the wrong hands. Email encrypted with -invalid keys might be readable by surveillance programs.

- -

In your email program, go back to the first encrypted email that Edward -sent you. Because Edward encrypted it with your public key, it will have a -message from Enigmail at the top, which most likely says "Enigmail: Part of -this message encrypted."

- -

When using GnuPG, make a habit of glancing at that bar. The program -will warn you there if you get an email signed with a key that can't -be trusted.

- -
-
- - -
-
- -

Copy your revocation certificate to somewhere safe

- -

Remember when you created your keys and saved the revocation certificate -that GnuPG made? It's time to copy that certificate onto the safest digital -storage that you have -- the ideal thing is a flash drive, disk, or hard -drive stored in a safe place in your home, not on a device you carry with -you regularly.

- -

If your private key ever gets lost or stolen, you'll need this certificate -file to let people know that you are no longer using that keypair.

- -
-
- - -
-
- -

Important: act swiftly if someone gets your private key

- -

If you lose your private key or someone else gets ahold -of it (say, by stealing or cracking your computer), it's -important to revoke it immediately before someone else uses -it to read your encrypted email or forge your signature. This -guide doesn't cover how to revoke a key, but you can follow these instructions. -After you're done revoking, make a new key and send an email to everyone -with whom you usually use your key to make sure they know, including a copy -of your new key.

- -
-
- - - - - -
-
- -

Webmail and GnuPG

- -

When you use a web browser to access your email, you're using webmail, -an email program stored on a distant website. Unlike webmail, your desktop -email program runs on your own computer. Although webmail can't decrypt -encrypted email, it will still display it in its encrypted form. If you -primarily use webmail, you'll know to open your email client when you receive -a scrambled email.

- -
-
- - -
- - -
- -
- - - - - - - - - - - - - - - - diff --git a/ua/workshops.html b/ua/workshops.html deleted file mode 100644 index 30ce3481..00000000 --- a/ua/workshops.html +++ /dev/null @@ -1,403 +0,0 @@ - - - - -Email Self-Defense - a guide to fighting surveillance with GnuPG -encryption - - - - - - - - - - - - - -
-
- - -
- -

- -

#1 Get your friends or community interested

- -

If you hear friends grumbling about their lack of privacy, ask them if -they're interested in attending a workshop on Email Self-Defense. If your -friends don't grumble about privacy, they may need some convincing. You might -even hear the classic "if you've got nothing to hide, you've got nothing to -fear" argument against using encryption.

- -

Here are some talking points you can use to help explain why it's worth -it to learn GnuPG. Mix and match whichever you think will make sense to -your community:

- -
-
-
- -
-
- -

Strength in numbers

- -

Each person who chooses to resist mass surveillance with encryption makes -it easier for others to resist as well. People normalizing the use of strong -encryption has multiple powerful effects: it means those who need privacy -the most, like potential whistle-blowers and activists, are more likely to -learn about encryption. More people using encryption for more things also -makes it harder for surveillance systems to single out those that can't -afford to be found, and shows solidarity with those people.

- -
-
- -

People you respect may already be using encryption

- -

Many journalists, whistleblowers, activists, and researchers use GnuPG, -so your friends might unknowingly have heard of a few people who use it -already. You can search for "BEGIN PUBLIC KEY BLOCK" + keyword to help make -a list of people and organizations who use GnuPG whom your community will -likely recognize.

- -
-
- -

Respect your friends' privacy

- -

There's no objective way to judge what constitutes privacy-sensitive -correspondence. As such, it's better not to presume that just because you -find an email you sent to a friend innocuous, your friend (or a surveillance -agent, for that matter!) feels the same way. Show your friends respect by -encrypting your correspondence with them.

- -
-
- -

Privacy technology is normal in the physical world

- -

In the physical realm, we take window blinds, envelopes, and closed doors -for granted as ways of protecting our privacy. Why should the digital realm -be any different?

- -
-
- -

We shouldn't have to trust our email providers with our privacy

- -

Some email providers are very trustworthy, but many have incentives not -to protect your privacy and security. To be empowered digital citizens, -we need to build our own security from the bottom up.

- -
-
-
- - -
- - -
- -

#2 Plan The Workshop

- -

Once you've got at least one interested friend, pick a date and start -planning out the workshop. Tell participants to bring their computer and -ID (for signing each other's keys). If you'd like to make it easy for the -participants to use Diceware for choosing passwords, get a pack of dice -beforehand. Make sure the location you select has an easily accessible -Internet connection, and make backup plans in case the connection stops -working on the day of the workshop. Libraries, coffee shops, and community -centers make great locations. Try to get all the participants to set up -an Enigmail-compatible email client before the event. Direct them to their -email provider's IT department or help page if they run into errors.

- -

Estimate that the workshop will take at least forty minutes plus ten minutes -for each participant. Plan extra time for questions and technical glitches.

- -

The success of the workshop requires understanding and catering to -the unique backgrounds and needs of each group of participants. Workshops -should stay small, so that each participant receives more individualized -instruction. If more than a handful of people want to participate, keep the -facilitator to participant ratio high by recruiting more facilitators, or by -facilitating multiple workshops. Small workshops among friends work great!

- -
-
- - -
- - -
- -

#3 Follow the guide as a group

- -

Work through the Email Self-Defense guide a step at a time as a group. Talk -about the steps in detail, but make sure not to overload the participants -with minutia. Pitch the bulk of your instructions to the least tech-savvy -participants. Make sure all the participants complete each step before the -group moves on to the next one. Consider facilitating secondary workshops -afterwards for people that had trouble grasping the concepts, or those that -grasped them quickly and want to learn more.

- -

In Section 2 of the guide, make -sure the participants upload their keys to the same keyserver so that -they can immediately download each other's keys later (sometimes -there is a delay in synchronization between keyservers). During Section 3, give the participants the option to -send test messages to each other instead of or as well as Edward. Similarly, -in Section 4, encourage the participants -to sign each other's keys. At the end, make sure to remind people to safely -back up their revocation certificates.

- -
-
- - -
- - -
- -

#4 Explain the pitfalls

- -

Remind participants that encryption works only when it's explicitly used; -they won't be able to send an encrypted email to someone who hasn't already -set up encryption. Also remind participants to double-check the encryption icon -before hitting send, and that subjects and timestamps are never encrypted.

- -

Explain the dangers -of running a proprietary system and -advocate for free software, because without it, we can't meaningfully -resist invasions of our digital privacy and autonomy.

- -
-
- - -
- - -
- -

#5 Share additional resources

- -

GnuPG's advanced options are far too complex to teach in a single -workshop. If participants want to know more, point out the advanced subsections -in the guide and consider organizing another workshop. You can also share -GnuPG's and -Enigmail's -official documentation and mailing lists. Many GNU/Linux distribution's Web -sites also contain a page explaining some of GnuPG's advanced features.

- -
-
- - -
- - -
- -

#6 Follow up

- -

Make sure everyone has shared email addresses and public key fingerprints -before they leave. Encourage the participants to continue to gain GnuPG -experience by emailing each other. Send them each an encrypted email one -week after the event, reminding them to try adding their public key ID to -places where they publicly list their email address.

- -

If you have any suggestions for improving this workshop guide, please -let us know at campaigns@fsf.org.

- -
-
- - - - - - - - - - -