November 2016 - tor-commits - lists.torproject.org

[sandboxed-tor-browser/master] Bug #20773: Don't mount /proc in the tor container when no PTs.
by yawning＠torproject.org 26 Nov '16

26 Nov '16

commit f5dbc78776f413829085aa3fba2611214cc469ad Author: Yawning Angel <yawning(a)schwanenlied.me> Date: Sat Nov 26 08:37:25 2016 +0000 Bug #20773: Don't mount /proc in the tor container when no PTs. While I'm being overly cautious about obfs4proxy, at least when bridges aren't in use, the tor container can do without /proc. --- src/cmd/sandboxed-tor-browser/internal/sandbox/application.go | 8 ++++++++ src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go b/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go index e676955..1e38adc 100644 --- a/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go +++ b/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go @@ -458,6 +458,14 @@ func RunTor(cfg *config.Config, torrc []byte) (cmd *exec.Cmd, err error) { h.stderr = logger if !cfg.Tor.UseBridges { h.seccompFn = installTorSeccompProfile + + // The tor daemon only uses this to calculate MaxMemInQueues, + // which is a relay thing, so this can safely be disabled. + // + // Not sure about what to do wrt pluggable transports yet, + // obfs4proxy seems to function fine, and the reads it does + // look innocent enough, but more investigation is needed. + h.mountProc = false } else { h.seccompFn = installBasicSeccompBlacklist } diff --git a/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go b/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go index a0b614b..2877d45 100644 --- a/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go +++ b/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go @@ -265,7 +265,7 @@ func (h *hugbox) run() (*exec.Cmd, error) { pendingWrites := [][]byte{argsBuf} pendingWrites = append(pendingWrites, h.fileData...) - Debugf("sandbox: fdArgs: %v", h.args) + Debugf("sandbox: fdArgs: %v", fdArgs) // Fork/exec. cmd.Start()

1 0

[sandboxed-tor-browser/master] Update the Architecture.txt doc a bit (No functional changes).
by yawning＠torproject.org 26 Nov '16

26 Nov '16

commit bf286a049cd06b4546f9cd02f390f4c60e0d0c51 Author: Yawning Angel <yawning(a)schwanenlied.me> Date: Sat Nov 26 07:58:42 2016 +0000 Update the Architecture.txt doc a bit (No functional changes). The doc should be moderately accurate now, but in all honesty could do with a total re-write. --- doc/Architecture.txt | 72 ++++++++++++++++++++++++++++++++++------------------ 1 file changed, 48 insertions(+), 24 deletions(-) diff --git a/doc/Architecture.txt b/doc/Architecture.txt index 6714bbc..0a5c789 100644 --- a/doc/Architecture.txt +++ b/doc/Architecture.txt @@ -18,7 +18,7 @@ Design requirements: neither. * Proxy bypass MUST BE impossible without a sandbox escape, even if - the adversary gets RCE capability.. This is harder than it appears, + the adversary gets RCE capability. This is harder than it appears, and influences a few other thoughts. * The firefox process's write access to the filesystem MUST be limited @@ -56,13 +56,29 @@ sandboxed-tor-browser is a Go application that handles: * Downloading and installing Tor Browser. - * Fetches and installs the latest Tor Browser over Tor. + * Fetches and installs the latest Tor Browser over Tor, or the normal + internet, depending on of Tor is already running as a system service. + * The TLS cert for the download metadata fetch (`downloads.json`) is + validated via static HPKP pins. The actual downloads can come from + anywhere (allowing the possibility for CDNs/mirrors). * Validates the PGP signature with a hard coded copy of the PGP key. + * Running a sandboxed instance of the tor daemon. + + * Launches the bundle's tor daemon inside a sandbox. + * A seccomp whitelist is used unless pluggable transports are enabled, in + which case a blacklist is used. + * This process has full network access, but an extremely limited view into + the host filesystem. + * For the initial release only pluggable transports supported by obfs4proxy + are enabled. + * Libraries are handled in a similar manner to how they are for the firefox + container (as in, only what is needed, nothing more). + * Updating Tor Browser. - * Version check over Tor on launch, validating the `dist.torproject.org` - cert with an internal copy. + * Version check over Tor on launch. Static HPKP pins are used to ensure + the remote update metadata server is trusted. * Download MAR format updates over Tor. * Validates the MAR signature with hard coded copies of the MAR signing key(s). @@ -72,34 +88,42 @@ sandboxed-tor-browser is a Go application that handles: * Run a sandboxed instance of Tor Browser. - * (FIXME) Assumes a system Tor instance. * A LD_PRELOAD stub is used to force firefox to use AF_LOCAL sockets for - the control and SOCKS ports. This will go away when all released channels - of the browser support AF_LOCAL socket access. + the control and SOCKS ports, and to work around certain Firefox quirks + and bugs. * Uses bubblewrap to instantiate a Linux container. - * seccomp2 system call filter. + * seccomp2 system call filter, with whitelist/blacklist format that is + compatible with Subgraph. * Separate PID table, mount table, etc. * No external communication except via stdio, and path based AF_LOCAL sockets. - * Normalized hostname, `/etc/passwd`, `/etc/group`. + * Normalized hostname, `/etc/passwd`, `/etc/group`, D-bus machine ID. * Limited view of the host filesystem, all directories read-only unless * otherwise specified. The sandboxed filesystem layout is normalized as much as possible. - * System library directories. + * System libraries are explcitly bind mounted into the container in + standardized locations to reduce attack surface and to make it hard + to use the installed libraries to gain much insight into the host + system. This is accomplished via reading the ELF dynamic section of + the binary to be executed, and then mounting a breadth-first-search + with the assistance of the `/etc/ld.so.cache` file. * Gtk Theme related directories. - * The X11 AF_LOCAL socket. - * (Optionally) The PulseAudio socket. - * The browser directory. - * The browser caches directory (read/write, might be removed). - * The browser profile directory (read/write, extensions sub-dir - read-only unless overriden by the user). - * The browser downloads directory (read/write) - * The browser desktop directory (read/write) - * A runtime directory. - * A surrogate control port that gives "fake" responses to Tor - Browser. Does not talk to the real control port. - * A re-dispatching SOCKS proxy that allows "New Identity" to work, - that talks to the actual tor instance. + * The X11 AF_LOCAL socket. + * (Optionally) The PulseAudio socket. + * The browser directory. + * The browser caches directory (read/write, might be removed). + * The browser profile directory (read/write, extensions sub-dir + read-only unless overriden by the user). + * The browser downloads directory (read/write) + * The browser desktop directory (read/write) + * A runtime directory. + * A surrogate control port that gives "fake" responses to Tor + Browser. The bare minimum to get a fully functional circuit + display is implemented, and the surrogate ensures that responses + are filtered appropriately so that Tor Browser never sees streams + or circuits that it is not responsible for. + * A re-dispatching SOCKS proxy, required to identify which streams + and circuits should be visible to the control port surrogate. Sandbox weaknesses: @@ -114,7 +138,7 @@ from a security standpoint things are vastly improved. * X processes can easily become display server wide keyloggers and other things that threaten user privacy. * Certain applications set X root window properties that leak information - about the host system. + about the host system (eg: PulseAudio). Using a nested X solution such as Xephyr "just works", so that's a way to mitigate this for those that want that.

