Gibberfish, Inc./Gibberfish User Documentation
-
Every user must understand your group’s Threat Model and consistently use the same security practices.
Every user must understand your group’s Threat Model and consistently use the same security practices.
Każdy użytkownik powinien rozumieć Model Zagrożenia danej grupy i konsekwentnie używać tych samych praktyk zabezpieczających. -
For more information on Threat Models, please refer to this excellent primer produced by the EFF.
For more information on Threat Models, please refer to this excellent primer produced by the EFF.
By uzyskać więcej indormacji na temat Modeli Zagrożeń prosimy odwołać się do doskonałego elementarza wydanego przez EFF. -
When you first log in, your chat roster on the right side of the screen will be empty. From the menu at the bottom you can Add Contact. Just start typing and it will automatically search for existing users on the server, or you can type in the XMPP address of external users.
When you first log in, your chat roster on the right side of the screen will be empty. From the menu at the bottom you can Add Contact. Just start typing and it will automatically search for existing users on the server, or you can type in the XMPP address of external users.
Po pierwszym zalogowaniu harmonogram rozmów znajdujący się po prawej stronie ekranu będzie pusty. Z menu znajdującego się u dołu ekranu należy kliknąć Add Contact. Rozpoczęcie wpisywania automatycznie wyszuka użytkowników instniejących na serwerze. Można też wpisać adres XMPP zewnętrznych użytkowników. -
To stay connected when you’re not logged in to Gibberfish, you can also connect to the server directly using an XMPP-compatible client such as Adium, Pidgin, or one of many mobile apps.
To stay connected when you’re not logged in to Gibberfish, you can also connect to the server directly using an XMPP-compatible client such as Adium, Pidgin, or one of many mobile apps.
By pozostać w stałym kontakcie kiedy nie jest się zalogowanym do Gibberfish można również połączyć się z serwerem bezpośrednio z pomocą kompatybilnych klientów XMPP takich jak Adium, Pidgin lub jednej z wielu aplikacji mobilnych. -
The chat server is also reachable as a Tor “onion service” on port 5222. Ask your administrator for your server’s Tor address.
The chat server is also reachable as a Tor “onion service” on port 5222. Ask your administrator for your server’s Tor address.
Serwer rozmów jest również osiągalny poprzez Tor "onion service" w porcie 5222. Adres twojego serwera Tor można uzyskać od administratora. -
However, when chatting with users outside your server, you have no guarantee of privacy unless you and your contacts use an end-to-end encryption plugin such as “OTR”. Most chat clients support end-to-end encryption, and have guides to help you understand and enable it.
However, when chatting with users outside your server, you have no guarantee of privacy unless you and your contacts use an end-to-end encryption plugin such as “OTR”. Most chat clients support end-to-end encryption, and have guides to help you understand and enable it.
Niemniej jednak, podczas rozmowy z innymi użytkownikami poza serwerem nie ma gwarancji prywatności, chyba że obie strony używają wtyczki szyfrowania na całej drodze przesyłu danych takiej jak "OTR". Większość klientów rozmów obsługuje szyfrowanie na całej drodze przesyłu danych oraz posiada poradniki, kóre za zadanie mają wytłumaczenie działania i pomoc w uaktywnieniu takiego szyfrowania. -
It is difficult, but possible, for your data to be intercepted by resourceful adversaries while in transit. For this reason we do not recommend syncing your data without carefully considering your Threat Model and your security practices.
It is difficult, but possible, for your data to be intercepted by resourceful adversaries while in transit. For this reason we do not recommend syncing your data without carefully considering your Threat Model and your security practices.
Przechwycenie przesyłanych danych przez umiejętnych wrogów mimo że nie łatwe, jest możliwe. Ze względu na to nie zaleca się synchronizacji danych bez wcześniejszego ostrożnego rozważenia zarówno Modelu Zagrożenia, jak i praktyk zabezpieczania. -
Administrators should also familiarize themselves with the Admin Manual.
Administrators should also familiarize themselves with the Admin Manual.
Administratorzy powini również zapoznać się z Admin Manual. -
Finally, we recommend subscribing to the Gibberfish Blog in the News app to keep up to date on important announcements and our canary statement.
Finally, we recommend subscribing to the Gibberfish Blog in the News app to keep up to date on important announcements and our canary statement.
Zaleca się subskrybcję Gibberfish Blog w aplikacji News dla ważnych aktualnych ogłoszeń i świadectw bezpieczeństwa. -
We rely on donations to survive. If you can afford it, please consider making a charitable contribution of any amount at https://gibberfish.org/donate. We will appreciate it immensely. Thanks!
We rely on donations to survive. If you can afford it, please consider making a charitable contribution of any amount at https://gibberfish.org/donate. We will appreciate it immensely. Thanks!
-
For security reasons, we only respond to requests from your registered Administrator. If you have service-related questions, please ask your administrator.
For security reasons, we only respond to requests from your registered Administrator. If you have service-related questions, please ask your administrator.
-
PROFILE
PROFILE
PROFIL -
If this is your first time logging in, you should take a few minutes to fill out your profile, and while you’re there change your passphrase! Click on the colored circle in the upper right corner and choose Personal to edit your profile.
If this is your first time logging in, you should take a few minutes to fill out your profile, and while you’re there change your passphrase! Click on the colored circle in the upper right corner and choose Personal to edit your profile.
-
PASSPHRASES
PASSPHRASES
HASŁA -
TWO-FACTOR AUTHENTICATION
TWO-FACTOR AUTHENTICATION
UWIERZYTELNIENIE DWUCZYNNIKOWE -
Once you’ve changed your passphrase, we also strongly encourage you to enable Two-Factor authentication (“2FA”). This involves installing an app on your mobile device that generates a unique 6-digit code you must enter each time you log in. For someone to hack your account, they would need to know your passphrase and physically possess your phone. This combination keeps you more secure. Because Gibberfish is part of the Nextcloud ecosystem, you can use the Nextcloud 2FA app. This app supports FreeOTP, which can be downloaded in the app store for Android and iOS devices.
Once you’ve changed your passphrase, we also strongly encourage you to enable Two-Factor authentication (“2FA”). This involves installing an app on your mobile device that generates a unique 6-digit code you must enter each time you log in. For someone to hack your account, they would need to know your passphrase and physically possess your phone. This combination keeps you more secure. Because Gibberfish is part of the Nextcloud ecosystem, you can use the Nextcloud 2FA app. This app supports FreeOTP, which can be downloaded in the app store for Android and iOS devices.
-
KEY VAULTS
KEY VAULTS
-
If you’re not already in the habit of doing so, it would be a good idea to store your passphrases in a key vault like KeePass. Key vaults make it easy to securely remember all your passphrases. You will need to lock your key vault itself with a Diceware generated passphrase. In addition, we strongly recommend you enable full-disk encryption on the device storing your key vault.
If you’re not already in the habit of doing so, it would be a good idea to store your passphrases in a key vault like KeePass. Key vaults make it easy to securely remember all your passphrases. You will need to lock your key vault itself with a Diceware generated passphrase. In addition, we strongly recommend you enable full-disk encryption on the device storing your key vault.
-
DIGITAL HYGIENE
DIGITAL HYGIENE
-
Good Digital Hygiene is the consistent use of robust security practices.
Good Digital Hygiene is the consistent use of robust security practices.