1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
|
# SOME DESCRIPTIVE TITLE.
# Copyright (C) Micah Lee, et al.
# This file is distributed under the same license as the OnionShare package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: OnionShare 2.5\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2022-01-17 10:28-0800\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
#: ../../source/features.rst:4
msgid "How OnionShare Works"
msgstr ""
#: ../../source/features.rst:6
msgid "Web servers are started locally on your computer and made accessible to other people as `Tor <https://www.torproject.org/>`_ `onion services <https://community.torproject.org/onion-services/>`_."
msgstr ""
#: ../../source/features.rst:8
msgid "By default, OnionShare web addresses are protected with a private key."
msgstr ""
#: ../../source/features.rst:10
msgid "OnionShare addresses look something like this::"
msgstr ""
#: ../../source/features.rst:14
msgid "And private keys might look something like this::"
msgstr ""
#: ../../source/features.rst:18
msgid "You're responsible for securely sharing that URL and private key using a communication channel of your choice like in an encrypted chat message, or using something less secure like unencrypted email, depending on your `threat model <https://ssd.eff.org/module/your-security-plan>`_."
msgstr ""
#: ../../source/features.rst:20
msgid "The people you send the URL to then copy and paste it into their `Tor Browser <https://www.torproject.org/>`_ to access the OnionShare service. Tor Browser will then prompt for the private key, which the people can also then copy and paste in."
msgstr ""
#: ../../source/features.rst:24
msgid "If you run OnionShare on your laptop to send someone files, and then suspend it before the files are sent, the service will not be available until your laptop is unsuspended and on the internet again. OnionShare works best when working with people in real-time."
msgstr ""
#: ../../source/features.rst:26
msgid "Because your own computer is the web server, *no third party can access anything that happens in OnionShare*, not even the developers of OnionShare. It's completely private. And because OnionShare is based on Tor onion services too, it also protects your anonymity. See the :doc:`security design </security>` for more info."
msgstr ""
#: ../../source/features.rst:29
msgid "Share Files"
msgstr ""
#: ../../source/features.rst:31
msgid "You can use OnionShare to send files and folders to people securely and anonymously. Open a share tab, drag in the files and folders you wish to share, and click \"Start sharing\"."
msgstr ""
#: ../../source/features.rst:35
#: ../../source/features.rst:112
msgid "After you add files, you'll see some settings. Make sure you choose the setting you're interested in before you start sharing."
msgstr ""
#: ../../source/features.rst:39
msgid "As soon as someone finishes downloading your files, OnionShare will automatically stop the server, removing the website from the internet. To allow multiple people to download them, uncheck the \"Stop sharing after files have been sent (uncheck to allow downloading individual files)\" box."
msgstr ""
#: ../../source/features.rst:42
msgid "Also, if you uncheck this box, people will be able to download the individual files you share rather than a single compressed version of all the files."
msgstr ""
#: ../../source/features.rst:44
msgid "When you're ready to share, click the \"Start sharing\" button. You can always click \"Stop sharing\", or quit OnionShare, immediately taking the website down. You can also click the \"↑\" icon in the top-right corner to show the history and progress of people downloading files from you."
msgstr ""
#: ../../source/features.rst:48
msgid "Now that you have a OnionShare, copy the address and the private key and send it to the person you want to receive the files. If the files need to stay secure, or the person is otherwise exposed to danger, use an encrypted messaging app."
msgstr ""
#: ../../source/features.rst:50
msgid "That person then must load the address in Tor Browser. After logging in with the private key, the files can be downloaded directly from your computer by clicking the \"Download Files\" link in the corner."
msgstr ""
#: ../../source/features.rst:55
msgid "Receive Files and Messages"
msgstr ""
#: ../../source/features.rst:57
msgid "You can use OnionShare to let people anonymously submit files and messages directly to your computer, essentially turning it into an anonymous dropbox. Open a receive tab and choose the settings that you want."
msgstr ""
#: ../../source/features.rst:62
msgid "You can browse for a folder to save messages and files that get submitted."
msgstr ""
#: ../../source/features.rst:64
msgid "You can check \"Disable submitting text\" if want to only allow file uploads, and you can check \"Disable uploading files\" if you want to only allow submitting text messages, like for an anonymous contact form."