1 0

[sandboxed-tor-browser/master] Instead of using the trace action, explciitly return ENOSYS on 386.
by yawning＠torproject.org 26 Nov '16

26 Nov '16

commit 533be4ad041ff7b9c630181fe5265e4f70160947 Author: Yawning Angel <yawning(a)schwanenlied.me> Date: Sat Nov 26 07:20:04 2016 +0000 Instead of using the trace action, explciitly return ENOSYS on 386. This mirrors the amd64 behavior, I just forgot to make this explicit when I changed it for real computers. --- src/cmd/sandboxed-tor-browser/internal/sandbox/seccomp_386.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/cmd/sandboxed-tor-browser/internal/sandbox/seccomp_386.go b/src/cmd/sandboxed-tor-browser/internal/sandbox/seccomp_386.go index 5cf3262..40e5691 100644 --- a/src/cmd/sandboxed-tor-browser/internal/sandbox/seccomp_386.go +++ b/src/cmd/sandboxed-tor-browser/internal/sandbox/seccomp_386.go @@ -59,7 +59,8 @@ func installSeccomp(fd *os.File, assets []string, isBlacklist bool) error { rules = append(rules, '\n') } - defaultAct, ruleAct := seccomp.ActTrace, seccomp.ActAllow + actENOSYS := seccomp.ActErrno.SetReturnCode(38) + defaultAct, ruleAct := actENOSYS, seccomp.ActAllow if isBlacklist { defaultAct, ruleAct = ruleAct, defaultAct }

1 0

[translation/tails-greeter-2_completed] Update translations for tails-greeter-2_completed
by translation＠torproject.org 26 Nov '16

26 Nov '16

commit 53da5c1166fecc08edf9a82ad9b9c2a81dec4e3b Author: Translation commit bot <translation(a)torproject.org> Date: Sat Nov 26 06:48:20 2016 +0000 Update translations for tails-greeter-2_completed --- zh_TW/zh_TW.po | 311 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 311 insertions(+) diff --git a/zh_TW/zh_TW.po b/zh_TW/zh_TW.po new file mode 100644 index 0000000..24b691d --- /dev/null +++ b/zh_TW/zh_TW.po @@ -0,0 +1,311 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2016-11-18 00:07+0000\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: Agustín Wu <losangwuyts(a)gmail.com>, 2016\n" +"Language-Team: Chinese (Taiwan) (https://www.transifex.com/otf/teams/1519/zh_TW/)\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Language: zh_TW\n" +"Plural-Forms: nplurals=1; plural=0;\n" + +#: ../data/greeter.ui.h:1 +msgid "Administration Password" +msgstr "系統管理員密碼" + +#: ../data/greeter.ui.h:2 +msgid "" +"Set up an administration password if you need to perform administrative " +"tasks. Otherwise, the administration password is disabled for better " +"security." +msgstr "除非您需要執行某些非管理員權限不可的工作，才會需要設定系統管理員密碼，否則請關閉此功能以提高系統安全性。" + +#: ../data/greeter.ui.h:3 +msgid "Enter an administration password" +msgstr "請輸入系統管理員密碼" + +#: ../data/greeter.ui.h:4 +msgid "Confirm" +msgstr "確認" + +#: ../data/greeter.ui.h:5 +msgid "Confirm your administration password" +msgstr "確認您的系統管理員密碼" + +#: ../data/greeter.ui.h:6 +msgid "Disable" +msgstr "關閉" + +#: ../data/greeter.ui.h:7 +msgid "Windows Camouflage" +msgstr "偽裝成Windows" + +#: ../data/greeter.ui.h:8 +msgid "" +"This option makes Tails look like Microsoft Windows 10. This can be useful " +"to avoid attracting suspiction in public places." +msgstr "此功能可以將 Tails 的外觀偽裝成微軟的 Windows 10，以便當您在公眾場所使用電腦時，可以避免引起旁人的注意。" + +#: ../data/greeter.ui.h:9 +msgid "Microsoft Windows 10 camouflage" +msgstr "微軟 Windows 10 偽裝" + +#: ../data/greeter.ui.h:10 +msgid "MAC Address Spoofing" +msgstr "網路卡實體位址偽裝" + +#: ../data/greeter.ui.h:11 +msgid "" +"MAC address spoofing hides the serial number of your network interface (Wi-" +"Fi or wired) to the local network. Spoofing MAC addresses is generally safer" +" as it helps you hide your geographical location. But it might also create " +"connectivity problems or look suspicious." +msgstr "" +"每張網路卡都有一個獨一無二的實體位址，偽裝此位址可以避免本地端的網路(無論是有線或無線)得知您真實的網路卡實體位址，進而掩飾您實際的所在地。但是在某些情況中，可能會造成網路連線的問題，或是增加可疑性。" + +#: ../data/greeter.ui.h:12 +msgid "Spoof all MAC addresses (default)" +msgstr "偽裝所有的網路卡實體位址(預設)" + +#: ../data/greeter.ui.h:13 +msgid "Don't spoof MAC addresses" +msgstr "不要偽裝網路卡實體位址" + +#: ../data/greeter.ui.h:14 +msgid "Welcome to Tails!" +msgstr "歡迎使用 Tails！" + +#: ../data/greeter.ui.h:15 +msgid "" +"To get guided through Tails' settings, click on Take a Tour above" +msgstr "若要針對 Tails 的設定進行導覽，請點選功能導覽" + +#: ../data/greeter.ui.h:16 +msgid "Language & Region" +msgstr "語言和區域" + +#: ../data/greeter.ui.h:17 +msgid "Default Settings" +msgstr "預設值" + +#: ../data/greeter.ui.h:18 +msgid "Save Language & Region Settings" +msgstr "儲存語言與區域的設定值" + +#: ../data/greeter.ui.h:19 +msgid "Language" +msgstr "語言" + +#: ../data/greeter.ui.h:20 +msgid "English" +msgstr "英文" + +#: ../data/greeter.ui.h:21 +msgid "Keyboard Layout" +msgstr "鍵盤佈局" + +#: ../data/greeter.ui.h:22 +msgid "English (US)" +msgstr "美式英文" + +#: ../data/greeter.ui.h:23 +msgid "Formats" +msgstr "格式" + +#: ../data/greeter.ui.h:24 +msgid "United States" +msgstr "美國" + +#: ../data/greeter.ui.h:25 +msgid "Time Zone" +msgstr "時區" + +#: ../data/greeter.ui.h:26 +msgid "UTC" +msgstr "UTC" + +#: ../data/greeter.ui.h:27 +msgid "Encrypted Persistent Storage" +msgstr "加密之永久性儲存裝置" + +#: ../data/greeter.ui.h:28 +msgid "Show Passphrase" +msgstr "顯示通關密語" + +#: ../data/greeter.ui.h:29 +msgid "Configure Persistent Storage" +msgstr "設定永久性儲存裝置" + +#: ../data/greeter.ui.h:30 +msgid "Enter your passphrase to unlock the persistent storage" +msgstr "請輸入密碼以便解鎖永久性儲存裝置" + +#: ../data/greeter.ui.h:31 ../tailsgreeter/gui.py:781 +#: ../tailsgreeter/gui.py:942 +msgid "Unlock" +msgstr "解鎖" + +#: ../data/greeter.ui.h:32 +msgid "Relock Persistent Storage" +msgstr "重新鎖定永久性儲存裝置" + +#: ../data/greeter.ui.h:33 ../tailsgreeter/gui.py:492 +msgid "Additional Settings" +msgstr "額外的設定" + +#: ../data/greeter.ui.h:34 +msgid "Save Additional Settings" +msgstr "儲存額外的設定" + +#: ../data/greeter.ui.h:35 +msgid "toolbutton" +msgstr "工具按鈕" + +#: ../data/greeter.ui.h:36 +msgid "Network Configuration" +msgstr "網路設定" + +#: ../data/greeter.ui.h:37 +msgid "" +"If your Internet connection is censored, filtered, or proxied you can " +"configure a Tor bridge or a local proxy. To work completely offline, you can" +" disable all networking." +msgstr "若您所使用的網路服務遭到監控或審查的話，可以設定使用洋蔥路由橋接器來連上網路。若想要離線作業請關閉所有網路連線功能。" + +#: ../data/greeter.ui.h:38 +msgid "Connect directly to the Tor network (default)" +msgstr "直接連上洋蔥路由網路(預設)" + +#: ../data/greeter.ui.h:39 +msgid "Configure a Tor bridge, firewall, or proxy settings" +msgstr "設定洋蔥路由橋接器、防火牆、代理路由器" + +#: ../data/greeter.ui.h:40 +msgid "Disable all networking" +msgstr "停用所有網路" + +#: ../data/greeter.ui.h:41 +msgid "" +"The default settings are safe in most situations. To add a custom setting, " +"press the \"+\" button below." +msgstr "在大多數的情況下，預設的設定值是很安全的。若您想要增加個人化的設定，請按下方的「+」按鈕。" + +#: ../data/greeter.ui.h:42 +msgid "Off (default)" +msgstr "關閉(預設)" + +#: ../data/greeter.ui.h:43 +msgid "On (default)" +msgstr "啟用(預設)" + +#: ../data/greeter.ui.h:44 +msgid "Network Connection" +msgstr "網路連線" + +#: ../data/greeter.ui.h:45 ../tailsgreeter/gui.py:894 +msgid "Direct (default)" +msgstr "直接(預設)" + +#: ../tailsgreeter/gui.py:436 +msgid "Shutdown" +msgstr "關閉" + +#: ../tailsgreeter/gui.py:442 +msgid "Start Tails" +msgstr "啟動 Tails" + +#: ../tailsgreeter/gui.py:501 +msgid "Cancel" +msgstr "取消" + +#: ../tailsgreeter/gui.py:505 +msgid "Add" +msgstr "新增" + +#: ../tailsgreeter/gui.py:511 +msgid "Back" +msgstr "返回" + +#: ../tailsgreeter/gui.py:627 +msgid "Unlocking…" +msgstr "解鎖中...." + +#: ../tailsgreeter/gui.py:653 +msgid "" +"You will configure the Tor bridge and local proxy later on after connecting " +"to a network." +msgstr "當您連接上網路之後，將會需要設定洋蔥路由橋接器與本地端代理伺服器。" + +#: ../tailsgreeter/gui.py:698 +msgid "On" +msgstr "啟動" + +#: ../tailsgreeter/gui.py:700 +msgid "Off" +msgstr "關閉" + +#: ../tailsgreeter/gui.py:702 +#, python-brace-format +msgid "{on_or_off} (default)" +msgstr "{on_or_off} (預設)" + +#: ../tailsgreeter/gui.py:759 +msgid "You would be able to set up an encrypted storage." +msgstr "您可以設定一個加密的儲存裝置。" + +#: ../tailsgreeter/gui.py:783 +msgid "Failed to relock persistent storage." +msgstr "永久性儲存裝置重新鎖定失敗。" + +#: ../tailsgreeter/gui.py:900 +msgid "Bridge & Proxy" +msgstr "橋接器與代理伺服器" + +#: ../tailsgreeter/gui.py:906 +msgid "Offline" +msgstr "離線" + +#: ../tailsgreeter/gui.py:945 +msgid "Cannot unlock encrypted storage with this passphrase." +msgstr "此通關密語無法解鎖加密的儲存裝置。" + +#: ../tailsgreeter/persistence.py:94 +#, python-brace-format +msgid "" +"live-persist failed with return code {returncode}:\n" +"{stderr}" +msgstr "" +"live-persist failed with return code {returncode}:\n" +"{stderr}" + +#: ../tailsgreeter/persistence.py:136 ../tailsgreeter/persistence.py:161 +#: ../tailsgreeter/persistence.py:185 +#, python-brace-format +msgid "" +"cryptsetup failed with return code {returncode}:\n" +"{stdout}\n" +"{stderr}" +msgstr "" +"加密設定失敗，錯誤代碼： {returncode}:\n" +"{stdout}\n" +"{stderr}" + +#: ../tailsgreeter/persistence.py:205 +#, python-brace-format +msgid "" +"umount failed with return code {returncode}:\n" +"{stdout}\n" +"{stderr}" +msgstr "" +"卸載失敗，錯誤代碼： {returncode}:\n" +"{stdout}\n" +"{stderr}"