msgstr ""
#: ../../source/features.rst:66
msgid "You can check \"Use notification webhook\" and then choose a webhook URL if you want to be notified when someone submits files or messages to your OnionShare service. If you use this feature, OnionShare will make an HTTP POST request to this URL whenever someone submits files or messages. For example, if you want to get an encrypted text messaging on the messaging app `Keybase <https://keybase.io/>`_, you can start a conversation with `@webhookbot <https://keybase.io/webhookbot>`_, type ``!webhook create onionshare-alerts``, and it will respond with a URL. Use that as the notification webhook URL. If someone uploads a file to your receive mode service, @webhookbot will send you a message on Keybase letting you know as soon as it happens."
msgstr ""
#: ../../source/features.rst:71
msgid "When you are ready, click \"Start Receive Mode\". This starts the OnionShare service. Anyone loading this address in their Tor Browser will be able to submit files and messages which get uploaded to your computer."
msgstr ""
#: ../../source/features.rst:75
msgid "You can also click the down \"↓\" icon in the top-right corner to show the history and progress of people sending files to you."
msgstr ""
#: ../../source/features.rst:77
msgid "Here is what it looks like for someone sending you files and messages."
msgstr ""
#: ../../source/features.rst:81
msgid "When someone submits files or messages to your receive service, by default they get saved to a folder called ``OnionShare`` in the home folder on your computer, automatically organized into separate subfolders based on the time that the files get uploaded."
msgstr ""
#: ../../source/features.rst:83
msgid "Setting up an OnionShare receiving service is useful for journalists and others needing to securely accept documents from anonymous sources. When used in this way, OnionShare is sort of like a lightweight, simpler, not quite as secure version of `SecureDrop <https://securedrop.org/>`_, the whistleblower submission system."
msgstr ""
#: ../../source/features.rst:86
msgid "Use at your own risk"
msgstr ""
#: ../../source/features.rst:88
msgid "Just like with malicious email attachments, it's possible someone could try to attack your computer by uploading a malicious file to your OnionShare service. OnionShare does not add any safety mechanisms to protect your system from malicious files."
msgstr ""
#: ../../source/features.rst:90
msgid "If you receive an Office document or a PDF through OnionShare, you can convert these documents into PDFs that are safe to open using `Dangerzone <https://dangerzone.rocks/>`_. You can also protect yourself when opening untrusted documents by opening them in `Tails <https://tails.boum.org/>`_ or in a `Qubes <https://qubes-os.org/>`_ disposableVM."
msgstr ""
#: ../../source/features.rst:92
msgid "However, it is always safe to open text messages sent through OnionShare."
msgstr ""
#: ../../source/features.rst:95
msgid "Tips for running a receive service"
msgstr ""
#: ../../source/features.rst:97
msgid "If you want to host your own anonymous dropbox using OnionShare, it's recommended you do so on a separate, dedicated computer always powered on and connected to the internet, and not on the one you use on a regular basis."
msgstr ""
#: ../../source/features.rst:99
msgid "If you intend to put the OnionShare address on your website or social media profiles, save the tab (see :ref:`save_tabs`) and run it as a public service (see :ref:`turn_off_private_key`). It's also a good idea to give it a custom title (see :ref:`custom_titles`)."
msgstr ""
#: ../../source/features.rst:102
msgid "Host a Website"
msgstr ""
#: ../../source/features.rst:104
msgid "To host a static HTML website with OnionShare, open a website tab, drag the files and folders that make up the static content there, and click \"Start sharing\" when you are ready."
msgstr ""
#: ../../source/features.rst:108
msgid "If you add an ``index.html`` file, it will render when someone loads your website. You should also include any other HTML files, CSS files, JavaScript files, and images that make up the website. (Note that OnionShare only supports hosting *static* websites. It can't host websites that execute code or use databases. So you can't for example use WordPress.)"
msgstr ""
#: ../../source/features.rst:110
msgid "If you don't have an ``index.html`` file, it will show a directory listing instead, and people loading it can look through the files and download them."
msgstr ""
#: ../../source/features.rst:117
msgid "Content Security Policy"
msgstr ""
#: ../../source/features.rst:119
msgid "By default OnionShare helps secure your website by setting a strict `Content Security Policy <https://en.wikipedia.org/wiki/Content_Security_Policy>`_ header. However, this prevents third-party content from loading inside the web page."