1 0

[translation/tails-greeter-2] Update translations for tails-greeter-2
by translation＠torproject.org 26 Nov '16

26 Nov '16

commit 1e5100acb94f2465c5ffc1a7ef6dc70962dcb499 Author: Translation commit bot <translation(a)torproject.org> Date: Sat Nov 26 06:48:16 2016 +0000 Update translations for tails-greeter-2 --- zh_TW/zh_TW.po | 90 ++++++++++++++++++++++++++++++++-------------------------- 1 file changed, 49 insertions(+), 41 deletions(-) diff --git a/zh_TW/zh_TW.po b/zh_TW/zh_TW.po index 815ac51..24b691d 100644 --- a/zh_TW/zh_TW.po +++ b/zh_TW/zh_TW.po @@ -27,7 +27,7 @@ msgid "" "Set up an administration password if you need to perform administrative " "tasks. Otherwise, the administration password is disabled for better " "security." -msgstr "除非您需要執行某些非管理員權限不可的工作，才需要設定系統管理員密碼，否則請關閉此功能以提高系統安全性。" +msgstr "除非您需要執行某些非管理員權限不可的工作，才會需要設定系統管理員密碼，否則請關閉此功能以提高系統安全性。" #: ../data/greeter.ui.h:3 msgid "Enter an administration password" @@ -78,28 +78,28 @@ msgstr "偽裝所有的網路卡實體位址(預設)" #: ../data/greeter.ui.h:13 msgid "Don't spoof MAC addresses" -msgstr "" +msgstr "不要偽裝網路卡實體位址" #: ../data/greeter.ui.h:14 msgid "Welcome to Tails!" -msgstr "" +msgstr "歡迎使用 Tails！" #: ../data/greeter.ui.h:15 msgid "" "To get guided through Tails' settings, click on Take a Tour above" -msgstr "" +msgstr "若要針對 Tails 的設定進行導覽，請點選功能導覽" #: ../data/greeter.ui.h:16 msgid "Language & Region" -msgstr "" +msgstr "語言和區域" #: ../data/greeter.ui.h:17 msgid "Default Settings" -msgstr "" +msgstr "預設值" #: ../data/greeter.ui.h:18 msgid "Save Language & Region Settings" -msgstr "" +msgstr "儲存語言與區域的設定值" #: ../data/greeter.ui.h:19 msgid "Language" @@ -107,19 +107,19 @@ msgstr "語言" #: ../data/greeter.ui.h:20 msgid "English" -msgstr "" +msgstr "英文" #: ../data/greeter.ui.h:21 msgid "Keyboard Layout" -msgstr "" +msgstr "鍵盤佈局" #: ../data/greeter.ui.h:22 msgid "English (US)" -msgstr "" +msgstr "美式英文" #: ../data/greeter.ui.h:23 msgid "Formats" -msgstr "" +msgstr "格式" #: ../data/greeter.ui.h:24 msgid "United States" @@ -127,67 +127,67 @@ msgstr "美國" #: ../data/greeter.ui.h:25 msgid "Time Zone" -msgstr "" +msgstr "時區" #: ../data/greeter.ui.h:26 msgid "UTC" -msgstr "" +msgstr "UTC" #: ../data/greeter.ui.h:27 msgid "Encrypted Persistent Storage" -msgstr "" +msgstr "加密之永久性儲存裝置" #: ../data/greeter.ui.h:28 msgid "Show Passphrase" -msgstr "" +msgstr "顯示通關密語" #: ../data/greeter.ui.h:29 msgid "Configure Persistent Storage" -msgstr "" +msgstr "設定永久性儲存裝置" #: ../data/greeter.ui.h:30 msgid "Enter your passphrase to unlock the persistent storage" -msgstr "" +msgstr "請輸入密碼以便解鎖永久性儲存裝置" #: ../data/greeter.ui.h:31 ../tailsgreeter/gui.py:781 #: ../tailsgreeter/gui.py:942 msgid "Unlock" -msgstr "" +msgstr "解鎖" #: ../data/greeter.ui.h:32 msgid "Relock Persistent Storage" -msgstr "" +msgstr "重新鎖定永久性儲存裝置" #: ../data/greeter.ui.h:33 ../tailsgreeter/gui.py:492 msgid "Additional Settings" -msgstr "" +msgstr "額外的設定" #: ../data/greeter.ui.h:34 msgid "Save Additional Settings" -msgstr "" +msgstr "儲存額外的設定" #: ../data/greeter.ui.h:35 msgid "toolbutton" -msgstr "" +msgstr "工具按鈕" #: ../data/greeter.ui.h:36 msgid "Network Configuration" -msgstr "" +msgstr "網路設定" #: ../data/greeter.ui.h:37 msgid "" "If your Internet connection is censored, filtered, or proxied you can " "configure a Tor bridge or a local proxy. To work completely offline, you can" " disable all networking." -msgstr "" +msgstr "若您所使用的網路服務遭到監控或審查的話，可以設定使用洋蔥路由橋接器來連上網路。若想要離線作業請關閉所有網路連線功能。" #: ../data/greeter.ui.h:38 msgid "Connect directly to the Tor network (default)" -msgstr "" +msgstr "直接連上洋蔥路由網路(預設)" #: ../data/greeter.ui.h:39 msgid "Configure a Tor bridge, firewall, or proxy settings" -msgstr "" +msgstr "設定洋蔥路由橋接器、防火牆、代理路由器" #: ../data/greeter.ui.h:40 msgid "Disable all networking" @@ -197,23 +197,23 @@ msgstr "停用所有網路" msgid "" "The default settings are safe in most situations. To add a custom setting, " "press the \"+\" button below." -msgstr "" +msgstr "在大多數的情況下，預設的設定值是很安全的。若您想要增加個人化的設定，請按下方的「+」按鈕。" #: ../data/greeter.ui.h:42 msgid "Off (default)" -msgstr "" +msgstr "關閉(預設)" #: ../data/greeter.ui.h:43 msgid "On (default)" -msgstr "" +msgstr "啟用(預設)" #: ../data/greeter.ui.h:44 msgid "Network Connection" -msgstr "" +msgstr "網路連線" #: ../data/greeter.ui.h:45 ../tailsgreeter/gui.py:894 msgid "Direct (default)" -msgstr "" +msgstr "直接(預設)" #: ../tailsgreeter/gui.py:436 msgid "Shutdown" @@ -221,7 +221,7 @@ msgstr "關閉" #: ../tailsgreeter/gui.py:442 msgid "Start Tails" -msgstr "" +msgstr "啟動 Tails" #: ../tailsgreeter/gui.py:501 msgid "Cancel" @@ -237,38 +237,38 @@ msgstr "返回" #: ../tailsgreeter/gui.py:627 msgid "Unlocking…" -msgstr "" +msgstr "解鎖中...." #: ../tailsgreeter/gui.py:653 msgid "" "You will configure the Tor bridge and local proxy later on after connecting " "to a network." -msgstr "" +msgstr "當您連接上網路之後，將會需要設定洋蔥路由橋接器與本地端代理伺服器。" #: ../tailsgreeter/gui.py:698 msgid "On" -msgstr "" +msgstr "啟動" #: ../tailsgreeter/gui.py:700 msgid "Off" -msgstr "" +msgstr "關閉" #: ../tailsgreeter/gui.py:702 #, python-brace-format msgid "{on_or_off} (default)" -msgstr "" +msgstr "{on_or_off} (預設)" #: ../tailsgreeter/gui.py:759 msgid "You would be able to set up an encrypted storage." -msgstr "" +msgstr "您可以設定一個加密的儲存裝置。" #: ../tailsgreeter/gui.py:783 msgid "Failed to relock persistent storage." -msgstr "" +msgstr "永久性儲存裝置重新鎖定失敗。" #: ../tailsgreeter/gui.py:900 msgid "Bridge & Proxy" -msgstr "" +msgstr "橋接器與代理伺服器" #: ../tailsgreeter/gui.py:906 msgid "Offline" @@ -276,7 +276,7 @@ msgstr "離線" #: ../tailsgreeter/gui.py:945 msgid "Cannot unlock encrypted storage with this passphrase." -msgstr "" +msgstr "此通關密語無法解鎖加密的儲存裝置。" #: ../tailsgreeter/persistence.py:94 #, python-brace-format @@ -284,6 +284,8 @@ msgid "" "live-persist failed with return code {returncode}:\n" "{stderr}" msgstr "" +"live-persist failed with return code {returncode}:\n" +"{stderr}" #: ../tailsgreeter/persistence.py:136 ../tailsgreeter/persistence.py:161 #: ../tailsgreeter/persistence.py:185 @@ -293,6 +295,9 @@ msgid "" "{stdout}\n" "{stderr}" msgstr "" +"加密設定失敗，錯誤代碼： {returncode}:\n" +"{stdout}\n" +"{stderr}" #: ../tailsgreeter/persistence.py:205 #, python-brace-format @@ -301,3 +306,6 @@ msgid "" "{stdout}\n" "{stderr}" msgstr "" +"卸載失敗，錯誤代碼： {returncode}:\n" +"{stdout}\n" +"{stderr}"

1 0

[translation/tails-iuk_completed] Update translations for tails-iuk_completed
by translation＠torproject.org 26 Nov '16

26 Nov '16

commit bb6e9bd29f7167b94bd38c3b55391d0f922344db Author: Translation commit bot <translation(a)torproject.org> Date: Sat Nov 26 06:46:47 2016 +0000 Update translations for tails-iuk_completed --- zh_TW.po | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/zh_TW.po b/zh_TW.po index db65c36..2871001 100644 --- a/zh_TW.po +++ b/zh_TW.po @@ -3,6 +3,7 @@ # This file is distributed under the same license as the PACKAGE package. # # Translators: +# Agustín Wu <losangwuyts(a)gmail.com>, 2016 # danfong <danfong.hsieh(a)gmail.com>, 2014 # 大圈洋蔥, 2016 # Quence Lin <qqq89513(a)yahoo.com.tw>, 2016 @@ -14,8 +15,8 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: Tails developers <tails(a)boum.org>\n" "POT-Creation-Date: 2016-05-25 16:55+0200\n" -"PO-Revision-Date: 2016-06-10 07:09+0000\n" -"Last-Translator: Quence Lin <qqq89513(a)yahoo.com.tw>\n" +"PO-Revision-Date: 2016-11-26 06:38+0000\n" +"Last-Translator: Agustín Wu <losangwuyts(a)gmail.com>\n" "Language-Team: Chinese (Taiwan) (http://www.transifex.com/otf/torproject/language/zh_TW/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -41,7 +42,7 @@ msgid "" "Check your network connection, and restart Tails to try upgrading again.\n" "\n" "If the problem persists, go to file:///usr/share/doc/tails/website/doc/upgrade/error/check.en.html" -msgstr "無法從我們的網頁確認是否有升級可用。\n\n請檢查您的網路連線，然後將 Tails 重新啟動後再次嘗試升級。\n\n如果問題仍然存在，請前往 file:///usr/share/doc/tails/website/doc/upgrade/error/check.en.html" +msgstr "無法從我們的網站確認是否有更新。\n\n請檢查您的網路連線，然後將 Tails 重新啟動後再次嘗試更新。\n\n如果問題仍然存在，請前往 file:///usr/share/doc/tails/website/doc/upgrade/error/check.en.html" #: ../lib/Tails/IUK/Frontend.pm:235 msgid "no automatic upgrade is available from our website for this version"