msgstr ""
#: ../../source/features.rst:121
msgid "If you want to load content from third-party websites, like assets or JavaScript libraries from CDNs, you have two options:"
msgstr ""
#: ../../source/features.rst:123
msgid "You can disable sending a Content Security Policy header by checking the \"Don't send Content Security Policy header (allows your website to use third-party resources)\" box before starting the service."
msgstr ""
#: ../../source/features.rst:124
msgid "You can send a custom Content Security Policy header."
msgstr ""
#: ../../source/features.rst:127
msgid "Tips for running a website service"
msgstr ""
#: ../../source/features.rst:129
msgid "If you want to host a long-term website using OnionShare (meaning not just to quickly show someone something), it's recommended you do it on a separate, dedicated computer that is always powered on and connected to the internet, and not on the one you use on a regular basis. Save the tab (see :ref:`save_tabs`) so you can resume the website with the same address if you close OnionShare and re-open it later."
msgstr ""
#: ../../source/features.rst:132
msgid "If your website is intended for the public, you should run it as a public service (see :ref:`turn_off_private_key`)."
msgstr ""
#: ../../source/features.rst:135
msgid "Chat Anonymously"
msgstr ""
#: ../../source/features.rst:137
msgid "You can use OnionShare to set up a private, secure chat room that doesn't log anything. Just open a chat tab and click \"Start chat server\"."
msgstr ""
#: ../../source/features.rst:141
msgid "After you start the server, copy the OnionShare address and private key and send them to the people you want in the anonymous chat room. If it's important to limit exactly who can join, use an encrypted messaging app to send out the OnionShare address and private key."
msgstr ""
#: ../../source/features.rst:146
msgid "People can join the chat room by loading its OnionShare address in Tor Browser. The chat room requires JavasScript, so everyone who wants to participate must have their Tor Browser security level set to \"Standard\" or \"Safer\", instead of \"Safest\"."
msgstr ""
#: ../../source/features.rst:149
msgid "When someone joins the chat room they get assigned a random name. They can change their name by typing a new name in the box in the left panel and pressing ↵. Since the chat history isn't saved anywhere, it doesn't get displayed at all, even if others were already chatting in the room."
msgstr ""
#: ../../source/features.rst:155
msgid "In an OnionShare chat room, everyone is anonymous. Anyone can change their name to anything, and there is no way to confirm anyone's identity."
msgstr ""
#: ../../source/features.rst:158
msgid "However, if you create an OnionShare chat room and securely send the address only to a small group of trusted friends using encrypted messages, you can be reasonably confident the people joining the chat room are your friends."
msgstr ""
#: ../../source/features.rst:161
msgid "How is this useful?"
msgstr ""
#: ../../source/features.rst:163
msgid "If you need to already be using an encrypted messaging app, what's the point of an OnionShare chat room to begin with? It leaves less traces."
msgstr ""
#: ../../source/features.rst:165
msgid "If you for example send a message to a Signal group, a copy of your message ends up on each device (the smartphones, and computers if they set up Signal Desktop) of each member of the group. Even if disappearing messages is turned on, it's hard to confirm all copies of the messages are actually deleted from all devices, and from any other places (like notifications databases) they may have been saved to. OnionShare chat rooms don't store any messages anywhere, so the problem is reduced to a minimum."
msgstr ""
#: ../../source/features.rst:168
msgid "OnionShare chat rooms can also be useful for people wanting to chat anonymously and securely with someone without needing to create any accounts. For example, a source can send an OnionShare address to a journalist using a disposable email address, and then wait for the journalist to join the chat room, all without compromosing their anonymity."
msgstr ""
#: ../../source/features.rst:172
msgid "How does the encryption work?"
msgstr ""
#: ../../source/features.rst:174
msgid "Because OnionShare relies on Tor onion services, connections between the Tor Browser and OnionShare are all end-to-end encrypted (E2EE). When someone posts a message to an OnionShare chat room, they send it to the server through the E2EE onion connection, which then sends it to all other members of the chat room using WebSockets, through their E2EE onion connections."
msgstr ""
#: ../../source/features.rst:176
msgid "OnionShare doesn't implement any chat encryption on its own. It relies on the Tor onion service's encryption instead."
msgstr ""
|