1 0

[translation/tails-iuk] Update translations for tails-iuk
by translation＠torproject.org 26 Nov '16

26 Nov '16

commit fa4d04d57e7dd3873a7f3af44b12b5cc5721746c Author: Translation commit bot <translation(a)torproject.org> Date: Sat Nov 26 06:46:42 2016 +0000 Update translations for tails-iuk --- zh_TW.po | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/zh_TW.po b/zh_TW.po index db65c36..2871001 100644 --- a/zh_TW.po +++ b/zh_TW.po @@ -3,6 +3,7 @@ # This file is distributed under the same license as the PACKAGE package. # # Translators: +# Agustín Wu <losangwuyts(a)gmail.com>, 2016 # danfong <danfong.hsieh(a)gmail.com>, 2014 # 大圈洋蔥, 2016 # Quence Lin <qqq89513(a)yahoo.com.tw>, 2016 @@ -14,8 +15,8 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: Tails developers <tails(a)boum.org>\n" "POT-Creation-Date: 2016-05-25 16:55+0200\n" -"PO-Revision-Date: 2016-06-10 07:09+0000\n" -"Last-Translator: Quence Lin <qqq89513(a)yahoo.com.tw>\n" +"PO-Revision-Date: 2016-11-26 06:38+0000\n" +"Last-Translator: Agustín Wu <losangwuyts(a)gmail.com>\n" "Language-Team: Chinese (Taiwan) (http://www.transifex.com/otf/torproject/language/zh_TW/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -41,7 +42,7 @@ msgid "" "Check your network connection, and restart Tails to try upgrading again.\n" "\n" "If the problem persists, go to file:///usr/share/doc/tails/website/doc/upgrade/error/check.en.html" -msgstr "無法從我們的網頁確認是否有升級可用。\n\n請檢查您的網路連線，然後將 Tails 重新啟動後再次嘗試升級。\n\n如果問題仍然存在，請前往 file:///usr/share/doc/tails/website/doc/upgrade/error/check.en.html" +msgstr "無法從我們的網站確認是否有更新。\n\n請檢查您的網路連線，然後將 Tails 重新啟動後再次嘗試更新。\n\n如果問題仍然存在，請前往 file:///usr/share/doc/tails/website/doc/upgrade/error/check.en.html" #: ../lib/Tails/IUK/Frontend.pm:235 msgid "no automatic upgrade is available from our website for this version"

1 0

[translation/whisperback_completed] Update translations for whisperback_completed
by translation＠torproject.org 26 Nov '16

26 Nov '16

commit 1aa1a25faf130e83e4ae9b7e36a8b1e87cc7cb77 Author: Translation commit bot <translation(a)torproject.org> Date: Sat Nov 26 06:45:19 2016 +0000 Update translations for whisperback_completed --- zh_TW/zh_TW.po | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/zh_TW/zh_TW.po b/zh_TW/zh_TW.po index c8121cc..bcbb81b 100644 --- a/zh_TW/zh_TW.po +++ b/zh_TW/zh_TW.po @@ -3,6 +3,7 @@ # This file is distributed under the same license as the PACKAGE package. # # Translators: +# Agustín Wu <losangwuyts(a)gmail.com>, 2016 # danfong <danfong.hsieh(a)gmail.com>, 2014 # x4r <xatierlike(a)gmail.com>, 2014 msgid "" @@ -10,8 +11,8 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2015-12-16 19:54+0100\n" -"PO-Revision-Date: 2016-03-21 16:28+0000\n" -"Last-Translator: danfong <danfong.hsieh(a)gmail.com>\n" +"PO-Revision-Date: 2016-11-26 06:39+0000\n" +"Last-Translator: Agustín Wu <losangwuyts(a)gmail.com>\n" "Language-Team: Chinese (Taiwan) (http://www.transifex.com/otf/torproject/language/zh_TW/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -39,7 +40,7 @@ msgstr "不正確的聯絡 OpenPGP 公開金鑰塊" msgid "" "The %s variable was not found in any of the configuration files " "/etc/whisperback/config.py, ~/.whisperback/config.py, ./config.py" -msgstr "%s 變數無法在以下任何設定檔中被找到 /etc/whisperback/config.py, ~/.whisperback/config.py, ./config.py" +msgstr "在下列設定檔中找不到 %s 變數： /etc/whisperback/config.py、 ~/.whisperback/config.py、./config.py" #: ../whisperBack/gui.py:148 msgid "Unable to load a valid configuration."

1 0

[translation/whisperback] Update translations for whisperback
by translation＠torproject.org 26 Nov '16

26 Nov '16

commit 6340ac21b23655b2a5fdd8dc5ee66483f70c1210 Author: Translation commit bot <translation(a)torproject.org> Date: Sat Nov 26 06:45:14 2016 +0000 Update translations for whisperback --- zh_TW/zh_TW.po | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/zh_TW/zh_TW.po b/zh_TW/zh_TW.po index c8121cc..bcbb81b 100644 --- a/zh_TW/zh_TW.po +++ b/zh_TW/zh_TW.po @@ -3,6 +3,7 @@ # This file is distributed under the same license as the PACKAGE package. # # Translators: +# Agustín Wu <losangwuyts(a)gmail.com>, 2016 # danfong <danfong.hsieh(a)gmail.com>, 2014 # x4r <xatierlike(a)gmail.com>, 2014 msgid "" @@ -10,8 +11,8 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2015-12-16 19:54+0100\n" -"PO-Revision-Date: 2016-03-21 16:28+0000\n" -"Last-Translator: danfong <danfong.hsieh(a)gmail.com>\n" +"PO-Revision-Date: 2016-11-26 06:39+0000\n" +"Last-Translator: Agustín Wu <losangwuyts(a)gmail.com>\n" "Language-Team: Chinese (Taiwan) (http://www.transifex.com/otf/torproject/language/zh_TW/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -39,7 +40,7 @@ msgstr "不正確的聯絡 OpenPGP 公開金鑰塊" msgid "" "The %s variable was not found in any of the configuration files " "/etc/whisperback/config.py, ~/.whisperback/config.py, ./config.py" -msgstr "%s 變數無法在以下任何設定檔中被找到 /etc/whisperback/config.py, ~/.whisperback/config.py, ./config.py" +msgstr "在下列設定檔中找不到 %s 變數： /etc/whisperback/config.py、 ~/.whisperback/config.py、./config.py" #: ../whisperBack/gui.py:148 msgid "Unable to load a valid configuration."

1 0

[translation/tails-greeter-2] Update translations for tails-greeter-2
by translation＠torproject.org 26 Nov '16

26 Nov '16

commit 79919a68785fee1513eca696198fd782fbe6945a Author: Translation commit bot <translation(a)torproject.org> Date: Sat Nov 26 06:18:16 2016 +0000 Update translations for tails-greeter-2 --- zh_TW/zh_TW.po | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/zh_TW/zh_TW.po b/zh_TW/zh_TW.po index 133fe3d..815ac51 100644 --- a/zh_TW/zh_TW.po +++ b/zh_TW/zh_TW.po @@ -10,7 +10,7 @@ msgstr "" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2016-11-18 00:07+0000\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" -"Last-Translator: Quence Lin <qqq89513(a)yahoo.com.tw>, 2016\n" +"Last-Translator: Agustín Wu <losangwuyts(a)gmail.com>, 2016\n" "Language-Team: Chinese (Taiwan) (https://www.transifex.com/otf/teams/1519/zh_TW/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -20,30 +20,30 @@ msgstr "" #: ../data/greeter.ui.h:1 msgid "Administration Password" -msgstr "" +msgstr "系統管理員密碼" #: ../data/greeter.ui.h:2 msgid "" "Set up an administration password if you need to perform administrative " "tasks. Otherwise, the administration password is disabled for better " "security." -msgstr "" +msgstr "除非您需要執行某些非管理員權限不可的工作，才需要設定系統管理員密碼，否則請關閉此功能以提高系統安全性。" #: ../data/greeter.ui.h:3 msgid "Enter an administration password" -msgstr "" +msgstr "請輸入系統管理員密碼" #: ../data/greeter.ui.h:4 msgid "Confirm" -msgstr "" +msgstr "確認" #: ../data/greeter.ui.h:5 msgid "Confirm your administration password" -msgstr "" +msgstr "確認您的系統管理員密碼" #: ../data/greeter.ui.h:6 msgid "Disable" -msgstr "" +msgstr "關閉" #: ../data/greeter.ui.h:7 msgid "Windows Camouflage" @@ -53,15 +53,15 @@ msgstr "偽裝成Windows" msgid "" "This option makes Tails look like Microsoft Windows 10. This can be useful " "to avoid attracting suspiction in public places." -msgstr "" +msgstr "此功能可以將 Tails 的外觀偽裝成微軟的 Windows 10，以便當您在公眾場所使用電腦時，可以避免引起旁人的注意。" #: ../data/greeter.ui.h:9 msgid "Microsoft Windows 10 camouflage" -msgstr "" +msgstr "微軟 Windows 10 偽裝" #: ../data/greeter.ui.h:10 msgid "MAC Address Spoofing" -msgstr "" +msgstr "網路卡實體位址偽裝" #: ../data/greeter.ui.h:11 msgid "" @@ -70,10 +70,11 @@ msgid "" " as it helps you hide your geographical location. But it might also create " "connectivity problems or look suspicious." msgstr "" +"每張網路卡都有一個獨一無二的實體位址，偽裝此位址可以避免本地端的網路(無論是有線或無線)得知您真實的網路卡實體位址，進而掩飾您實際的所在地。但是在某些情況中，可能會造成網路連線的問題，或是增加可疑性。" #: ../data/greeter.ui.h:12 msgid "Spoof all MAC addresses (default)" -msgstr "" +msgstr "偽裝所有的網路卡實體位址(預設)" #: ../data/greeter.ui.h:13 msgid "Don't spoof MAC addresses"

1 0